ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1172285 [2/48] - in /webservices/wss4j/branches/swssf: ./ cxf-integration/ cxf-integration/src/ cxf-integration/src/main/ cxf-integration/src/main/java/ cxf-integration/src/main/java/org/ cxf-integration/src/main/java/org/swssf/ cxf-integr...
Date Sun, 18 Sep 2011 13:51:36 GMT
Added: webservices/wss4j/branches/swssf/cxf-integration/src/main/java/org/swssf/interceptor/SecurityOutInterceptor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/cxf-integration/src/main/java/org/swssf/interceptor/SecurityOutInterceptor.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/cxf-integration/src/main/java/org/swssf/interceptor/SecurityOutInterceptor.java (added)
+++ webservices/wss4j/branches/swssf/cxf-integration/src/main/java/org/swssf/interceptor/SecurityOutInterceptor.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,146 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.interceptor;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor;
+import org.apache.cxf.interceptor.AttachmentOutInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.StaxOutInterceptor;
+import org.apache.cxf.message.Exchange;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.swssf.WSSec;
+import org.swssf.ext.OutboundWSSec;
+import org.swssf.ext.SecurityProperties;
+import org.swssf.ext.WSSecurityException;
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import java.io.OutputStream;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SecurityOutInterceptor extends AbstractSoapInterceptor {
+
+    public static final SecurityOutInterceptorEndingInterceptor ENDING = new SecurityOutInterceptorEndingInterceptor();
+    public static final String OUTPUT_STREAM_HOLDER = SecurityOutInterceptor.class.getName() + ".outputstream";
+    public static final String FORCE_START_DOCUMENT = "org.apache.cxf.stax.force-start-document";
+    private OutboundWSSec outboundWSSec;
+
+    public SecurityOutInterceptor(String p, SecurityProperties securityProperties) throws Exception {
+        super(p);
+        getBefore().add(StaxOutInterceptor.class.getName());
+
+        outboundWSSec = WSSec.getOutboundWSSec(securityProperties);
+    }
+
+    public void handleMessage(SoapMessage soapMessage) throws Fault {
+
+        OutputStream os = soapMessage.getContent(OutputStream.class);
+
+        String encoding = getEncoding(soapMessage);
+
+        final List<SecurityEvent> outgoingSecurityEventList = new ArrayList<SecurityEvent>();
+        SecurityEventListener securityEventListener = new SecurityEventListener() {
+            public void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException {
+                outgoingSecurityEventList.add(securityEvent);
+            }
+        };
+        soapMessage.getExchange().put(SecurityEvent.class.getName() + ".out", outgoingSecurityEventList);
+
+        XMLStreamWriter newXMLStreamWriter;
+        try {
+            @SuppressWarnings("unchecked")
+            final List<SecurityEvent> requestSecurityEvents = (List<SecurityEvent>) soapMessage.getExchange().get(SecurityEvent.class.getName() + ".in");
+            newXMLStreamWriter = outboundWSSec.processOutMessage(os, encoding, requestSecurityEvents, securityEventListener);
+            soapMessage.setContent(XMLStreamWriter.class, newXMLStreamWriter);
+        } catch (WSSecurityException e) {
+            throw new Fault(e);
+        }
+
+        soapMessage.put(AbstractOutDatabindingInterceptor.DISABLE_OUTPUTSTREAM_OPTIMIZATION,
+                Boolean.TRUE);
+        soapMessage.put(FORCE_START_DOCUMENT, Boolean.TRUE);
+
+        if (MessageUtils.getContextualBoolean(soapMessage, FORCE_START_DOCUMENT, false)) {
+            try {
+                newXMLStreamWriter.writeStartDocument(encoding, "1.0");
+            } catch (XMLStreamException e) {
+                throw new Fault(e);
+            }
+            soapMessage.removeContent(OutputStream.class);
+            soapMessage.put(OUTPUT_STREAM_HOLDER, os);
+        }
+
+        // Add a final interceptor to write end elements
+        soapMessage.getInterceptorChain().add(ENDING);
+    }
+
+    private String getEncoding(Message message) {
+        Exchange ex = message.getExchange();
+        String encoding = (String) message.get(Message.ENCODING);
+        if (encoding == null && ex.getInMessage() != null) {
+            encoding = (String) ex.getInMessage().get(Message.ENCODING);
+            message.put(Message.ENCODING, encoding);
+        }
+
+        if (encoding == null) {
+            encoding = "UTF-8";
+            message.put(Message.ENCODING, encoding);
+        }
+        return encoding;
+    }
+
+    public static class SecurityOutInterceptorEndingInterceptor extends AbstractPhaseInterceptor<Message> {
+
+        public SecurityOutInterceptorEndingInterceptor() {
+            super(Phase.PRE_STREAM_ENDING);
+            getAfter().add(AttachmentOutInterceptor.AttachmentOutEndingInterceptor.class.getName());
+        }
+
+        public void handleMessage(Message message) throws Fault {
+            try {
+                XMLStreamWriter xtw = message.getContent(XMLStreamWriter.class);
+                if (xtw != null) {
+                    xtw.writeEndDocument();
+                    xtw.flush();
+                    xtw.close();
+                }
+
+                OutputStream os = (OutputStream) message.get(OUTPUT_STREAM_HOLDER);
+                if (os != null) {
+                    message.setContent(OutputStream.class, os);
+                }
+                message.removeContent(XMLStreamWriter.class);
+            } catch (XMLStreamException e) {
+                throw new Fault(e);
+            }
+        }
+    }
+}

Propchange: webservices/wss4j/branches/swssf/cxf-integration/src/main/java/org/swssf/interceptor/SecurityOutInterceptor.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/CXFIntegrationTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/CXFIntegrationTest.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/CXFIntegrationTest.java (added)
