Author: ruchithf
Date: Sun Oct 1 21:28:41 2006
New Revision: 451877
URL: http://svn.apache.org/viewvc?view=rev&rev=451877
Log:
Added code for interop scenario 4.1 and fixed a few token reference issues in
RampartBasedSecurityManager.
Added:
webservices/sandesha/trunk/java/interop/conf/sec-client-policy.xml
webservices/sandesha/trunk/java/interop/conf/sec-services.xml
webservices/sandesha/trunk/java/interop/conf/store.jks (with props)
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/PWCallback.java
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/rm1_1_clients/Scenario_4_1.java
Modified:
webservices/sandesha/trunk/java/config/client_axis2.xml
webservices/sandesha/trunk/java/config/server_axis2.xml
webservices/sandesha/trunk/java/maven.xml
webservices/sandesha/trunk/java/project.properties
webservices/sandesha/trunk/java/project.xml
webservices/sandesha/trunk/java/samples/src/sandesha2/samples/simpleServer/SimpleSandesha2Server.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java
Modified: webservices/sandesha/trunk/java/config/client_axis2.xml
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/config/client_axis2.xml?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
--- webservices/sandesha/trunk/java/config/client_axis2.xml (original)
+++ webservices/sandesha/trunk/java/config/client_axis2.xml Sun Oct 1 21:28:41
2006
@@ -151,6 +151,7 @@
<!--these phase will run irrespective of the service-->
<phase name="PolicyDetermination"/>
<phase name="MessageOut"/>
+ <phase name="Security"/>
</phaseOrder>
<phaseOrder type="INfaultflow">
<phase name="PreDispatch"/>
Modified: webservices/sandesha/trunk/java/config/server_axis2.xml
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/config/server_axis2.xml?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
--- webservices/sandesha/trunk/java/config/server_axis2.xml (original)
+++ webservices/sandesha/trunk/java/config/server_axis2.xml Sun Oct 1 21:28:41
2006
@@ -151,6 +151,7 @@
<!--these phase will run irrespective of the service-->
<phase name="PolicyDetermination"/>
<phase name="MessageOut"/>
+ <phase name="Security"/>
</phaseOrder>
<phaseOrder type="INfaultflow">
<phase name="PreDispatch"/>
Added: webservices/sandesha/trunk/java/interop/conf/sec-client-policy.xml
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/interop/conf/sec-client-policy.xml?view=auto&rev=451877
==============================================================================
--- webservices/sandesha/trunk/java/interop/conf/sec-client-policy.xml (added)
+++ webservices/sandesha/trunk/java/interop/conf/sec-client-policy.xml Sun Oct
1 21:28:41 2006
@@ -0,0 +1,180 @@
+<wsp:Policy wsu:Id="Scenario51Policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy>
+
<sp:EncryptedParts>
+
<sp:Body/>
+
</sp:EncryptedParts>
+
<sp:AsymmetricBinding>
+
<wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+
</wsp:Policy>
+
</sp:AsymmetricBinding>
+
<sp:Wss10>
+
<wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefIssuerSerial/>
+
</wsp:Policy>
+
</sp:Wss10>
+
<sp:Trust10>
+
<wsp:Policy>
+
<sp:MustSupportIssuedTokens/>
+
<sp:RequireClientEntropy/>
+
<sp:RequireServerEntropy/>
+
</wsp:Policy>
+
</sp:Trust10>
+
</wsp:Policy>
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+
</sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+
+ <sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>bob</ramp:user>
+ <ramp:encryptionUser>alice</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>org.apache.sandesha2.interop.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">interop/conf/store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">interop/conf/store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ <ramp:tokenIssuerPolicy>
+ <wsp:Policy wsu:Id="Scenario51Policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:AsymmetricBinding>
+ <wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10>
+ <wsp:Policy>
+
<sp:MustSupportIssuedTokens/>
+
<sp:RequireClientEntropy/>
+
<sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </ramp:tokenIssuerPolicy>
+ </ramp:RampartConfig>
+ </wsp:All>
+</wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/sandesha/trunk/java/interop/conf/sec-services.xml
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/interop/conf/sec-services.xml?view=auto&rev=451877
==============================================================================
--- webservices/sandesha/trunk/java/interop/conf/sec-services.xml (added)
