Proxy Authentication on Axis2/C

I believe that it is better to have a brief analysis on Proxy "Basic" Authentication support, which was lately added into Axis2/C.

THE REASON
The main reason behind implementing Proxy Authentication was due to a user request made on the Axis2/C JIRA, which was in fact a major improvement. This is due to the widespread use of proxies in the corporate environment where Axis2/C deployment is mainly targeted.

THE ANSWER
I have implemented Proxy "Basic" Authentication and am presently working on Digest Authentication so that the requirement would be addressed. The basis of this implementation is the RFC2617, which describes authentication requirements in general.
I have added several mechanisms of setting up proxy authentication in Axis2/C clients, which can be found on the Axis2/C Manual.

THE ADVANTAGES
In the current implementation their are some added benefits with respect to Proxy "Basic" Authentication. They are,

• Ability to authenticate blind proxies
• Ability to globally or locally set-up authentication
• Preemptive authentication support
• Client API integration
  

Why CURL shouldn't be the 1st choice in Axis2/C

There have been quite an amount of concerns regarding, making CURL's library for HTTP Transport in C, LibCURL the first choice for our HTTP Sender as well as the HTTP Responder in the Axis2/C engine. Thus, the interest is to make the engine do the processing up to Layer IV and get CURL to handle Layer IV. This fact is strongly supported by means explaining the advantages of CURL's widespread implementation support for HTTP Transport.

However, Axis2/C is an engine designed to port to multiple platforms ranging from Mainframe to Mobile computers, and thus making it the widest as well as the most feature rich Web Services Engine written in C. Thus, I, for several reasons, believe, CURL shouldn't be our 1st choice in terms of transport, as it,

1. Introduces an additional dependency (MS Windows is a good example).
2. Might have issues in terms of mobile platforms.
3. Lesser control over the transport layer.
4. Threading issues that may crop up.
5. License issues that may change in time.
6. Dependency on CURL's performance.
7. Additional size in binary distributions.
   

These are only a few examples. Dinesh, has written a nice article to why he believes CURL must be made the 1st choice at [1]. Samisa, has replied to Dinesh, explaining why CURL should not be the 1st choice at [2]. This discussion is open for anybody else who wishes to contribute.

[1] http://nethu.org/2008/01/14/axis2c-default-http-transport-should-be-libcurl-based/
[2] http://wso2.org/mailarchive/wsf-c-dev/2008-January/003101.html

Are we getting back what we paid for?

Today I watched "Shrek The Halls" or Shrek 3.5, which apparently lasted for only 20min. I was expecting at least something memorable, where as I got some king-sized burps and donkey 'n family greeting cards. Well, if I were a little kid I might have thought that it was fun to watch it, I don't think I had enough.

Comparing it against the last Shrek, "Shrek the 3rd", which made a fool of Arthurian Legends, I don't think that this movie seems to have a bright future if they are going to do this in this manner.

I'm utterly displeased with what I saw... Both Thumbs Down!!!

Using GPG to generate a KEY to Sign a Release

Initially I had a hard time figuring out how to use GnuPG to create a public/private key pair to sign releases. I fortunately had a friend at office who has done that before, who helped me out in getting it done. Thanks Asankha @ WSO2. To save another person's valuable time, I thought of blogging the procedure. Please replace text inside square brackets with your own data, if required, whilst others will be generated for you. I have used RSA as the signing/encrypting algorithm.

STEP 1: Create a Public Key

gpg --gen-key

Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 5
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 2y
Key expires at [TIME]
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "

Real name: [NAME]
Email address: [E-MAIL]
Comment: [COMMENT]
You selected this USER-ID:
[ID]

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.


STEP 2: Create a SubKey

gpg --edit-key [ID] addkey

Please select what kind of key you want:
(2) DSA (sign only)
(4) Elgamal (encrypt only)
(5) RSA (sign only)
(6) RSA (encrypt only)
Your selection? 6
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 2y
Key expires at [TIME]
Is this correct? (y/N) y
Really create? (y/N) y

MD5 support integrated to Axis2/C

Apache Axis2/C a fully fledged SOAP processing Web Service Engine, lacked one very important feature in the past. That was the ability to generate digest checksums. In order to sort this out, OpenSSL a common SSL extension was used as it had integrated support for generating digest checksums. I was able to develop a utility capable of generating md5 (Message Digest Algorithm) checksums based on rfc1321.

With this inclusion, I also added support for generating checksums of files and also a test-case for testing md5 operation. Now, we can look forward for another major inclusion to our client-side. That is the inherent support for handling HTTP Digest Authentication.

The ability of generating md5 checksums for files is exposed through a command line utility, md5, which can be found inside the bin/tools directory at the deployment (installation) location.

I would like to sincerely thank Ronald Rivest in his approach in making md5 a reality.

Thrown by Exceptions

Today I was working on the Exception Handling mechanism of WSO2 WSF/C++, and ran into a great deal of trouble. Things started going downhill after I discovered that an exception object created on the runtime stack is copied shallow when it is accessed using a pointer in C++ leading me to nothing better than extreme misery. :)...

However, it would have been simple if I could actually use a copy constructor in my code. But, making things so worse, I didn't have a way of using a copy constructor as I decided not to export class symbols of the base classes.

Anyway, towards the end of the day, fortune just struck me when I finally realized that c++ did have another type of parameter passing using the magical '&' operator unlike C.

Understanding the hardships I had with not having adequate information on the internet, or at least not having a way to search for them, I decided to post my solution so that at least someone else would benefit by reading it.