axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ruchi...@apache.org
Subject svn commit: r397204 - in /webservices/axis2/trunk/java/modules/security/src/org/apache: axis2/security/ axis2/security/rahas/ ws/security/policy/ ws/security/policy/parser/ ws/security/policy/parser/processors/
Date Wed, 26 Apr 2006 14:39:23 GMT
Author: ruchithf
Date: Wed Apr 26 07:39:21 2006
New Revision: 397204

URL: http://svn.apache.org/viewcvs?rev=397204&view=rev
Log:
- supporting a simple transport binding with includeTimestamp policy only
- few modifications to the experimental policy processing code in the security module


Added:
    webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/TransportBindingProcessor.java
Modified:
    webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
    webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/rahas/STSRequester.java
    webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
    webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java

Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java?rev=397204&r1=397203&r2=397204&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
Wed Apr 26 07:39:21 2006
@@ -22,6 +22,7 @@
 import org.apache.axis2.description.AxisModule;
 import org.apache.axis2.description.AxisOperation;
 import org.apache.axis2.description.Parameter;
+import org.apache.axis2.engine.AxisConfiguration;
 import org.apache.axis2.modules.Module;
 import org.apache.axis2.security.handler.WSSHandlerConstants;
 import org.apache.axis2.security.handler.config.InflowConfiguration;
@@ -65,7 +66,7 @@
 		}
 	}
 
-	public void shutdown(ConfigurationContext configurationContext) throws AxisFault {
+	public void shutdown(AxisConfiguration axisSystem) throws AxisFault {
 		// Do nothing
 	}
 
@@ -74,8 +75,8 @@
 			OutflowConfiguration policyOutflowConfig,
 			AxisDescription axisDescription) throws AxisFault {
 		// merge inflow configuration
-		Parameter inflowModuleParam = module
-				.getParameter(WSSHandlerConstants.INFLOW_SECURITY);
+		Parameter inflowModuleParam = (module != null) ? module
+				.getParameter(WSSHandlerConstants.INFLOW_SECURITY): null;
 		InflowConfiguration moduleInflowConfig = HandlerParameterDecoder
 				.getInflowConfiguration(inflowModuleParam);
 
@@ -91,8 +92,8 @@
 		axisDescription.addParameter(finalInConf.getProperty());
 
 		// merge outflow configuration
-		Parameter outfloModuleParam = module
-				.getParameter(WSSHandlerConstants.OUTFLOW_SECURITY);
+		Parameter outfloModuleParam = (module != null) ? module
+				.getParameter(WSSHandlerConstants.OUTFLOW_SECURITY) : null;
 		OutflowConfiguration moduleOutflowConfig = HandlerParameterDecoder
 				.getOutflowConfiguration(outfloModuleParam);
 		Parameter outflowSecParam = axisDescription
@@ -154,4 +155,10 @@
         	}
 		return secondryConf;
 	}
+
+    /* (non-Javadoc)
+     * @see org.apache.axis2.modules.Module#shutdown(org.apache.axis2.context.ConfigurationContext)
+     */
+    public void shutdown(ConfigurationContext configurationContext) throws AxisFault {
+    }
 }

Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/rahas/STSRequester.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/rahas/STSRequester.java?rev=397204&r1=397203&r2=397204&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/rahas/STSRequester.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/rahas/STSRequester.java
Wed Apr 26 07:39:21 2006
@@ -30,9 +30,12 @@
 import org.apache.axis2.description.Parameter;
 import org.apache.axis2.security.handler.WSSHandlerConstants;
 import org.apache.axis2.security.trust.Constants;
+import org.apache.axis2.security.trust.TrustUtil;
 import org.apache.axis2.security.trust.types.RequestSecurityTokenType;
 import org.apache.axis2.security.util.Axis2Util;
+import org.apache.axis2.util.Base64;
 import org.apache.axis2.util.StreamWrapper;
+import org.apache.ws.security.util.WSSecurityUtil;
 import org.w3c.dom.Element;
 
 import javax.xml.namespace.QName;
@@ -89,24 +92,23 @@
             rstElem.build();
             rstElem = (OMElement)rstElem.detach();
             
+            if(config.isProvideEntropy()) {
+                //TODO Option to get the nonce lenght and  
+                //keysize from the the configuration
+                
+                // Length of nonce in bytes
+                int nonceLength = 16;
 
-//            if(config.isProvideEntropy()) {
-//                //TODO Option to get the nonce lenght and  
-//                //keysize from the the configuration
-//                
-//                // Length of nonce in bytes
-//                int nonceLength = 16;
-//
-//                OMElement entropyElem = TrustUtil.createEntropyElement(rstElem);
-//                
-//                byte[] nonce = WSSecurityUtil.generateNonce(nonceLength);
-//                OMElement elem = TrustUtil.createBinarySecretElement(entropyElem,
-//                        Constants.BIN_SEC_TYPE_NONCE);
-//                elem.setText(Base64.encode(nonce));
-//
-//                TrustUtil.createKeySizeElement(rstElem).setText(
-//                        Integer.toString(nonceLength * 8));
-//            }
+                OMElement entropyElem = TrustUtil.createEntropyElement(rstElem);
+                
+                byte[] nonce = WSSecurityUtil.generateNonce(nonceLength);
+                OMElement elem = TrustUtil.createBinarySecretElement(entropyElem,
+                        Constants.BIN_SEC_TYPE_NONCE);
+                elem.setText(Base64.encode(nonce));
+
+                TrustUtil.createKeySizeElement(rstElem).setText(
+                        Integer.toString(nonceLength * 8));
+            }
 
