diff options
Diffstat (limited to 'tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml')
| -rw-r--r-- | tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml | 222 |
1 files changed, 222 insertions, 0 deletions
diff --git a/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml new file mode 100644 index 0000000000..8f7016b1d2 --- /dev/null +++ b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml @@ -0,0 +1,222 @@ +<?xml version="1.0" encoding="ASCII"?>
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+-->
+<definitions xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ targetNamespace="http://tuscany.apache.org/xmlns/sca/1.0/policy/ws"
+ xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0">
+
+<!-- Extension Types Metadata -->
+<implementationType type="sca:implementation.java" alwaysProvides="logging"
+ mayProvide="tracing"/>
+<bindingType type="sca:binding.ws" alwaysProvides="confidentiality"
+ mayProvide="integrity"/>
+
+ <!-- qualified intents -->
+ <intent name="wsAuthentication"
+ constrains="sca:binding.ws">
+ <description>
+ Communitcation thro this binding required Authentication.
+ </description>
+ </intent>
+
+ <!-- POLICY SETS -->
+ <policySet name="wsAuthenticationPolicy"
+ provides="wsAuthentication"
+ appliesTo="sca:binding.ws">
+ <tuscany:wsConfigParam>
+ <parameter name="InflowSecurity">
+ <action>
+ <items>UsernameToken</items>
+ <passwordCallbackClass>org.apache.tuscany.sca.policy.security.ws.PWCBHandler</passwordCallbackClass>
+ </action>
+ </parameter>
+ </tuscany:wsConfigParam>
+ </policySet>
+
+ <policySet name="wsClientAuthenticationPolicy"
+ provides="wsAuthentication"
+ appliesTo="sca:binding.ws">
+ <tuscany:wsConfigParam>
+ <parameter name="OutflowSecurity">
+ <action>
+ <items>UsernameToken</items>
+ <user>TuscanyWsUser</user>
+ <passwordCallbackClass>org.apache.tuscany.sca.policy.security.ws.PWCBHandler</passwordCallbackClass>" +
+ <passwordType>PasswordText</passwordType>
+ </action>
+ </parameter>
+ </tuscany:wsConfigParam>
+ </policySet>
+
+ <policySet name="SecureMessagingPolicies"
+ provides="confidentiality"
+ appliesTo="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <intentMap provides="confidentiality" default="transport">
+ <qualifier name="transport">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "transport" alternative -->
+ </wsp:PolicyAttachment>
+ <wsp:PolicyAttachment>...</wsp:PolicyAttachment>
+ </qualifier>
+ <qualifier name="message">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "message" alternative" -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+</policySet>
+
+<policySet name="SecurityPolicy" provides="confidentiality"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" >
+ <intentMap provides="confidentiality" default="message">
+ <qualifier name="message">
+ <intentMap provides="message" default="whole">
+ <qualifier name="body">
+ <wsp:PolicyAttachment>
+ <!-- policy attachment for body encryption -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ <qualifier name="whole">
+ <wsp:PolicyAttachment>
+ <!-- policy attachment for whole message encryption -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+ </qualifier>
+ <qualifier name="transport">
+ <wsp:PolicyAttachment>
+ <!-- policy attachment for transport encryption -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+</policySet>
+
+<policySet name="BasicAuthMsgProtSecurity"
+ provides="authentication confidentiality"
+ appliesTo="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0">
+ <policySetReference name="AuthenticationPolicies"/>
+ <policySetReference name="ConfidentialityPolicies"/>
+</policySet>
+
+<policySet name="AuthenticationPolicies"
+ provides="authentication"
+ appliesTo="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "basic
+ authentication" -->
+ </wsp:PolicyAttachment>
+</policySet>
+
+<policySet name="ConfidentialityPolicies"
+ provides="confidentiality"
+ bindings="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <intentMap provides="confidentiality" default="transport">
+ <qualifier name="transport">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "transport"
+ alternative -->
+ </wsp:PolicyAttachment>
+ <wsp:PolicyAttachment>...</wsp:PolicyAttachment>
+ </qualifier>
+ <qualifier name="message">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "message"
+ alternative" -->...
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+</policySet>
+
+<policySet name="SecureWSPolicy"
+ provides="confidentiality"
+ appliesTo="sca:binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2002/12/secext"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:Policy>
+ <sp:Timestamp />
+ </wsp:Policy>
+ </policySet>
+
+<!-- profile intent -->
+ <intent name="reliableMessageProtection"
+ constrains="sca:binding"
+ requires="messageProtection">
+ <description>
+ Protect messages from unauthorized reading or modification
+ </description>
+ </intent>
+
+ <intent name="messageProtection"
+ constrains="sca:binding"
+ requires="confidentiality integrity">
+ <description>
+ Protect messages from unauthorized reading or modification
+ </description>
+ </intent>
+
+<!-- simple intent -->
+ <intent name="confidentiality"
+ constrains="sca:binding">
+ <description>
+ Communitcation thro this binding must prevent
+ unauthorized users from reading the messages.
+ </description>
+ </intent>
+
+ <intent name="integrity"
+ constrains="sca:binding">
+ <description>
+ Communitcation thro this binding must prevent
+ unauthorized modification of the messages.
+ </description>
+ </intent>
+
+ <intent name="authentication"
+ constrains="sca:binding">
+ <description>
+ Communitcation thro this binding required
+ Authentication.
+ </description>
+ </intent>
+
+ <intent name="logging"
+ constrains="sca:implementation">
+ <description>
+ All messages to and from this implementation must be logged
+ </description>
+ </intent>
+
+ <intent name="tracing"
+ constrains="sca:implementation.java">
+ <description>
+ Need to figure out some description for this
+ </description>
+ </intent>
+
+</definitions>
\ No newline at end of file |