+++ webservices/sandesha/trunk/java/interop/conf/sec-services.xml Sun Oct 1
21:28:41 2006
@@ -0,0 +1,268 @@
+<!-- This file was auto-generated from WSDL -->
+<!-- by the Apache Axis2 version: #axisVersion# #today# -->
+<service name="SecRMInteropService">
+
+ <module ref="sandesha2" />
+ <module ref="rampart"/>
+ <module ref="rahas"/>
+
+ <messageReceivers>
+ <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out";
+
class="org.apache.sandesha2.interop.RMInteropServiceMessageReceiverInOut" />
+ <messageReceiver
+ mep="http://www.w3.org/2004/08/wsdl/in-only";
+
class="org.apache.sandesha2.interop.RMInteropServiceMessageReceiverInOnly" />
+ </messageReceivers>
+
+ <parameter locked="false" name="ServiceClass">
+ org.apache.sandesha2.interop.RMInteropServiceSkeletonImpl
+ </parameter>
+ <operation name="EchoString"
+ mep="http://www.w3.org/2004/08/wsdl/in-out";>
+ <actionMapping>urn:wsrm:EchoString</actionMapping>
+ <outputActionMapping>
+ urn:wsrm:EchoStringResponse
+ </outputActionMapping>
+ </operation>
+ <operation name="Ping"
+ mep="http://www.w3.org/2004/08/wsdl/in-only";>
+ <actionMapping>urn:wsrm:Ping</actionMapping>
+ </operation>
+ <operation name="echoString"
+ mep="http://www.w3.org/2004/08/wsdl/in-out";>
+ <actionMapping>urn:wsrm:EchoString</actionMapping>
+ <outputActionMapping>
+ urn:wsrm:EchoStringResponse
+ </outputActionMapping>
+ </operation>
+ <operation name="ping"
+ mep="http://www.w3.org/2004/08/wsdl/in-only";>
+ <actionMapping>urn:wsrm:Ping</actionMapping>
+ </operation>
+
+
+ <!-- Rampart and Rahas configurations -->
+ <wsp:Policy wsu:Id="Scenario51Policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy>
+
<sp:EncryptedParts>
+
<sp:Body/>
+
</sp:EncryptedParts>
+
<sp:AsymmetricBinding>
+
<wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+
</wsp:Policy>
+
</sp:AsymmetricBinding>
+
<sp:Wss10>
+
<wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefIssuerSerial/>
+
</wsp:Policy>
+
</sp:Wss10>
+
<sp:Trust10>
+
<wsp:Policy>
+
<sp:MustSupportIssuedTokens/>
+
<sp:RequireClientEntropy/>
+
<sp:RequireServerEntropy/>
+
</wsp:Policy>
+
</sp:Trust10>
+
</wsp:Policy>
+
</sp:BootstrapPolicy>
+
</wsp:Policy>
+
</sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+
+ <sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>bob</ramp:user>
+ <ramp:encryptionUser>alice</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>org.apache.sandesha2.interop.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ <ramp:tokenIssuerPolicy>
+ <wsp:Policy wsu:Id="Scenario51Policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+
+
<sp:EncryptedParts>
+
<sp:Body/>
+
</sp:EncryptedParts>
+
<sp:AsymmetricBinding>
+
<wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+
</wsp:Policy>
+
</sp:AsymmetricBinding>
+ <sp:Wss10>
+
<wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefIssuerSerial/>
+
</wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10>
+
<wsp:Policy>
+
<sp:MustSupportIssuedTokens/>
+
<sp:RequireClientEntropy/>
+
<sp:RequireServerEntropy/>
+
</wsp:Policy>
+ </sp:Trust10>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </ramp:tokenIssuerPolicy>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+
+ <parameter name="sct-issuer-config">
+ <sct-issuer-config>
+ <cryptoProperties>
+ <crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property
name="org.apache.ws.security.crypto.merlin.file">store.jks</property>
+ <property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</property>
+ </crypto>
+ </cryptoProperties>
+ <addRequestedAttachedRef />
+ <addRequestedUnattachedRef />
+
+ <!--
+ Key computation mechanism
+ 1 - Use Request Entropy
+ 2 - Provide Entropy
+ 3 - Use Own Key
+ -->
+ <keyComputation>2</keyComputation>
+
+ <!--
+ proofKeyType element is valid only if the keyComputation is set
to 3
+ i.e. Use Own Key
+
+ Valid values are: EncryptedKey & BinarySecret
+ -->
+ <proofKeyType>BinarySecret</proofKeyType>
+ </sct-issuer-config>
+ </parameter>
+
+ <parameter name="token-canceler-config">
+ <token-canceler-config>
+ <!--<proofToken>EncryptedKey</proofToken>-->
+
<!--<cryptoProperties>sctIssuer.properties</cryptoProperties>-->
+ <!--<addRequestedAttachedRef />-->
+ </token-canceler-config>
+ </parameter>
+
+
+</service>
+
Added: webservices/sandesha/trunk/java/interop/conf/store.jks
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/interop/conf/store.jks?view=auto&rev=451877
==============================================================================
Binary file - no diff available.