             String str = rstElem.toString();
             System.out.println(str);

Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java?rev=397204&r1=397203&r2=397204&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
Wed Apr 26 07:39:21 2006
@@ -60,10 +60,17 @@
     }
 
     private static void finalizeConfig(WSS4JConfig config) throws WSSPolicyException{
+        
+        config.getInflowConfiguration().setEnableSignatureConfirmation(false);
+        config.getOutflowConfiguration().setEnableSignatureConfirmation(false);
+        
         if(config.binding != null) {
             if(config.binding instanceof TransportBinding) {
-                //TODO TransportBinding
-                throw new UnsupportedOperationException("TODO TransportBinding");
+                TransportBinding binding = (TransportBinding)config.binding;
+                if(binding.isIncludeTimestamp()) {
+                    config.getInflowConfiguration().setActionItems("Timestamp");
+                    config.getOutflowConfiguration().setActionItems("Timestamp");
+                }
             } else {
                 //Handle common properties from SymmetricAsymmetricBindingBase
                 SymmetricAsymmetricBindingBase base = (SymmetricAsymmetricBindingBase) config.binding;
@@ -148,7 +155,8 @@
         }
         
         if(config.supportingToken != null) {
-            if(config.supportingToken.getType() == Constants.SUPPORTING_TOKEN_SUPPORTING)
{
+            if(config.supportingToken.getType() == Constants.SUPPORTING_TOKEN_SUPPORTING
|| 
+                    config.supportingToken.getType() == Constants.SUPPORTING_TOKEN_SIGNED)
{
                 ArrayList tokens = config.supportingToken.getTokens();
                 Iterator tokensIter = tokens.iterator();
                 while (tokensIter.hasNext()) {
@@ -158,7 +166,7 @@
                         if(items == null || items.length() == 0) {
                             config.getInflowConfiguration().setActionItems("UsernameToken");
                         } else {
-                            items += "UsernameToken";
+                            items = "UsernameToken " + items;
                             config.getInflowConfiguration().setActionItems(items);
                         }
                     }

Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java?rev=397204&r1=397203&r2=397204&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java
Wed Apr 26 07:39:21 2006
@@ -37,6 +37,7 @@
 import org.apache.ws.security.policy.parser.processors.SignedSupportingTokensProcessor;
 import org.apache.ws.security.policy.parser.processors.SupportingTokensProcessor;
 import org.apache.ws.security.policy.parser.processors.SymmetricBindingProcessor;
+import org.apache.ws.security.policy.parser.processors.TransportBindingProcessor;
 import org.apache.ws.security.policy.parser.processors.Wss10Processor;
 import org.apache.ws.security.policy.parser.processors.Wss11Processor;
 
@@ -97,6 +98,10 @@
         spt.setProcessTokenMethod(new SymmetricBindingProcessor());
         topLevel.setChildToken(spt);
 
+        spt = SecurityPolicy.transportBinding.copy();
+        spt.setProcessTokenMethod(new TransportBindingProcessor());
+        topLevel.setChildToken(spt);
+        
         spt = SecurityPolicy.wss10.copy();
         spt.setProcessTokenMethod(new Wss10Processor());
         topLevel.setChildToken(spt);

Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/TransportBindingProcessor.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/TransportBindingProcessor.java?rev=397204&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/TransportBindingProcessor.java
(added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/TransportBindingProcessor.java
Wed Apr 26 07:39:21 2006
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.security.policy.model.Binding;
+import org.apache.ws.security.policy.parser.SecurityPolicy;
+import org.apache.ws.security.policy.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy.parser.SecurityProcessorContext;
+import org.apache.ws.security.processor.TimestampProcessor;
+
+public class TransportBindingProcessor {
+    
+    private Log log = LogFactory.getLog(getClass());
+    
+    private boolean initializedSymmetricBinding = false;
+    
+    private void initializeTransportBinding(SecurityPolicyToken spt)
+        throws NoSuchMethodException {
+        
+        SecurityPolicyToken tmpSpt = SecurityPolicy.includeTimestamp.copy();
+        tmpSpt.setProcessTokenMethod(this);
+        spt.setChildToken(tmpSpt);
+
+    }
+    
+    public Object doTransportBinding(SecurityProcessorContext spc) {
+        log.debug("Processing "
+                + spc.readCurrentSecurityToken().getTokenName() + ": "
+                + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+        SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+        switch (spc.getAction()) {
+
+        case SecurityProcessorContext.START:
+            if (!initializedSymmetricBinding) {
+                try {
+                    initializeTransportBinding(spt);
+                    initializedSymmetricBinding = true;
+                } catch (NoSuchMethodException e) {
+                    log.error(e.getMessage(), e);
+                    return new Boolean(false);
+                }
+            }
+            break;
+        case SecurityProcessorContext.COMMIT:
+            break;
+        case SecurityProcessorContext.ABORT:
+            break;
+        }
+        return new Boolean(true);
+    }
+    
+    public Object doIncludeTimestamp(SecurityProcessorContext spc) {
+        log.debug("Processing "
+                + spc.readCurrentSecurityToken().getTokenName() + ": "
+                + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+        if(spc.getAction() == SecurityProcessorContext.START) {
+            ((Binding)spc.readCurrentPolicyEngineData()).setIncludeTimestamp(true);
+        }
+        return new Boolean(true);
+    }
+}



Mime
View raw message