+++ webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/CXFIntegrationTest.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,136 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test.integration;
+
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+import org.swssf.test.WSS4JCallbackHandlerImpl;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class CXFIntegrationTest {
+
+    private Greeter greeterStream;
+    private Greeter greeterWSS4J;
+
+    @BeforeClass()
+    public void setUp() {
+        ClassPathXmlApplicationContext applicationContext = new ClassPathXmlApplicationContext("integration/test-application-context.xml");
+        {
+            SOAPService soapService = new SOAPService(this.getClass().getClassLoader().getResource("integration/helloWorld.wsdl"));
+            greeterStream = soapService.getSoapPort();
+            final Client client = ClientProxy.getClient(greeterStream);
+            WSS4JOutInterceptor wss4JOutInterceptor = new WSS4JOutInterceptor();
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.ACTION, "Timestamp Signature Encrypt");
+            //wss4JOutInterceptor.setProperty(WSHandlerConstants.ACTION, "Encrypt");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.USER, "transmitter");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.ENCRYPTION_USER, "receiver");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, WSS4JCallbackHandlerImpl.class.getName());
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.SIG_PROP_FILE, "transmitter-crypto.properties");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.ENC_PROP_FILE, "transmitter-crypto.properties");
+            client.getOutInterceptors().add(wss4JOutInterceptor);
+
+            WSS4JInInterceptor wss4JInInterceptor = new WSS4JInInterceptor();
+            wss4JInInterceptor.setProperty(WSHandlerConstants.ACTION, "Timestamp Signature Encrypt");
+            wss4JInInterceptor.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, WSS4JCallbackHandlerImpl.class.getName());
+            wss4JInInterceptor.setProperty(WSHandlerConstants.SIG_PROP_FILE, "transmitter-crypto.properties");
+            wss4JInInterceptor.setProperty(WSHandlerConstants.DEC_PROP_FILE, "transmitter-crypto.properties");
+            client.getInInterceptors().add(wss4JInInterceptor);
+
+            greeterStream.greetMe("Cold start");
+        }
+
+        {
+            SOAPService soapService = new SOAPService(this.getClass().getClassLoader().getResource("integration/helloWorld.wsdl"));
+            greeterWSS4J = soapService.getSoapPort();
+            final Client client = ClientProxy.getClient(greeterWSS4J);
+            WSS4JOutInterceptor wss4JOutInterceptor = new WSS4JOutInterceptor();
+            //wss4JOutInterceptor.setProperty(WSHandlerConstants.ACTION, "Timestamp Signature Encrypt");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.ACTION, "Timestamp Signature Encrypt");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.USER, "transmitter");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.ENCRYPTION_USER, "receiver");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, WSS4JCallbackHandlerImpl.class.getName());
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.SIG_PROP_FILE, "transmitter-crypto.properties");
+            wss4JOutInterceptor.setProperty(WSHandlerConstants.ENC_PROP_FILE, "transmitter-crypto.properties");
+            client.getOutInterceptors().add(wss4JOutInterceptor);
+
+            WSS4JInInterceptor wss4JInInterceptor = new WSS4JInInterceptor();
+            wss4JInInterceptor.setProperty(WSHandlerConstants.ACTION, "Timestamp Signature Encrypt");
+            wss4JInInterceptor.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, WSS4JCallbackHandlerImpl.class.getName());
+            wss4JInInterceptor.setProperty(WSHandlerConstants.SIG_PROP_FILE, "transmitter-crypto.properties");
+            wss4JInInterceptor.setProperty(WSHandlerConstants.DEC_PROP_FILE, "transmitter-crypto.properties");
+            client.getInInterceptors().add(wss4JInInterceptor);
+
+            client.getRequestContext().put(Message.ENDPOINT_ADDRESS, "http://localhost:9001/GreeterServiceWSS4J");
+            greeterWSS4J.greetMe("Cold start");
+        }
+    }
+
+    private long starttime;
+
+    @Test(alwaysRun = true)
+    public void startTiming() {
+        System.out.println("startTiming");
+        starttime = System.currentTimeMillis();
+    }
+
+    @Test(dependsOnMethods = "testCXF", alwaysRun = true)
+    public void stopTiming() {
+        System.out.println("Streaming: 100 invocations took " + (System.currentTimeMillis() - starttime) + " milliseconds");
+        System.out.flush();
+    }
+
+    @Test(invocationCount = 100, threadPoolSize = 10, dependsOnMethods = {"startTiming", "testCXFWSS4J"})
+    //@Test(invocationCount = 1, threadPoolSize = 10)
+    public void testCXF() throws Exception {
+        String resp = greeterStream.greetMe("Hey Stream Service. It's me, the client. Nice to meet you...");
+        //System.out.println(resp);
+    }
+
+    private long starttimeWSS4J;
+
+    @Test(alwaysRun = true)
+    public void startTimingWSS4J() {
+        System.out.println("startTiming");
+        starttimeWSS4J = System.currentTimeMillis();
+    }
+
+    @Test(dependsOnMethods = "testCXFWSS4J", alwaysRun = true)
+    public void stopTimingWSS4J() {
+        System.out.println("DOM: 100 invocations took " + (System.currentTimeMillis() - starttimeWSS4J) + " milliseconds");
+        System.out.flush();
+    }
+
+    @Test(invocationCount = 100, threadPoolSize = 10, dependsOnMethods = "startTimingWSS4J")
+    public void testCXFWSS4J() throws Exception {
+        String resp = greeterWSS4J.greetMe("Hey DOM Service. It's me, the client. Nice to meet you...");
+        //System.out.println(resp);
+    }
+}

Propchange: webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/CXFIntegrationTest.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/GreeterServiceImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/GreeterServiceImpl.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/GreeterServiceImpl.java (added)