Propchange: webservices/sandesha/trunk/java/interop/conf/store.jks
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added:
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/PWCallback.java
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/PWCallback.java?view=auto&rev=451877
==============================================================================
---
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/PWCallback.java
(added)
+++
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/PWCallback.java
Sun Oct 1 21:28:41 2006
@@ -0,0 +1,189 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.interop;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import java.io.IOException;
+
+public class PWCallback implements CallbackHandler {
+
+
+
+ /** Field key */
+
+ private static final byte[] key = {
+
+ (byte) 0x31, (byte) 0xfd, (byte) 0xcb, (byte) 0xda, (byte) 0xfb,
+
+ (byte) 0xcd, (byte) 0x6b, (byte) 0xa8, (byte) 0xe6, (byte) 0x19,
+
+ (byte) 0xa7, (byte) 0xbf, (byte) 0x51, (byte) 0xf7, (byte) 0xc7,
+
+ (byte) 0x3e, (byte) 0x80, (byte) 0xae, (byte) 0x98, (byte) 0x51,
+
+ (byte) 0xc8, (byte) 0x51, (byte) 0x34, (byte) 0x04,
+
+ };
+
+
+
+ /*
+
+ * (non-Javadoc)
+
+ * @see
javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
+
+ */
+
+
+
+ /**
+
+ * Method handle
+
+ *
+
+ * @param callbacks
+
+ * @throws java.io.IOException
+
+ * @throws javax.security.auth.callback.UnsupportedCallbackException
+
+ */
+
+ public void handle(Callback[] callbacks)
+
+ throws IOException, UnsupportedCallbackException {
+
+
+
+ for (int i = 0; i < callbacks.length; i++) {
+
+ if (callbacks[i] instanceof WSPasswordCallback) {
+
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+
+
+
+ /*
+
+ * This usage type is used only in case we received a
+
+ * username token with a password of type PasswordText or
+
+ * an unknown password type.
+
+ *
+
+ * This case the WSPasswordCallback object contains the
+
+ * identifier (aka username), the password we received, and
+
+ * the password type string to identify the type.
+
+ *
+
+ * Here we perform only a very simple check.
+
+ */
+
+ if (pc.getUsage() ==
WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
+
+ if(pc.getIdentifer().equals("Ron") &&
pc.getPassword().equals("noR")) {
+
+ return;
+
+ }
+
+ if(pc.getIdentifer().equals("joe") &&
pc.getPassword().equals("eoj")) {
+
+ return;
+
+ }
+
+ if (pc.getPassword().equals("sirhC")) {
+
+ return;
+
+ }
+
+ throw new UnsupportedCallbackException(callbacks[i],
+
+ "check failed");
+
+ }
+
+ /*
+
+ * here call a function/method to lookup the password for
+
+ * the given identifier (e.g. a user name or keystore alias)
+
+ * e.g.:
pc.setPassword(passStore.getPassword(pc.getIdentfifier))
+
+ * for Testing we supply a fixed name here.
+
+ */
+
+ if (pc.getUsage() == WSPasswordCallback.KEY_NAME) {
+
+ pc.setKey(key);
+
+ } else if(pc.getIdentifer().equals("alice")) {
+
+ pc.setPassword("password");
+
+ } else if(pc.getIdentifer().equals("bob")) {
+
+ pc.setPassword("password");
+
+ } else if(pc.getIdentifer().equals("Ron")) {
+
+ pc.setPassword("noR");
+
+ } else if(pc.getIdentifer().equals("joe")) {
+
+ pc.setPassword("eoj");
+
+ } else if(pc.getIdentifer().equals("ip")) {
+
+ pc.setPassword("password");
+
+ } else {
+
+ pc.setPassword("sirhC");
+
+ }
+
+ } else {
+
+ throw new UnsupportedCallbackException(callbacks[i],
+
+ "Unrecognized Callback");
+
+ }
+
+ }
+
+ }
+
+}
\ No newline at end of file
Added:
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/rm1_1_clients/Scenario_4_1.java
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/rm1_1_clients/Scenario_4_1.java?view=auto&rev=451877
==============================================================================
---
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/rm1_1_clients/Scenario_4_1.java
(added)
+++
webservices/sandesha/trunk/java/interop/src/org/apache/sandesha2/interop/rm1_1_clients/Scenario_4_1.java
Sun Oct 1 21:28:41 2006
@@ -0,0 +1,212 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.interop.rm1_1_clients;
+
+import org.apache.axiom.om.OMAbstractFactory;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.axiom.om.OMNamespace;
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axiom.soap.SOAP12Constants;
+import org.apache.axis2.addressing.EndpointReference;
+import org.apache.axis2.client.Options;
+import org.apache.axis2.client.ServiceClient;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.ConfigurationContextFactory;
+import org.apache.axis2.context.MessageContextConstants;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.rampart.RampartMessageData;
+import org.apache.sandesha2.Sandesha2Constants;
+import org.apache.sandesha2.SandeshaException;
+import org.apache.sandesha2.client.SandeshaClient;
+import org.apache.sandesha2.client.SandeshaClientConstants;
