Author: gawor
Date: Wed Aug 19 15:05:31 2009
New Revision: 805830
URL: http://svn.apache.org/viewvc?rev=805830&view=rev
Log:
Support X.509 signature and ecryption for service references with CXF. Based on
patch from Rahul Mehta (GERONIMO-4642)
Modified:
geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPasswordHandler.java
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPortMethodInterceptor.java
geronimo/server/trunk/pom.xml
Modified:
geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml
URL:
http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml?rev=805830&r1=805829&r2=805830&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml
(original)
+++ geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml Wed
Aug 19 15:05:31 2009
@@ -3,10 +3,15 @@
<module-id>
<groupId>org.apache.geronimo.configs</groupId>
<artifactId>cxf</artifactId>
- <version>2.2-SNAPSHOT</version>
+ <version>3.0-SNAPSHOT</version>
<type>car</type>
</module-id>
<dependency>
+ <groupId>bouncycastle</groupId>
+ <artifactId>bcprov-jdk15</artifactId>
+ <type>jar</type>
+ </dependency>
+ <dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-api</artifactId>
<type>jar</type>
@@ -111,4 +116,14 @@
<artifactId>wss4j</artifactId>
<type>jar</type>
</dependency>
+ <dependency>
+ <groupId>xalan</groupId>
+ <artifactId>serializer</artifactId>
+ <type>jar</type>
+ </dependency>
+ <dependency>
+ <groupId>xalan</groupId>
+ <artifactId>xalan</artifactId>
+ <type>jar</type>
+ </dependency>
</plugin-artifact>
Modified:
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPasswordHandler.java
URL:
http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPasswordHandler.java?rev=805830&r1=805829&r2=805830&view=diff
==============================================================================
---
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPasswordHandler.java
(original)
+++
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPasswordHandler.java
Wed Aug 19 15:05:31 2009
@@ -18,6 +18,8 @@
package org.apache.geronimo.cxf.client;
import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -31,14 +33,17 @@
private static final Logger LOG = LoggerFactory.getLogger(CXFPasswordHandler.class);
- private String password;
+ private Map<String, String> passwords = new HashMap<String, String>();
- public CXFPasswordHandler(String password) {
- this.password = password;
+ public CXFPasswordHandler() {
}
+ public void addPassword(String user, String password) {
+ passwords.put(user, password);
+ }
+
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
- pc.setPassword(this.password);
+ pc.setPassword(passwords.get(pc.getIdentifier()));
}
}
Modified:
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPortMethodInterceptor.java
URL:
http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPortMethodInterceptor.java?rev=805830&r1=805829&r2=805830&view=diff
==============================================================================
---
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPortMethodInterceptor.java
(original)
+++
geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/geronimo/cxf/client/CXFPortMethodInterceptor.java
Wed Aug 19 15:05:31 2009
@@ -41,6 +41,10 @@
private static final String IN_PREFIX = "wss4j.in.";
private static final String OUT_PREFIX = "wss4j.out.";
+ private static final String[] ACTIONS = { WSHandlerConstants.USERNAME_TOKEN,
+ WSHandlerConstants.SIGNATURE,
+ WSHandlerConstants.ENCRYPT };
+
public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap) {
super(seiInfoMap);
}
@@ -98,20 +102,27 @@
private static void updateSecurityProperties(Map<String, Object> properties) {
String action = (String) properties.get(WSHandlerConstants.ACTION);
- if (containsValue(action, WSHandlerConstants.USERNAME_TOKEN) &&
+ if (containsValue(action, ACTIONS) &&
!properties.containsKey(WSHandlerConstants.PW_CALLBACK_CLASS)) {
- String password = (String) properties.get("password");
- properties.put(WSHandlerConstants.PW_CALLBACK_REF,
- new CXFPasswordHandler(password));
+ CXFPasswordHandler handler = new CXFPasswordHandler();
+ handler.addPassword( (String) properties.get("user"),
+ (String) properties.get("password") );
+ handler.addPassword( (String) properties.get("signatureUser"),
+ (String) properties.get("signaturePassword")
);
+ handler.addPassword( (String) properties.get("encryptionUser"),
+ (String) properties.get("encryptionPassword")
);
+ properties.put(WSHandlerConstants.PW_CALLBACK_REF, handler);
}
}
- private static boolean containsValue(String property, String value) {
+ private static boolean containsValue(String property, String[] values) {
if (property != null) {
String[] entries = property.split(" ");
- for (String entry : entries) {
- if (value.equals(entry)) {
- return true;
+ for (String value : values) {
+ for (String entry : entries) {
+ if (value.equals(entry)) {
+ return true;
+ }
}
}
}
Modified: geronimo/server/trunk/pom.xml
URL:
http://svn.apache.org/viewvc/geronimo/server/trunk/pom.xml?rev=805830&r1=805829&r2=805830&view=diff
==============================================================================
--- geronimo/server/trunk/pom.xml (original)
+++ geronimo/server/trunk/pom.xml Wed Aug 19 15:05:31 2009
@@ -754,7 +754,13 @@
<dependency>
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
- <version>2.7.0</version>
+ <version>2.7.1</version>
+ <exclusions>
+ <exclusion>
+ <groupId>xml-apis</groupId>
+ <artifactId>xml-apis</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
@@ -1876,17 +1882,9 @@
<artifactId>saaj-api</artifactId>
</exclusion>
<exclusion>
- <groupId>bouncycastle</groupId>
- <artifactId>bcprov-jdk15</artifactId>
- </exclusion>
- <exclusion>
<groupId>org.opensaml</groupId>
<artifactId>opensaml</artifactId>
</exclusion>
- <exclusion>
- <groupId>xalan</groupId>
- <artifactId>xalan</artifactId>
- </exclusion>
</exclusions>
</dependency>