+++ webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/GreeterServiceImpl.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test.integration;
+
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.PingMeFault;
+
+import javax.jws.WebParam;
+import javax.jws.WebService;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+@WebService(targetNamespace = "http://apache.org/hello_world_soap_http", serviceName = "SOAPService", endpointInterface = "org.apache.hello_world_soap_http.Greeter")
+public class GreeterServiceImpl implements Greeter {
+
+    public void pingMe() throws PingMeFault {
+    }
+
+    public String sayHi() {
+        return "Hi";
+    }
+
+    public void greetMeOneWay(@WebParam(name = "requestType", targetNamespace = "http://apache.org/hello_world_soap_http/types") String requestType) {
+    }
+
+    public String greetMe(@WebParam(name = "requestType", targetNamespace = "http://apache.org/hello_world_soap_http/types") String requestType) {
+        return requestType;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/cxf-integration/src/test/java/org/swssf/test/integration/GreeterServiceImpl.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/helloWorld.wsdl
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/helloWorld.wsdl?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/helloWorld.wsdl (added)
+++ webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/helloWorld.wsdl Sun Sep 18 13:51:23 2011
@@ -0,0 +1,162 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsdl:definitions name="HelloWorld" targetNamespace="http://apache.org/hello_world_soap_http"
+    xmlns="http://schemas.xmlsoap.org/wsdl/"
+    xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
+    xmlns:tns="http://apache.org/hello_world_soap_http"
+    xmlns:x1="http://apache.org/hello_world_soap_http/types"
+    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+    xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+    <wsdl:types>
+        <schema targetNamespace="http://apache.org/hello_world_soap_http/types"
+            xmlns="http://www.w3.org/2001/XMLSchema"
+	    xmlns:tns="http://apache.org/hello_world_soap_http/types"
+            elementFormDefault="qualified">
+	    <simpleType name="MyStringType">
+		<restriction base="string">
+		    <maxLength value="30" />
+		</restriction>
+	    </simpleType>
+
+            <element name="sayHi">
+                <complexType/>
+            </element>
+            <element name="sayHiResponse">
+                <complexType>
+                    <sequence>
+                        <element name="responseType" type="string"/>
+                    </sequence>
+                </complexType>
+            </element>
+            <element name="greetMe">
+                <complexType>
+                    <sequence>
+                        <element name="requestType" type="tns:MyStringType"/>
+                    </sequence>
+                </complexType>
+            </element>
+            <element name="greetMeResponse">
+                <complexType>
+                    <sequence>
+                        <element name="responseType" type="string"/>
+                    </sequence>
+                </complexType>
+            </element>
+            <element name="greetMeOneWay">
+                <complexType>
+                    <sequence>
+                        <element name="requestType" type="string"/>
+                    </sequence>
+                </complexType>
+            </element>
+            <element name="pingMe">
+                <complexType/>
+            </element>
+            <element name="pingMeResponse">
+                <complexType/>
+            </element>
+            <element name="faultDetail">
+                <complexType>
+                    <sequence>
+                        <element name="minor" type="short"/>
+                        <element name="major" type="short"/>
+                    </sequence>
+                </complexType>
+            </element>
+        </schema>
+    </wsdl:types>
+    <wsdl:message name="sayHiRequest">
+        <wsdl:part element="x1:sayHi" name="in"/>
+    </wsdl:message>
+    <wsdl:message name="sayHiResponse">
+        <wsdl:part element="x1:sayHiResponse" name="out"/>
+    </wsdl:message>
+    <wsdl:message name="greetMeRequest">
+        <wsdl:part element="x1:greetMe" name="in"/>
+    </wsdl:message>
+    <wsdl:message name="greetMeResponse">
+        <wsdl:part element="x1:greetMeResponse" name="out"/>
+    </wsdl:message>
+    <wsdl:message name="greetMeOneWayRequest">
+        <wsdl:part element="x1:greetMeOneWay" name="in"/>
+    </wsdl:message>
+    <wsdl:message name="pingMeRequest">
+        <wsdl:part name="in" element="x1:pingMe"/>
+    </wsdl:message>
+    <wsdl:message name="pingMeResponse">
+        <wsdl:part name="out" element="x1:pingMeResponse"/>
+    </wsdl:message>
+    <wsdl:message name="pingMeFault">
+        <wsdl:part name="faultDetail" element="x1:faultDetail"/>
+    </wsdl:message>
+
+    <wsdl:portType name="Greeter">
+        <wsdl:operation name="sayHi">
+            <wsdl:input message="tns:sayHiRequest" name="sayHiRequest"/>
+            <wsdl:output message="tns:sayHiResponse" name="sayHiResponse"/>
+        </wsdl:operation>
+
+        <wsdl:operation name="greetMe">
+            <wsdl:input message="tns:greetMeRequest" name="greetMeRequest"/>
+            <wsdl:output message="tns:greetMeResponse" name="greetMeResponse"/>
+        </wsdl:operation>
+
+        <wsdl:operation name="greetMeOneWay">
+            <wsdl:input message="tns:greetMeOneWayRequest" name="greetMeOneWayRequest"/>
+        </wsdl:operation>
+
+        <wsdl:operation name="pingMe">
+            <wsdl:input name="pingMeRequest" message="tns:pingMeRequest"/>
+            <wsdl:output name="pingMeResponse" message="tns:pingMeResponse"/>
+            <wsdl:fault name="pingMeFault" message="tns:pingMeFault"/>