+import org.apache.sandesha2.client.SequenceReport;
+import org.apache.sandesha2.interop.RMInteropServiceStub;
+import org.tempuri.PingRequest;
+
+import javax.xml.namespace.QName;
+
+import java.io.File;
+import java.io.InputStream;
+import java.util.Properties;
+
+
+public class Scenario_4_1 {
+
+
+ private static final String applicationNamespaceName =
"http://tempuri.org/";;
+ private static final String PingRequest = "PingRequest";
+ private static final String Text = "Text";
+
+ private static String toIP = "127.0.0.1";
+ private static String toPort = "9762";
+ private static String transportToIP = "127.0.0.1";
+ private static String transportToPort = "8070";
+ private static String servicePart = "/axis2/services/SecRMInteropService";
+ private static String toEPR = "http://"; + toIP + ":" + toPort +
servicePart;
+ private static String transportToEPR = "http://"; + transportToIP + ":" +
transportToPort + servicePart;
+ private final static String CLIENT_POLICY_PATH =
"interop/conf/sec-client-policy.xml";
+
+ private static String SANDESHA2_HOME = "<SANDESHA2_HOME>"; //Change this
to ur path.
+
+ private static String AXIS2_CLIENT_PATH = SANDESHA2_HOME + File.separator
+ "target" + File.separator +"repos" + File.separator + "client" +
File.separator; //this will be available after a maven build
+
+ public static void main(String[] args) throws Exception {
+
+ String axisClientRepo = null;
+ if (args!=null && args.length>0)
+ axisClientRepo = args[0];
+
+ if (axisClientRepo!=null && !"".equals(axisClientRepo)) {
+ AXIS2_CLIENT_PATH = axisClientRepo;
+ SANDESHA2_HOME = "";
+ }
+
+ InputStream in =
Thread.currentThread().getContextClassLoader().getResourceAsStream("sandesha2_interop.properties");
+
+ Properties properties = new Properties();
+ if (in != null) {
+ properties.load(in);
+
+ toEPR = properties.getProperty("to");
+ transportToEPR = properties.getProperty("transportTo");
+ }
+
+
+// new Scenario_1_1 ().run();
+ new Scenario_4_1().runStub();
+ }
+
+ private void run () throws Exception {
+
+ ConfigurationContext configurationContext = generateConfigContext();
+
+ Options clientOptions = new Options ();
+ setUpOptions(clientOptions);
+
+ ServiceClient serviceClient = new ServiceClient
(configurationContext,null);
+
+ serviceClient.setOptions(clientOptions);
+
+ serviceClient.fireAndForget(getPingOMBlock("ping1"));
+ serviceClient.fireAndForget(getPingOMBlock("ping2"));
+ serviceClient.fireAndForget(getPingOMBlock("ping3"));
+
+ terminateSequence(serviceClient);
+
+ serviceClient.finalizeInvoke();
+ }
+
+ private static OMElement getPingOMBlock(String text) {
+ OMFactory fac = OMAbstractFactory.getOMFactory();
+ OMNamespace namespace =
fac.createOMNamespace(applicationNamespaceName,"ns1");
+ OMElement pingElem = fac.createOMElement(PingRequest, namespace);
+ OMElement textElem = fac.createOMElement(Text, null);
+
+ textElem.setText(text);
+ pingElem.addChild(textElem);
+
+ return pingElem;
+ }
+
+ private void runStub () throws Exception {
+ String targetEndpoint = toEPR;
+ ConfigurationContext configurationContext = generateConfigContext();
+
+ RMInteropServiceStub stub = new RMInteropServiceStub
(configurationContext, targetEndpoint);
+ setUpOptions(stub._getServiceClient().getOptions());
+
+ //engage Rampart
+ stub._getServiceClient().engageModule(new QName("rampart"));
+
+ PingRequest pingRequest = new PingRequest ();
+ pingRequest.setText("ping1");
+ stub.ping(pingRequest);
+
+ pingRequest = new PingRequest ();
+ pingRequest.setText("ping2");
+ stub.ping(pingRequest);
+
+ pingRequest = new PingRequest ();
+ pingRequest.setText("ping3");
+ stub.ping(pingRequest);
+
+ terminateSequence(stub._getServiceClient());
+ stub._getServiceClient().finalizeInvoke();
+
+ }
+
+ private ConfigurationContext generateConfigContext () throws Exception {
+ if ("<SANDESHA2_HOME>".equals(SANDESHA2_HOME)){
+ System.out.println("ERROR: Please change <SANDESHA2_HOME> to your
Sandesha2 installation directory.");
+ throw new Exception ("Client not set up correctly");
+ }
+
+ String axis2_xml = AXIS2_CLIENT_PATH + "client_axis2.xml";
+ ConfigurationContext configContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(AXIS2_CLIENT_PATH,axis2_xml);
+
+ return configContext;
+ }
+
+ private void setUpOptions (Options clientOptions) throws Exception {
+
clientOptions.setProperty(MessageContextConstants.TRANSPORT_URL,transportToEPR);
+// clientOptions.setProperty(Options.COPY_PROPERTIES, new Boolean (true));
+ clientOptions.setTo(new EndpointReference (toEPR));
+
+ String sequenceKey = "sequence1";
+
clientOptions.setProperty(SandeshaClientConstants.SEQUENCE_KEY,sequenceKey);
+
+//
clientOptions.setProperty(MessageContextConstants.CHUNKED,Constants.VALUE_FALSE);
//uncomment this to send messages without chunking.
