Welcome to Apache Rampart/C

Apache Rampart/C is the security module for Apache Axis2/C. It features in many ways to protect SOAP messages exchanged. This includes SOAP message encryption and signature as specified in WS-Security Specification. In addition Apache Rampart/C configurations are based on security policy assertions as per WS-Security Policy specificatoin

Why Apache Rampart/C ?

In distributed computing, web services play a crucial role. But as many distributed systems web services are also vulnerable for security threats. Developers are always struggling to ensure the integrity, confidentiality of messages. Implementing the right security solution can be an expensive and time consuming task. Rampart/C makes the life easier for those who uses Axis2/C, by providing a configurable security module, which protect SOAP messages from such threats.

Latest Release

16th Jan 2008 - Apache Rampart/C Version 1.1.0 Released

Key Features

1. Ability to send and verify UsernameTokens with
   • Username and PlainText password
   • Username and Digested password
2. Ability to send Timestamp tokens
3. SOAP message encryption
   • With derived key support for improved security
   • Symmetric and Asymmetric modes of operations
   • Support for AES and Tripple DES encryption
   • Signature encryption
   • Keys encryption
4. SOAP message signature
   • XML signature with RSA-SHA1
   • Message authentication with HMAC-SHA1
   • Signature confirmation support
   • SOAP Header signing
5. WS-Security Policy (spec 1.1) based configurations
   • Support for both Symmetric as well as Asymmetric policy bindings
   • Support for different modes of key identifiers
   • Support for different algorithm suites
     [Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15, Basic192Rsa15,Basic256Rsa15, TripleDesRsa15]
6. Replay detection support
   • Easy to use built-in replay detection module
   • Ability to deploy a customized replay detection module
7. Different protection orders
   • Encrypt before signing
   • Sign before encrypting
8. Extensible modules
   • Password callback module
   • Authentication module
   • Credentials module
9. Keys management
   • Support for X509 token profile
   • Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded and Direct references
10. Other
    • Easy to use deployment scripts
    • A comprehensive set of samples

Major Changes Since Last Release

1. MAC support with HMAC-SHA1
2. Derrived key encryption
3. Derived key signing
4. Symmetric policy bindings
5. New security header processor based on SOAP header layout
6. Security policy validator
7. Extensible Replay detection module
8. Signature confirmation support
9. Support for X509 thumb prints
10. Easy to use deployment scripts
11. Memory leak fixes
12. Many bug fixes

Archived News

News on previous Rampart/C releases.