Google Git
Sign in
apache / axis-axis2-c-rampart / a15373e2853a13f1c864dd96a55355923733317d / . / xdocs / archived_news.html
blob: 681428716dee3367eb1a8d98e5d7a4d733e3b172 [file] [log] [blame]
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Archived News</title>
</head>
<body xml:lang="en">
<h1>Apache Ramaprt/C Archived News</h1>
<p>This page contains information on previous releases running up to the
latest.</p>
<a id="1.2.0"></a>
<h3>13th May 2008 - Apache Rampart/C Version 1.2.0 Released</h3>
<a href="http://ws.apache.org/rampart/c/download.cgi">Download 1.2</a>
<h4>Key Features</h4>
<ol>
<li>Ability to send and verify UsernameTokens with
<ul>
<li>Username and PlainText password
<li>Username and Digested password
</ul>
<li>Ability to send Timestamp tokens
<li>SOAP message encryption
<ul>
<li> With derived key support for improved security
<li> Symmetric and Asymmetric modes of operations
<li> Support for AES and Tripple DES encryption
<li> Signature encryption
<li> Keys encryption
</ul>
<li>SOAP message signature
<ul>
<li> XML signature with RSA-SHA1
<li> Message authentication with HMAC-SHA1
<li> Signature confirmation support
<li> SOAP Header signing
</ul>
<li>WS-Security Policy (spec 1.1) based configurations
<ul>
<li> Support for both Symmetric as well as Asymmetric policy bindings
<li> Support for different modes of key identifiers
<li> Support for different algorithm suites<br>
[Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15, Basic192Rsa15,Basic256Rsa15, TripleDesRsa15]
</ul>
<li>Replay detection support
<ul>
<li> Easy to use built-in replay detection module
<li> Ability to deploy a customized replay detection module
</ul>
<li>Different protection orders
<ul>
<li> Encrypt before signing
<li> Sign before encrypting
</ul>
<li>Extensible modules
<ul>
<li> Password callback module
<li> Authentication module
<li> Credentials module
</ul>
<li>Keys management
<ul>
<li> Support for X509 token profile
<li> Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded and Direct references
</ul>
<li> WS-Secure Conversation Language support (Experimental)
<ul>
<li> Establishing Security Context and thereby maintaining a session
<li> Per message key derivation
<li> Support for stored securtiy context token
</ul>
<li> WS-Trust Language support (Experimental)
<ul>
<li> Security Token Services (STS)
<li> STS Client
<li> Server and Client entrophy support
</ul>
<li>Other
<ul>
<li> Easy to use deployment scripts
<li> A comprehensive set of samples
</ul>
</ol>
</div><div class="subsection"><a name="Major_Changes_Since_Last_Release"></a><h3>Major Changes Since Last Release</h3><p>
<ol>
<li> WS-Secure Conversation Language support (Experimental)
<li> WS-Trust Language support (Experimental)
<li> SAML Support
<li> Memory leak fixes</li>
<li> Many bug fixes</li>
</ol>
<a id="1.1.0"></a>
<h3>16th Jan 2008 - Apache Rampart/C Version 1.1 Released</h3>
<a href='http://ws.apache.org/rampart/c/download.cgi'>Download 1.1</a>
<h4>Key Features</h4>
<ol>
<li>Ability to send and verify UsernameTokens with
<ul>
<li>Username and PlainText password
</li><li>Username and Digested password
</li></ul>
</li><li>Ability to send Timestamp tokens
</li><li>SOAP message encryption
<ul>
<li> With derived key support for improved security
</li><li> Symmetric and Asymmetric modes of operations
</li><li> Support for AES and Tripple DES encryption
</li><li> Signature encryption
</li><li> Keys encryption
</li></ul>
</li><li>SOAP message signature
<ul>
<li> XML signature with RSA-SHA1
</li><li> Message authentication with HMAC-SHA1
</li><li> Signature confirmation support
</li><li> SOAP Header signing
</li></ul>
</li><li>WS-Security Policy (spec 1.1) based configurations
<ul>
<li> Support for both Symmetric as well as Asymmetric policy bindings
</li><li> Support for different modes of key identifiers