+
+
clientOptions.setSoapVersionURI(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI);
//uncomment this to send messages in SOAP 1.2
+//
clientOptions.setProperty(AddressingConstants.WS_ADDRESSING_VERSION,AddressingConstants.Submission.WSA_NAMESPACE);
+
clientOptions.setProperty(SandeshaClientConstants.RM_SPEC_VERSION,Sandesha2Constants.SPEC_VERSIONS.v1_1);
//uncomment this to send the messages according to the v1_1 spec.
+
+ clientOptions.setAction("urn:wsrm:Ping");
+
+ //Set Rampart policy
+ clientOptions.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy(CLIENT_POLICY_PATH));
+
+
+ }
+
+ private void terminateSequence (ServiceClient serviceClient) throws
SandeshaException {
+ SequenceReport sequenceReport = null;
+ boolean complete = false;
+ while (!complete) {
+ sequenceReport =
SandeshaClient.getOutgoingSequenceReport(serviceClient);
+ if (sequenceReport!=null &&
sequenceReport.getCompletedMessages().size()==3)
+ complete = true;
+ else {
+ try {
+ Thread.sleep(1000);
+ } catch (InterruptedException e1) {
+ e1.printStackTrace();
+ }
+ }
+ }
+
+ SandeshaClient.terminateSequence(serviceClient);
+ }
+
+ private static Policy loadPolicy(String xmlPath) throws Exception {
+ StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
+ return PolicyEngine.getPolicy(builder.getDocumentElement());
+ }
+
+}
Modified: webservices/sandesha/trunk/java/maven.xml
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/maven.xml?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
--- webservices/sandesha/trunk/java/maven.xml (original)
+++ webservices/sandesha/trunk/java/maven.xml Sun Oct 1 21:28:41 2006
@@ -12,7 +12,7 @@
<ant:property name="build.repo.dir" value="${maven.build.dir}/repos"/>
<ant:property name="build.samples.dir" value="${maven.build.dir}/samples"/>
<ant:property name="build.samples.services.dir"
value="${build.samples.dir}/services"/>
- <ant:property name="build.samples.clients.dir"
value="${build.samples.dir}/clients"/>
+ <ant:property name="build.samples.clients.dir"
value="${build.samples.dir}/clients"/>
<ant:property name="build.interop.dir" value="${maven.build.dir}/interop"/>
<ant:property name="mar.name" value="${dist.module.name}.mar"/>
@@ -23,7 +23,7 @@
<ant:property name="dir.samples" value="samples"/>
<ant:property name="dir.test.resources" value="test-resources"/>
<ant:property name="dir.config" value="config"/>
- <ant:property name="dir.interop" value="interop"/>
+ <ant:property name="dir.interop" value="interop"/>
<ant:property name="apache.license.file" value="LICENSE.txt" />
<ant:property name="readme.file" value="README.txt" />
@@ -32,7 +32,10 @@
<ant:property name="repo.addressing.mar.full.name"
value="${repo.addressing.mar.name}-${addressing.version}.mar" />
<ant:property name="repo.addressing.mar.path"
value="${maven.repo.local}/axis2/mars" />
<ant:property name="repo.addressing.mar"
value="${repo.addressing.mar.path}/${repo.addressing.mar.full.name}" />
-
+ <ant:property name="repo.rampart.mar"
value="${maven.repo.local}/axis2/mars/rampart-${rampart.version}.mar" />
+ <ant:property name="repo.rahas.mar"
value="${maven.repo.local}/axis2/mars/rahas-${rahas.version}.mar" />
+
+
<goal name="build:all"
prereqs="mar,jar,client:jar,policy:jar,sample:create,repo:create,test:test" />
<goal name="all:jar" prereqs="mar,jar,client:jar,policy:jar" />
@@ -159,6 +162,7 @@
<!-- Copying addressing mar file-->
<ant:copy file="${repo.addressing.mar}"
toDir="${client.dist.path}/modules/" />
+ <ant:copy file="${repo.rampart.mar}"
toDir="${client.dist.path}/modules/" />
</goal>
<goal name="secure:create" prereqs="server:create,client:create">
@@ -209,7 +213,9 @@
</ant:copy>
<!-- Copying addressing mar file-->
- <ant:copy file="${repo.addressing.mar}"
toDir="${server.dist.path}/modules/" />
+ <ant:copy file="${repo.addressing.mar}"
toDir="${server.dist.path}/modules/" />
+ <ant:copy file="${repo.rampart.mar}"
toDir="${server.dist.path}/modules/" />
+ <ant:copy file="${repo.rahas.mar}"
toDir="${server.dist.path}/modules/" />
</goal>
<goal name="sample:compile">
@@ -268,7 +274,7 @@