+        </wsdl:operation>
+    </wsdl:portType>
+    <wsdl:binding name="Greeter_SOAPBinding" type="tns:Greeter">
+        <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+
+        <wsdl:operation name="sayHi">
+            <soap:operation soapAction="" style="document"/>
+            <wsdl:input name="sayHiRequest">
+                <soap:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output name="sayHiResponse">
+                <soap:body use="literal"/>
+            </wsdl:output>
+        </wsdl:operation>
+
+        <wsdl:operation name="greetMe">
+            <soap:operation soapAction="" style="document"/>
+            <wsdl:input name="greetMeRequest">
+                <soap:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output name="greetMeResponse">
+                <soap:body use="literal"/>
+            </wsdl:output>
+        </wsdl:operation>
+
+        <wsdl:operation name="greetMeOneWay">
+            <soap:operation soapAction="" style="document"/>
+            <wsdl:input name="greetMeOneWayRequest">
+                <soap:body use="literal"/>
+            </wsdl:input>
+        </wsdl:operation>
+
+        <wsdl:operation name="pingMe">
+            <soap:operation style="document"/>
+            <wsdl:input>
+                <soap:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal"/>
+            </wsdl:output>
+            <wsdl:fault name="pingMeFault">
+                <soap:fault name="pingMeFault" use="literal"/>
+            </wsdl:fault>
+        </wsdl:operation>
+
+    </wsdl:binding>
+    <wsdl:service name="SOAPService">
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="SoapPort">
+            <soap:address location="http://localhost:9001/GreeterService"/>
+        </wsdl:port>
+    </wsdl:service>
+</wsdl:definitions>

Added: webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/test-application-context.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/test-application-context.xml?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/test-application-context.xml (added)
+++ webservices/wss4j/branches/swssf/cxf-integration/src/test/resources/integration/test-application-context.xml Sun Sep 18 13:51:23 2011
@@ -0,0 +1,177 @@
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:beans="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xsi:schemaLocation="
+       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
+       http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
+       http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+       http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+       http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd">
+
+    <import resource="classpath:META-INF/cxf/cxf.xml"/>
+    <import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
+
+    <bean name="inSecurityProperties" class="org.swssf.ext.SecurityProperties">
+        <property name="callbackHandler" ref="callbackHandler"/>
+        <property name="outAction">
+            <list>
+                <value>TIMESTAMP</value>
+                <value>SIGNATURE</value>
+                <value>ENCRYPT</value>
+            </list>
+        </property>
+        <!--<property name="encryptionUser" value="transmitter"/>-->
+        <property name="useReqSigCertForEncryption" value="true"/>
+        <property name="skipDocumentEvents" value="true"/>
+    </bean>
+
+    <bean name="outSecurityProperties" class="org.swssf.ext.SecurityProperties">
+        <property name="callbackHandler" ref="callbackHandler"/>
+        <property name="outAction">
+            <list>
+                <value>TIMESTAMP</value>
+                <value>SIGNATURE</value>
+                <value>ENCRYPT</value>
+            </list>
+        </property>
+        <property name="signatureUser" value="receiver"/>
+        <property name="useReqSigCertForEncryption" value="true"/>
+        <property name="skipDocumentEvents" value="true"/>
+    </bean>
+
+    <!-- set decryptionKeystore in securityProperties -->
+    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
+        <property name="targetObject" ref="inSecurityProperties"/>
+        <property name="targetMethod" value="loadDecryptionKeystore"/>
+        <property name="arguments">
+            <list>
+                <value>classpath:receiver.jks</value>
+                <value>default</value>
+            </list>
+        </property>
+    </bean>
+
+    <!-- set signature verification Keystore in securityProperties -->
+    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
+        <property name="targetObject" ref="inSecurityProperties"/>
+        <property name="targetMethod" value="loadSignatureVerificationKeystore"/>
+        <property name="arguments">
+            <list>
+                <value>classpath:receiver.jks</value>
+                <value>default</value>
+            </list>
+        </property>
+    </bean>
+
+    <!-- set signature Keystore in securityProperties -->
+    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
+        <property name="targetObject" ref="outSecurityProperties"/>
+        <property name="targetMethod" value="loadSignatureKeyStore"/>
+        <property name="arguments">
+            <list>
+                <value>classpath:receiver.jks</value>
+                <value>default</value>
+            </list>
+        </property>
+    </bean>
+
+    <!-- set encryption Keystore in securityProperties -->
+    <!--
+    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
+        <property name="targetObject" ref="outSecurityProperties"/>
+        <property name="targetMethod" value="loadEncryptionKeystore"/>
+        <property name="arguments">
+            <list>
+                <value>classpath:receiver.jks</value>
+                <value>default</value>
+            </list>
+        </property>
+    </bean>
+    -->
+
+    <bean id="greeterServiceImpl" class="org.swssf.test.integration.GreeterServiceImpl">
+    </bean>
+
+    <jaxws:endpoint id="greeterService" implementor="#greeterServiceImpl"
