Apache Rampart/C 1.3.0 릴리즈

Apache Rampart/C 1.3.0이 릴리즈 되었습니다.

이 릴리즈는 아래 주소에서 다운로드 받으실 수 있습니다.
http://ws.apache.org/rampart/c/download.cgi

특징요약
-------------

1. Ability to send and verify UsernameTokens with
   - Username and PlainText password
   - Username and Digested password

2. Ability to send Timestamp tokens

3. SOAP message encryption
   - With derived key support for improved security
   - Symmetric and Asymmetric modes of operations
   - Support for AES and Tripple DES encryption
   - Signature encryption
   - Keys encryption

4. SOAP message signature
   - XML signature with RSA-SHA1
   - Message authentication with HMAC-SHA1
   - Signature confirmation support
   - SOAP Header signing

5. WS-Security Policy (spec 1.1 & spec 1.2) based configurations
   - Support for both Symmetric as well as Asymmetric policy bindings
   - Support for different modes of key identifiers
   - Support for different algorithm suites
     [Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15, Basic192Rsa15,Basic256Rsa15, TripleDesRsa15]
   - Support for IssuedToken assertion in client side.
   - Support for SAMLToken assertion.

6. Replay detection support
   - Easy to use built-in replay detection module
   - Ability to deploy a customized replay detection module

7. Different protection orders
   - Encrypt before signing
   - Sign before encrypting

8. Extensible modules
   - Password callback module
   - Authentication module
   - Credentials module
   - Replay detection module
   - Secure conversation token module

9. Keys management
   - Support for X509 token profile
   - Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded and Direct references
   - Support for PKCS12 keystore

10. WS-Secure Conversation Language support
   - Establishing Security Context and thereby maintaining a session
   - Per message key derivation
   - Support for stored securtiy context token
   - Rahas module support to give STS functionality to a service

11. WS-Trust Language support
   - Security Token Services (STS)
   - STS Client
   - Server and Client entrophy support

12. SAML Support
   - Support for Creation and Processing of SAML Core 1.1 Assertions
   - SAML Token as Sign Supporting Token
   - Signing and Encryption with SAML

13. Other
   - Easy to use deployment scripts
   - A comprehensive set of samples

지난 릴리즈에 비해 개선된 내역
--------------------------------

1. WS-Secure Conversation Language support
2. WS-Trust Language support
3. Rahas module to give STS support to a service
4. PKCS12 Keystore support
5. Security Policy 1.2 support
6. Memory leak fixes
7. Many bug fixes

Apache Rampart/C 1.3.0은  Apache Axis2/C 1.6.0과 함께 동작합니다.
http://ws.apache.org/axis2/c/download.cgi

보고된 각종 이슈들은 아래 주소에서 확인하실 수 있습니다.
http://issues.apache.org/jira/browse/RAMPARTC

감사합니다.

--Apache Rampart/C Team--
http://ws.apache.org/rampart/c/

Apache Rampart/C

Apache Rampart/C는 Apache Axis2/C를 위한 보안모듈(security module)로써, 이 모듈은 SOAP 메시지 교환(messages exchanged) 프로젝트를 위한 SOAP 메시지 인크립션(encryption)과 WS-Security 규정(Specification)의 기술(specified)과 같은 서명(signature)과 같은 여러가지 기능으로 구성되어 있습니다.

Apache Rampart/C 설정(configuration) 또한 WS-Security 정책 규정(Policy specificatoin)을 기반으로 구성되어 있습니다.