<!-- <delete dir="${build.temp.dir}" /> -->
</goal>
-
+
<goal name="interop:compile" prereqs="java:compile" >
<ant:mkdir dir="${basedir}/target/interop/classes" />
<ant:mkdir dir="${basedir}/target/interop/services" />
@@ -277,15 +283,16 @@
<ant:classpath refid="maven.dependency.classpath" />
<ant:classpath path="${basedir}/target/classes" />
</ant:javac>
- </goal>
-
+ </goal>
+
<goal name="interop:create" prereqs="interop:compile,repo:create">
<ant:property name="dir.interop.service.temp"
value="${build.temp.dir}/interopService" />
<ant:property name="interop.service.aar.name"
value="RMInteropService.aar" />
+ <ant:property name="interop.sec.service.aar.name"
value="SecRMInteropService.aar" />
<ant:mkdir dir="${dir.interop.service.temp}" />
<ant:mkdir dir="${dir.interop.service.temp}/META-INF" />
- <ant:copy file="${dir.interop}/conf/services.xml"
todir="${dir.interop.service.temp}/META-INF" />
+ <ant:copy file="${dir.interop}/conf/services.xml"
todir="${dir.interop.service.temp}/META-INF" />
<ant:copy file="${dir.interop}/conf/RMInteropService.wsdl"
todir="${dir.interop.service.temp}/META-INF" />
<ant:copy todir="${dir.interop.service.temp}" >
<ant:fileset dir="${maven.build.dir}/interop/classes">
@@ -293,10 +300,16 @@
</ant:fileset>
</ant:copy>
- <ant:jar jarfile="${build.interop.dir}/${interop.service.aar.name}"
basedir="${dir.interop.service.temp}" />
- <ant:copy file="${build.interop.dir}/${interop.service.aar.name}"
toDir="${build.repo.dir}/server/services" />
-
- </goal>
+ <ant:jar jarfile="${build.interop.dir}/${interop.service.aar.name}"
basedir="${dir.interop.service.temp}" overwrite="true"/>
+ <ant:copy file="${build.interop.dir}/${interop.service.aar.name}"
toDir="${build.repo.dir}/server/services" overwrite="true"/>
+
+ <ant:copy file="${dir.interop}/conf/sec-services.xml"
toFile="${dir.interop.service.temp}/META-INF/services.xml" overwrite="true"/>
+ <ant:copy file="${dir.interop}/conf/store.jks"
toFile="${dir.interop.service.temp}/META-INF/store.jks" overwrite="true"/>
+ <ant:jar
jarfile="${build.interop.dir}/${interop.sec.service.aar.name}"
basedir="${dir.interop.service.temp}" overwrite="true"/>
+ <ant:copy file="${build.interop.dir}/${interop.sec.service.aar.name}"
toDir="${build.repo.dir}/server/services" overwrite="true"/>
+
+
+ </goal>
<preGoal name="test:test" >
<!--
Modified: webservices/sandesha/trunk/java/project.properties
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/project.properties?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
--- webservices/sandesha/trunk/java/project.properties (original)
+++ webservices/sandesha/trunk/java/project.properties Sun Oct 1 21:28:41 2006
@@ -27,6 +27,8 @@
annogen.version=0.1.0
backport_util_concurrent.version=2.1
addressing.version=SNAPSHOT
+rampart.version=SNAPSHOT
+rahas.version=SNAPSHOT
axiom.version=SNAPSHOT
axis2.version=SNAPSHOT
commons.codec.version=1.3
@@ -47,5 +49,7 @@
axis2.rahas.version=SNAPSHOT
axis2.secpolicy.version=SNAPSHOT
wss4j.version=SNAPSHOT
+xmlsec.version=1.3.0
+bcprov.version=jdk13-133
repo.addressing.mar.name=addressing
Modified: webservices/sandesha/trunk/java/project.xml
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/project.xml?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
--- webservices/sandesha/trunk/java/project.xml (original)
+++ webservices/sandesha/trunk/java/project.xml Sun Oct 1 21:28:41 2006
@@ -116,6 +116,18 @@
<type>mar</type>
</dependency>
<dependency>
+ <groupId>axis2</groupId>
+ <artifactId>rampart</artifactId>
+ <version>${rampart.version}</version>
+ <type>mar</type>
+ </dependency>
+ <dependency>
+ <groupId>axis2</groupId>
+ <artifactId>rahas</artifactId>
+ <version>${rahas.version}</version>
+ <type>mar</type>
+ </dependency>
+ <dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>${commons.logging.version}</version>
@@ -223,7 +235,22 @@
<module>true</module>
</properties>
</dependency>
-
+ <dependency>
+ <groupId>xml-security</groupId>
+ <artifactId>xmlsec</artifactId>
+ <version>${xmlsec.version}</version>
+ <properties>
+ <module>true</module>
+ </properties>
+ </dependency>
+ <dependency>