+                    wsdlLocation="classpath:integration/helloWorld.wsdl"
+                    address="http://localhost:9001/GreeterService">
+        <jaxws:inInterceptors>
+            <ref bean="securityInInterceptor"/>
+        </jaxws:inInterceptors>
+        <jaxws:outInterceptors>
+            <ref bean="securityOutInterceptor"/>
+        </jaxws:outInterceptors>
+    </jaxws:endpoint>
+
+    <bean name="securityInInterceptor" class="org.swssf.interceptor.SecurityInInterceptor">
+        <constructor-arg index="0" value="post-stream"/>
+        <constructor-arg index="1" ref="inSecurityProperties"/>
+    </bean>
+
+    <bean name="securityOutInterceptor" class="org.swssf.interceptor.SecurityOutInterceptor">
+        <constructor-arg index="0" value="pre-stream"/>
+        <constructor-arg index="1" ref="outSecurityProperties"/>
+    </bean>
+
+    <bean name="callbackHandler" class="org.swssf.test.CallbackHandlerImpl">
+    </bean>
+
+    <jaxws:endpoint id="greeterServiceWSS4J" implementor="#greeterServiceImpl"
+                    wsdlLocation="classpath:integration/helloWorld.wsdl"
+                    address="http://localhost:9001/GreeterServiceWSS4J">
+        <jaxws:inInterceptors>
+            <ref bean="wss4jInInterceptor"/>
+        </jaxws:inInterceptors>
+        <jaxws:outInterceptors>
+            <ref bean="wss4jOutInterceptor"/>
+        </jaxws:outInterceptors>
+    </jaxws:endpoint>
+
+    <bean name="wss4jInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+        <property name="properties">
+            <map>
+                <entry key="action" value="Timestamp Signature Encrypt"/>
+                <entry key="passwordCallbackRef" value-ref="passwordCallbackHandlerWSS4J"/>
+                <entry key="decryptionPropFile" value="receiver-crypto.properties"/>
+                <entry key="signaturePropFile" value="receiver-crypto.properties"/>
+            </map>
+        </property>
+    </bean>
+
+    <bean name="wss4jOutInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+        <property name="properties">
+            <map>
+                <entry key="action" value="Timestamp Signature Encrypt"/>
+                <entry key="passwordCallbackRef" value-ref="passwordCallbackHandlerWSS4J"/>
+                <entry key="encryptionPropFile" value="transmitter-crypto.properties"/>
+                <entry key="signaturePropFile" value="receiver-crypto.properties"/>
+                <entry key="user" value="receiver"/>
+                <entry key="encryptionUser" value="transmitter"/>
+            </map>
+        </property>
+    </bean>
+
+    <bean name="passwordCallbackHandlerWSS4J" class="org.swssf.test.WSS4JCallbackHandlerImpl">
+    </bean>
+
+    <httpj:engine-factory bus="cxf">
+        <httpj:engine port="9001">
+            <httpj:threadingParameters minThreads="50"
+                                       maxThreads="200"/>
+            <!--      <httpj:connector>
+                    <beans:bean class="org.mortbay.jetty.bio.SocketConnector">
+                       <beans:property name="port" value="9001" />
+                    </beans:bean>
+                  </httpj:connector>
+            -->
+            <httpj:handlers>
+                <beans:bean class="org.eclipse.jetty.server.handler.DefaultHandler"/>
+            </httpj:handlers>
+            <httpj:sessionSupport>false</httpj:sessionSupport>
+        </httpj:engine>
+    </httpj:engine-factory>
+</beans>

Copied: webservices/wss4j/branches/swssf/pom.xml (from r1171698, webservices/wss4j/branches/swssf/streaming-webservice-security/branches/apache-contribution/pom.xml)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/pom.xml?p2=webservices/wss4j/branches/swssf/pom.xml&p1=webservices/wss4j/branches/swssf/streaming-webservice-security/branches/apache-contribution/pom.xml&r1=1171698&r2=1172285&rev=1172285&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-webservice-security/branches/apache-contribution/pom.xml (original)
+++ webservices/wss4j/branches/swssf/pom.xml Sun Sep 18 13:51:23 2011
@@ -4,9 +4,10 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
-    <groupId>ch.swssf</groupId>
+    <groupId>org.swssf</groupId>
     <artifactId>swssf</artifactId>
-    <version>1.0</version>
+    <version>1.0.0</version>
+    <packaging>pom</packaging>
     <name>Streaming-WebService-Security-Framework</name>
     <developers>
         <developer>
@@ -15,6 +16,17 @@
         </developer>
     </developers>
 
+    <modules>
+    	<module>streaming-ws-security</module>
+    	<module>streaming-ws-policy</module>
+    	<module>cxf-integration</module>
+    </modules>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <xmlsec.version>1.4.4</xmlsec.version>
+    </properties>
+
     <dependencyManagement>
         <dependencies>
             <dependency>
@@ -25,296 +37,19 @@
             <dependency>
                 <groupId>org.apache.santuario</groupId>
                 <artifactId>xmlsec</artifactId>
-                <version>1.4.4</version>
+                <version>${xmlsec.version}</version>
             </dependency>
         </dependencies>
     </dependencyManagement>
 
-    <properties>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <cxf.version>2.4.0</cxf.version>
-        <bcprov.version>1.45</bcprov.version>
-        <opensaml.version>2.4.1</opensaml.version>
-        <xmlsec.version>1.4.4</xmlsec.version>
-    </properties>
-
-    <dependencies>
-        <!--<dependency>
-            <groupId>org.codehaus.woodstox</groupId>
-            <artifactId>woodstox-core-asl</artifactId>
-            <version>4.1.1</version>
-        </dependency>-->
-        <dependency>
-            <groupId>org.codehaus.woodstox</groupId>
-            <artifactId>wstx-asl</artifactId>
-            <version>3.2.9</version>
-        </dependency>
-        <dependency>
-            <groupId>commons-logging</groupId>
-            <artifactId>commons-logging</artifactId>
-            <version>1.1.1</version>
-        </dependency>
-        <dependency>