</li><li> Support for different algorithm suites<br></br>
[Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15, Basic192Rsa15,Basic256Rsa15, TripleDesRsa15]
</li></ul>
</li><li>Replay detection support
<ul>
<li> Easy to use built-in replay detection module
</li><li> Ability to deploy a customized replay detection module
</li></ul>
</li><li>Different protection orders
<ul>
<li> Encrypt before signing
</li><li> Sign before encrypting
</li></ul>
</li><li>Extensible modules
<ul>
<li> Password callback module
</li><li> Authentication module
</li><li> Credentials module
</li></ul>
</li><li>Keys management
<ul>
<li> Support for X509 token profile
</li><li> Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded and Direct references
</li></ul>
</li><li>Other
<ul>
<li> Easy to use deployment scripts
</li><li> A comprehensive set of samples
</li></ul>
</li></ol></div><div class="subsection"><a name="Major_Changes_Since_Last_Release"></a><h3>Major Changes Since Last Release</h3><p>
<ol>
<li> MAC support with HMAC-SHA1
</li><li>Derrived key encryption
</li><li>Derived key signing
</li><li>Symmetric policy bindings
</li><li>New security header processor based on SOAP header layout
</li><li>Security policy validator
</li><li>Extensible Replay detection module
</li><li>Signature confirmation support
</li><li>Support for X509 thumb prints
</li><li>Easy to use deployment scripts
</li><li>Memory leak fixes</li>
<li>Many bug fixes</li>
</ol>
<a id="1.0.0"></a>
<h3>05th Oct 2007 - Apache Rampart/C Version 1.0 Released</h3>
<a href='http://ws.apache.org/rampart/c/download.cgi'>Download 1.0</a>
<h4>Key Features</h4>
<ol>
<li><strong>SOAP message encryption</strong> : Allows different parts of a SOAP message to be encrypted to keep the confidentiality of the message</li>
<li><strong>SOAP message signature</strong> : Allows different parts of a SOAP message to be signed to keep the integrity of the message</li>
<li>Ability to send and verify <strong>UsernameTokens</strong> with</li>
<ol>
<li>PlainText password</li>
<li>Digested password</li>
<br>Allows users to send Username tokens for authentication purposes as per Web services security username token profile
</ol>
<li>Ability to send <strong>Timestamp tokens</strong> : Allows users to add timestamps to their SOAP messages in order to ensure the freshness</li>
<li>WS-Security Policy (spec 1.1) Policy based configurations as per WS-Security Policy : Allows users to express their security related requirements and constraints</li>
<li>Replay detection support</li>
<li>Improvements to the context model</li>
<li>Authentication module implementation</li>
<li>Credentials module implementation</li>
<li>Improvements to Key/Certificate loading mechanisms</li>
<li>Easy to use deployment scripts</li>
</ol>
<a id="0.90"></a>
<h3>11th May 2007 - Apache Rampart/C Version 0.90 Released</h3>
<a href='http://ws.apache.org/rampart/c/download.cgi'>Download 0.90</a>
<h4>Key Features</h4>
<ol>
<li><strong>SOAP message encryption</strong> : Allows different parts of the body of SOAP message to be encrypted to keep the confidentiality of the message</li>
<li><strong>SOAP message signature</strong> : Allows different parts of a SOAP message to be signed to keep the integrity of the message</li>
<li>Ability to send and verify <strong>UsernameTokens</strong> with</li>
<ol>
<li>PlainText password</li>
<li>Digested password</li>
<br>Allows users to send Username tokens for authentication purposes as per Web services security username token profile
</ol>
<li>Ability to send <strong>Timestamp tokens</strong> : Allows users to add timestamps to their SOAP messages in order to ensure the freshness</li>
<li><strong>Policy based configurations</strong>: Allows clients and services to express their security related requirements and constraints</li>
</ol>
</body>
</html>