Rampart Samples
Basic samples
These samples use parameter based configuration model. This will be a great starting point to get a basic understanding of how WS Security really works.
Policy samples
These samples use WS Security Policy Language for configuration. It is recommended to use policy based configuration model for all production scenarios
Running Samples
Before beginning, please install Rampart as described here.
Now we'll look at how to run the first sample inside samples/policy folder.
- Open a console and change the directory to sample/policy and give the following command. This will start the server at port 8080
- Open a new console and change the directory to sample/policy and type the following command.
$ant service.01
$ant client.01
Congratulations! Now you have executed the first sample. Rest of the samples can be run by changing the sample number.
Samples
| Sample 01 |
UsernameToken Authentication, The policy uses a TransportBinding and requires a SignedSupportingToken which
is a UsernameToken and the inclusion of a TimeStamp.
| Sample 02 |
Sign only, An AsymmetricBinding is used. Entire headers and body to be signed.
Algorithm suite is TripleDesRsa15.
| Sample 03 |
Sign and Encrypt messages, An AsymmetricBinding is used. Entire headers and body to be signed.
EncryptionParts specifies the Body to be encrypted.
| Sample 04 |
SecureConversation , The secure session is bootstrapped using a SymetricBinding which uses derived keys based on an ephemeral key.
Messages in the secure conversation includes a timestamp, all headers are signed along with the timestamp, signature encrypted and body encrypted.
- Policy
- Bootstrap request (RST)
- Bootstrap response (RSTR)
- Request Message
- Response Message
- Cancel request
- Cancel response
| Sample 05 |
WS-Trust - RST - Request Security Token Service - Issuing a SAML token - issuing a token
| Sample 06 |
WS-Trust ( With WS Metada Exchange) - RST - Request Security Token Service - Issuing a SAML token