-            <groupId>commons-codec</groupId>
-            <artifactId>commons-codec</artifactId>
-            <version>1.4</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.neethi</groupId>
-            <artifactId>neethi</artifactId>
-            <version>2.0.4</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>org.codehaus.woodstox</groupId>
-                    <artifactId>wstx-asl</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-        <dependency>
-            <groupId>org.opensaml</groupId>
-            <artifactId>opensaml</artifactId>
-            <version>${opensaml.version}</version>
-            <scope>compile</scope>
-            <exclusions>
-                <exclusion>
-                    <groupId>velocity</groupId>
-                    <artifactId>velocity</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.slf4j</groupId>
-                    <artifactId>log4j-over-slf4j</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.slf4j</groupId>
-                    <artifactId>jcl-over-slf4j</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.slf4j</groupId>
-                    <artifactId>jul-to-slf4j</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.bouncycastle</groupId>
-                    <artifactId>bcprov-ext-jdk15</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.bouncycastle</groupId>
-                    <artifactId>bcprov-jdk15</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>ca.juliusdavies</groupId>
-                    <artifactId>not-yet-commons-ssl</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>net.jcip</groupId>
-                    <artifactId>jcip-annotations</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>xml-resolver</groupId>
-                    <artifactId>xml-resolver</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>xerces</groupId>
-                    <artifactId>xercesImpl</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>xalan</groupId>
-                    <artifactId>xalan</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>commons-codec</groupId>
-                    <artifactId>commons-codec</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>commons-httpclient</groupId>
-                    <artifactId>commons-httpclient</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>commons-lang</groupId>
-                    <artifactId>commons-lang</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>commons-collections</groupId>
-                    <artifactId>commons-collections</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.apache.santuario</groupId>
-                    <artifactId>xmlsec</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.santuario</groupId>
-            <artifactId>xmlsec</artifactId>
-            <version>${xmlsec.version}</version>
-            <scope>compile</scope>
-        </dependency>
-        <dependency>
-            <groupId>jcs</groupId>
-            <artifactId>jcs</artifactId>
-            <version>1.3</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>javax.sql</groupId>
-                    <artifactId>jdbc-stdext</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>commons-dbcp</groupId>
-                    <artifactId>commons-dbcp</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>commons-pool</groupId>
-                    <artifactId>commons-pool</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>mysql</groupId>
-                    <artifactId>mysql-connector-java</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>hsqldb</groupId>
-                    <artifactId>hsqldb</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>log4j</groupId>
-                    <artifactId>log4j</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>servletapi</groupId>
-                    <artifactId>servletapi</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>tomcat</groupId>
-                    <artifactId>tomcat-util</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>velocity</groupId>
-                    <artifactId>velocity</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>junit</groupId>
-                    <artifactId>junit</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>xmlrpc</groupId>
-                    <artifactId>xmlrpc</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>xerces</groupId>
-                    <artifactId>xerces</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>xml-apis</groupId>
-                    <artifactId>xml-apis</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>berkeleydb</groupId>
-                    <artifactId>berkeleydb</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-
-        <dependency>
-            <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-rt-bindings-soap</artifactId>
-            <version>${cxf.version}</version>
-            <scope>provided</scope>
-            <exclusions>
-                <exclusion>
-                    <groupId>org.codehaus.woodstox</groupId>
-                    <artifactId>wstx-asl</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-
-        <dependency>
-            <groupId>log4j</groupId>
-            <artifactId>log4j</artifactId>
-            <version>1.2.14</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.testng</groupId>
-            <artifactId>testng</artifactId>
-            <version>5.14.2</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.ws.security</groupId>
-            <artifactId>wss4j</artifactId>
-            <version>1.6.0</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>javax.xml</groupId>
-            <artifactId>jaxrpc-api</artifactId>
-            <version>1.1</version>
-            <scope>test</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-rt-frontend-jaxws</artifactId>
-            <version>${cxf.version}</version>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-rt-transports-http-jetty</artifactId>
-            <version>${cxf.version}</version>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-rt-ws-security</artifactId>