+ <groupId>bouncycastle</groupId>
+ <artifactId>bcprov</artifactId>
+ <version>${bcprov.version}</version>
+ <properties>
+ <module>true</module>
+ </properties>
+ </dependency>
</dependencies>
<!-- ======= -->
Modified:
webservices/sandesha/trunk/java/samples/src/sandesha2/samples/simpleServer/SimpleSandesha2Server.java
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/samples/src/sandesha2/samples/simpleServer/SimpleSandesha2Server.java?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
---
webservices/sandesha/trunk/java/samples/src/sandesha2/samples/simpleServer/SimpleSandesha2Server.java
(original)
+++
webservices/sandesha/trunk/java/samples/src/sandesha2/samples/simpleServer/SimpleSandesha2Server.java
Sun Oct 1 21:28:41 2006
@@ -25,7 +25,7 @@
public class SimpleSandesha2Server {
- private static String SANDESHA2_HOME =
"/home/chamikara/checkouts/sandesha2/java"; //Change this to ur path.
+ private static String SANDESHA2_HOME =
"/home/ruchith/workspace/sandesha2"; //Change this to ur path.
private static String AXIS2_SERVER_PATH = SANDESHA2_HOME +
File.separator + "target" + File.separator +"repos" + File.separator + "server"
+ File.separator; //this will be available after a maven build
Modified:
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
---
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java
(original)
+++
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java
Sun Oct 1 21:28:41 2006
@@ -236,5 +236,5 @@
public final static String proofOfPossessionNotVerified =
"proofOfPossessionNotVerified";
public final static String noSecurityResults = "noSecurityResults";
public final static String noSecConvTokenInPolicy =
"noSecConvTokenInPolicy";
-
+ public final static String noServicePolicy = "noServicePolicy";
}
Modified:
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
---
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties
(original)
+++
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties
Sun Oct 1 21:28:41 2006
@@ -264,4 +264,5 @@
errorRetrievingSecurityToken = Error retrieving security token from token
storage
proofOfPossessionNotVerified = Proof of possession not verified
noSecurityResults = No Security results
-noSecConvTokenInPolicy = No SecureConversationToken in policy
\ No newline at end of file
+noSecConvTokenInPolicy = No SecureConversationToken in policy
+noServicePolicy=Service policy missing
\ No newline at end of file
Modified:
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
---
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
(original)
+++
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
Sun Oct 1 21:28:41 2006
@@ -20,6 +20,8 @@
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axis2.Constants;
+import org.apache.axis2.client.Options;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.AxisModule;
@@ -32,10 +34,12 @@
import org.apache.rahas.TrustUtil;
import org.apache.rahas.client.STSClient;
import org.apache.rampart.RampartException;
+import org.apache.rampart.RampartMessageData;
import org.apache.rampart.policy.RampartPolicyBuilder;
import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.util.RampartUtil;
import org.apache.sandesha2.SandeshaException;
+import org.apache.sandesha2.client.SandeshaClientConstants;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
import org.apache.sandesha2.security.SecurityManager;
@@ -110,15 +114,25 @@
//Get the token that matches the id
SecurityToken recoveredToken =
this.recoverSecurityToken(baseTokenId);
if(recoveredToken != null) {
+ Token rahasToken =
((RampartSecurityToken)recoveredToken).getToken();
//check whether the SCT used in the message is
//similar to the one given into the method
- String recoverdTokenId =
((RampartSecurityToken)recoveredToken).getToken().getId();
+ String recoverdTokenId = rahasToken.getId();
+ String attRefId = null;
+ String unattrefId = null;
+ if(rahasToken.getAttachedReference() != null) {
+ attRefId =
this.getUriFromSTR(rahasToken.getAttachedReference());
+ }
+ if(rahasToken.getUnattachedReference() !=
null) {
+ unattrefId =
