NAME
XML::Compile::WSS - OASIS Web Services Security
INHERITANCE
XML::Compile::WSS is extended by
XML::Compile::WSS::BasicAuth
XML::Compile::WSS::Signature
XML::Compile::WSS::Timestamp
SYNOPSIS
# This modules can be used "stand-alone" ==>
my $schema = XML::Compile::Cache->new(...);
my $auth = XML::Compile::WSS::BasicAuth->new
(schema => $schema, username => $user, ...);
my $elem = $auth->create($doc, $data);
# ==> or as SOAP slave
my $wss = XML::Compile::SOAP::WSS->new;
my $wsdl = XML::Compile::WSDL11->new($wsdlfn);
my $auth = $wss->basicAuth(username => $user, ...); # once!
# SOAP call, compile on demand
my $answer = $wsdl->call($operation, wsse_Security => $auth, %data);
# same, because "all" defined is default, $auth is in 'all'
my $answer = $wsdl->call($operation, %data);
# or SOAP call, explicit compile
my $call = $wsdl->compileClient($operation);
my $answer = $call->(%data);
DESCRIPTION
The Web Services Security working group of W3C develops a set of standards which add signatures and encryption to XML.
This module implements features in the Security
header. One header may contain more than one of these features:
timestamps in XML::Compile::WSS::Timestamp
username/password authentication in XML::Compile::WSS::BasicAuth
signing of the body in XML::Compile::WSS::Signature
encryption is not yet supported. Please hire me to get it implemented.
Furthermore
you will certainly need the constants from XML::Compile::WSS::Util.
for SOAP use XML::Compile::SOAP::WSS to create above features.
METHODS
Constructors
- XML::Compile::WSS->new(OPTIONS)
-
-Option --Default prepare 'ALL' schema undef version undef wss_version <required>
- prepare => 'READER'|'WRITER'|'ALL'|'NONE'
- schema => an XML::Compile::Cache object
-
Add the WSS extension information to the provided schema. If not provided at instantiation, you have to call loadSchemas() before compiling readers and writers.
- version => STRING
-
Alternative for
wss_version
, but not always as clear. - wss_version => '1.1'|MODULE
-
[1.0] Explicitly state which version WSS needs to be produced. You may use a version number. You may also use the MODULE name, which is a namespace constant, provided via
::Util
. The only option is currentlyWSS11MODULE
.
Attributes
- $obj->schema()
-
Returns the schema used to implement this feature.
- $obj->wssVersion()
-
Returns the version number.
Apply
- $obj->check(SECURITY)
-
Check whether received SECURITY information is correct. Each active WSS feature must check whether it finds information for it.
- $obj->create(DOC, SECURITY, DATA)
-
Adds some WSS element to SECURITY. The DATA is the structure which is passed to some writer (for instance, the DATA which the user passes to the SOAP call). There is quite some flexibility in that structure, so should not be used, in general.
Helpers
- $obj->dateTime(TIME|STRING|HASH)
-
Returns a structure which can be used as timestamp, for instance in
Created
andExpires
fields. This helper function will help you use these timestamp fields correctly.The WSU10 specification defines a free format timestamp. Of course, that is very impractical. Typically a "design by committee" decission. Also, the standard does not describe the ValueType field, which is often used to cover this design mistake.
example:
# Both will get ValueType="$xsd/dateTime" Created => time() # will get formatted Created => '2012-10-14T22:26:21Z' # autodected ValueType # Explicit formatting Created => { _ => 'this Christmas' , ValueType => 'http://per6.org/releasedates' }; # No ValueType added Created => '2012-11-01'
Internals
- $obj->loadSchemas(SCHEMA, VERSION)
- XML::Compile::WSS->loadSchemas(SCHEMA, VERSION)
-
SCHEMA must extend XML::Compile::Cache.
The SCHEMA settings will may changed a little. For one, the
allow_undeclared
flag will be set. Also,any_element
will be set to 'ATTEMPT' andmixed_elements
to 'STRUCTURAL'.You can not mix multiple versions of WSS inside one SCHEMA, because there will be too much confusion about prefixes.
- $obj->writerHookWsuId(TYPE)
-
Creates a hook for an XML producer (writer), to understand wsu:Id on elements of TYPE.
DETAILS
Specifications
A huge number of specifications act in this field. Every self respecting company has contributed its own implementation into the field. A lot of this is not supported, but the list of constants should be complete in XML::Compile::WSS::Util.
XML Security Generic Hybrid Ciphers
http://www.w3.org/TR/2011/CR-xmlsec-generic-hybrid-20110303/, 3 March 2011
XML Signature Properties
http://www.w3.org/TR/2011/CR-xmldsig-properties-20110303/, 3 March 2011
XML Signature Syntax and Processing Version 1.1
http://www.w3.org/TR/2011/CR-xmldsig-core1-20110303/, 3 March 2011
SOAP message security
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf, March 2004
XML Signature Syntax and Processing (Second Edition)
http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/, 10 June 2008
RFC4050 Using the ECDSA for XML Digital Signatures
http://www.ietf.org/rfc/rfc4050.txt, april 2005
RFC4051 Additional XML Security Uniform Resource Identifiers (URIs)
http://www.ietf.org/rfc/rfc4051.txt, april 2005
XML Encryption Syntax and Processing
http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/, 10 December 2002
SEE ALSO
This module is part of XML-Compile-WSS distribution version 1.09, built on October 11, 2013. Website: http://perl.overmeer.net/xml-compile/
Other distributions in this suite: XML::Compile, XML::Compile::SOAP, XML::Compile::SOAP12, XML::Compile::SOAP::Daemon, XML::Compile::SOAP::WSA, XML::Compile::C14N, XML::Compile::WSS, XML::Compile::WSS::Signature, XML::Compile::Tester, XML::Compile::Cache, XML::Compile::Dumper, XML::Compile::RPC, XML::Rewrite and XML::LibXML::Simple.
Please post questions or ideas to the mailinglist at http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/xml-compile . For live contact with other developers, visit the #xml-compile
channel on irc.perl.org
.
LICENSE
Copyrights 2011-2013 by [Mark Overmeer]. For other contributors see ChangeLog.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See http://www.perl.com/perl/misc/Artistic.html