-            <version>${cxf.version}</version>
-            <scope>provided</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>xalan</groupId>
-            <artifactId>xalan</artifactId>
-            <version>2.7.1</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>xalan</groupId>
-            <artifactId>serializer</artifactId>
-            <version>2.7.1</version>
-            <scope>test</scope>
-        </dependency>
-        <!--
-                <dependency>
-                    <groupId>ch.gigerstyle</groupId>
-                    <artifactId>xmlGen</artifactId>
-                    <version>0.1</version>
-                </dependency>
-        -->
-    </dependencies>
     <build>
         <plugins>
             <plugin>
-                <groupId>org.jvnet.jaxb2.maven2</groupId>
-                <artifactId>maven-jaxb2-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <phase>generate-sources</phase>
-                        <goals>
-                            <goal>generate</goal>
-                        </goals>
-                    </execution>
-                </executions>
-                <configuration>
-                    <includeSchemas>
-                        <includeSchema>security-config.xsd</includeSchema>
-                    </includeSchemas>
-                    <readOnly>true</readOnly>
-                </configuration>
-            </plugin>
-            <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
                 <configuration>
-                    <source>1.5</source>
-                    <target>1.5</target>
+                    <source>1.6</source>
+                    <target>1.6</target>
                 </configuration>
             </plugin>
             <plugin>
@@ -344,90 +79,10 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <groups>${test.groups}</groups>
-                    <argLine>-Xmx2000m</argLine>
-                    <excludes>
-                        <exclude>**/ProfilingTest.java</exclude>
-                        <exclude>**/PerformanceMemoryTest.java</exclude>
-                        <exclude>**/PerformanceTimingTest.java</exclude>
-                    </excludes>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.cxf</groupId>
-                <artifactId>cxf-codegen-plugin</artifactId>
-                <version>${cxf.version}</version>
-                <executions>
-                    <execution>
-                        <id>generate-test-sources</id>
-                        <phase>generate-test-sources</phase>
-                        <configuration>
-                            <wsdlOptions>
-                                <wsdlOption>
-                                    <wsdl>${project.basedir}/src/test/resources/integration/helloWorld.wsdl</wsdl>
-                                </wsdlOption>
-                            </wsdlOptions>
-                            <sourceRoot>${build.directory}/generated-test-sources</sourceRoot>
-                        </configuration>
-                        <goals>
-                            <goal>wsdl2java</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>build-helper-maven-plugin</artifactId>
-                <version>1.5</version>
-                <executions>
-                    <execution>
-                        <id>add-test-source</id>
-                        <phase>generate-test-sources</phase>
-                        <goals>
-                            <goal>add-test-source</goal>
-                        </goals>
-                        <configuration>
-                            <sources>
-                                <source>${build.directory}/generated-test-sources</source>
-                            </sources>
-                        </configuration>
-                    </execution>
-                </executions>
+                <version>2.9</version>
             </plugin>
         </plugins>
     </build>
-    <profiles>
-        <profile>
-            <id>jdk15</id>
-            <activation>
-                <activeByDefault>true</activeByDefault>
-                <jdk>1.5</jdk>
-            </activation>
-            <dependencies>
-                <dependency>
-                    <groupId>org.bouncycastle</groupId>
-                    <artifactId>bcprov-jdk15</artifactId>
-                    <version>${bcprov.version}</version>
-                    <scope>test</scope>
-                </dependency>
-            </dependencies>
-        </profile>
-        <profile>
-            <id>jdk16</id>
-            <activation>
-                <jdk>1.6</jdk>
-            </activation>
-            <dependencies>
-                <dependency>
-                    <groupId>org.bouncycastle</groupId>
-                    <artifactId>bcprov-jdk16</artifactId>
-                    <version>${bcprov.version}</version>
-                    <scope>test</scope>
-                </dependency>
-            </dependencies>
-        </profile>
-    </profiles>
     <reporting>
         <plugins>
             <plugin>
@@ -448,8 +103,8 @@
                 <artifactId>maven-pmd-plugin</artifactId>
                 <version>2.5</version>
                 <configuration>
-                    <linkXref>true</linkXref>
                     <sourceEncoding>utf-8</sourceEncoding>
+                    <linkXRef>true</linkXRef>
                     <minimumTokens>100</minimumTokens>
                     <targetJdk>1.5</targetJdk>
                 </configuration>

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/pom.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/pom.xml?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/pom.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/pom.xml Sun Sep 18 13:51:23 2011
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>org.swssf</groupId>
+        <artifactId>swssf</artifactId>
+        <version>1.0.0</version>
+    </parent>
+    <groupId>org.swssf</groupId>
+    <artifactId>streaming-ws-policy</artifactId>
+    <version>1.0.0</version>