this.getUriFromSTR(rahasToken.getUnattachedReference());
+ }
+
String id =
((RampartSecurityToken)token).getToken().getId();
- if(recoverdTokenId.equals(id)) {
+ if(recoverdTokenId.equals(id) ||
attRefId.equals(id) || unattrefId.equals(id)) {
//Token matched with a token that signed
the message part
//Now check signature parts
OMAttribute idattr =
messagePart.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
- verified =
wser.getSignedElements().contains(idattr);
+ verified =
wser.getSignedElements().contains(idattr.getAttributeValue());
break;
}
}
@@ -134,6 +148,11 @@
}
}
+
+ private String getUriFromSTR(OMElement str) {
+ OMElement refElem = str.getFirstChildWithName(Reference.TOKEN);
+ return refElem.getAttributeValue(new QName("URI")).substring(1);
+ }
/* (non-Javadoc)
* @see
org.apache.sandesha2.security.SecurityManager#createSecurityTokenReference(org.apache.sandesha2.security.SecurityToken,
org.apache.axis2.context.MessageContext)
@@ -178,9 +197,10 @@
RahasConstants.VERSION_05_02,
RahasConstants.RST_ACTION_SCT);
- Policy servicePolicy = message.getEffectivePolicy();
+ Policy servicePolicy =
(Policy)message.getProperty(RampartMessageData.KEY_RAMPART_POLICY);
if(servicePolicy == null) {
- throw new SandeshaException("service policy missing");
+ String msg =
SandeshaMessageHelper.getMessage(SandeshaMessageKeys.noServicePolicy);
+ throw new SandeshaException(msg);
}
List it = (List)servicePolicy.getAlternatives().next();
RampartPolicyData rpd = RampartPolicyBuilder.build(it);
@@ -198,16 +218,23 @@
if(secConvTok != null) {
Policy issuerPolicy = secConvTok.getBootstrapPolicy();
+ issuerPolicy.addAssertion(rpd.getRampartConfig());
STSClient client = new
STSClient(message.getConfigurationContext());
+ Options op = new Options();
+ op.setProperty(SandeshaClientConstants.UNRELIABLE_MESSAGE,
Constants.VALUE_TRUE);
+ client.setOptions(op);
client.setAction(action);
client.setRstTemplate(rstTmpl);
client.setCryptoInfo(RampartUtil.getEncryptionCrypto(rpd
.getRampartConfig(), message.getAxisService()
.getClassLoader()), RampartUtil.getPasswordCB(
message, rpd));
+ String address = message.getTo().getAddress();
Token tok = client.requestSecurityToken(servicePolicy,
- message.getTo().getAddress(), issuerPolicy, null);
+ address, issuerPolicy, null);
+
+ tok.setState(Token.ISSUED);
this.storage.add(tok);
contextIdentifierKey =
RampartUtil.getContextIdentifierKey(message);
@@ -243,7 +270,7 @@
OMElement refElem = theSTR.getFirstChildWithName(Reference.TOKEN);
String id = refElem.getAttributeValue(new QName("URI"));
- return this.recoverSecurityToken(id);
+ return this.recoverSecurityToken(id.substring(1));
}
/* (non-Javadoc)
@@ -251,7 +278,7 @@
*/
public String getTokenRecoveryData(SecurityToken token)
throws SandeshaException {
- return ((RampartSecurityToken)token).getToken().getId();
+ return ((RampartSecurityToken)token).getToken().getId().substring(1);
}
/* (non-Javadoc)
Modified:
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java
URL:
http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java?view=diff&rev=451877&r1=451876&r2=451877
==============================================================================
---
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java
(original)
+++
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java
Sun Oct 1 21:28:41 2006
@@ -56,6 +56,7 @@
import org.apache.axis2.util.UUIDGenerator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.rampart.RampartMessageData;
import org.apache.sandesha2.RMMsgContext;
import org.apache.sandesha2.Sandesha2Constants;
import org.apache.sandesha2.SandeshaException;
@@ -609,6 +610,9 @@
.getProperty(MessageContext.TRANSPORT_IN));
newMessageContext.setProperty(MessageContext.TRANSPORT_OUT, referenceMessage
.getProperty(MessageContext.TRANSPORT_OUT));
+
newMessageContext.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
referenceMessage
+ .getProperty(RampartMessageData.KEY_RAMPART_POLICY));
+
newMessageContext.setExecutionChain(referenceMessage.getExecutionChain());
return newMessageContext;
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