+    <name>Streaming WebService Policy</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.swssf</groupId>
+            <artifactId>streaming-ws-security</artifactId>
+            <version>1.0.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.swssf</groupId>
+            <artifactId>streaming-ws-security</artifactId>
+            <version>1.0.0</version>
+            <classifier>tests</classifier>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.testng</groupId>
+            <artifactId>testng</artifactId>
+            <version>5.14.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.ws.security</groupId>
+            <artifactId>wss4j</artifactId>
+            <version>1.6.0</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>javax.xml</groupId>
+            <artifactId>jaxrpc-api</artifactId>
+            <version>1.1</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>xalan</groupId>
+            <artifactId>xalan</artifactId>
+            <version>2.7.1</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>xalan</groupId>
+            <artifactId>serializer</artifactId>
+            <version>2.7.1</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+</project>

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/OperationPolicy.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/OperationPolicy.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/OperationPolicy.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/OperationPolicy.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy;
+
+import org.apache.neethi.Policy;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class OperationPolicy {
+
+    private String operationName;
+    private String operationAction;
+    private Policy policy;
+    private String soapMessageVersionNamespace;
+
+    public OperationPolicy(String operationName) {
+        this.operationName = operationName;
+    }
+
+    public String getOperationName() {
+        return operationName;
+    }
+
+    public void setOperationName(String operationName) {
+        this.operationName = operationName;
+    }
+
+    public String getOperationAction() {
+        return operationAction;
+    }
+
+    public void setOperationAction(String operationAction) {
+        this.operationAction = operationAction;
+    }
+
+    public Policy getPolicy() {
+        return policy;
+    }
+
+    public void setPolicy(Policy policy) {
+        this.policy = policy;
+    }
+
+    public String getSoapMessageVersionNamespace() {
+        return soapMessageVersionNamespace;
+    }
+
+    public void setSoapMessageVersionNamespace(String soapMessageVersionNamespace) {
+        this.soapMessageVersionNamespace = soapMessageVersionNamespace;
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (!(obj instanceof OperationPolicy)) {
+            return false;
+        }
+        OperationPolicy other = (OperationPolicy) obj;
+        if (getOperationName().equals(other.getOperationName())) {
+            return true;
+        }
+        return false;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/OperationPolicy.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,306 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.neethi.*;
+import org.swssf.ext.WSSecurityException;
+import org.swssf.policy.assertionStates.AssertionState;
+import org.swssf.policy.secpolicy.WSSPolicyException;
+import org.swssf.policy.secpolicy.model.AbstractSecurityAssertion;
+import org.swssf.securityEvent.*;
+
+import java.util.*;
+
+/**
+ * The PolicyEnforcer verifies the Policy assertions
+ * The Assertion will be validated in realtime as far as possible
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class PolicyEnforcer implements SecurityEventListener {
+
+    protected static final transient Log log = LogFactory.getLog(PolicyEnforcer.class);
+
+    private List<OperationPolicy> operationPolicies;
+    private OperationPolicy effectivePolicy;
+    private Map<SecurityEvent.Event, Map<Assertion, List<AssertionState>>> assertionStateMap;
+    private ArrayDeque<SecurityEvent> securityEventQueue = new ArrayDeque<SecurityEvent>();
+    private boolean messageSignatureSecurityEventProcessed = false;
+    private boolean messageEncryptionSecurityEventProcessed = false;
+    private Map<String, TokenSecurityEvent> processedSecurityTokens = new HashMap<String, TokenSecurityEvent>();
+    private boolean transportSecurityActive = false;
+
+    public PolicyEnforcer(List<OperationPolicy> operationPolicies, String soapAction) throws WSSPolicyException {
+        this.operationPolicies = operationPolicies;
+        assertionStateMap = initAssertionStateMap();
+
+        if (soapAction != null && !soapAction.equals("")) {
+            effectivePolicy = findPolicyBySOAPAction(operationPolicies, soapAction);
+            if (effectivePolicy != null) {
+                buildAssertionStateMap(effectivePolicy.getPolicy(), assertionStateMap);
+            }
+        }
+    }
+
+    private OperationPolicy findPolicyBySOAPAction(List<OperationPolicy> operationPolicies, String soapAction) {
+        for (int i = 0; i < operationPolicies.size(); i++) {
+            OperationPolicy operationPolicy = operationPolicies.get(i);
+            if (soapAction.equals(operationPolicy.getOperationAction())) {
+                return operationPolicy;
+            }
+        }
+        return null;
+    }
+
+    private OperationPolicy findPolicyBySOAPOperationName(List<OperationPolicy> operationPolicies, String soapOperationName) {
+        for (int i = 0; i < operationPolicies.size(); i++) {
+            OperationPolicy operationPolicy = operationPolicies.get(i);
+            if (soapOperationName.equals(operationPolicy.getOperationName())) {
+                return operationPolicy;
+            }
+        }
+        return null;
+    }
+
+    private Map<SecurityEvent.Event, Map<Assertion, List<AssertionState>>> initAssertionStateMap() {
+        Map<SecurityEvent.Event, Map<Assertion, List<AssertionState>>> assertionStateMap = new HashMap<SecurityEvent.Event, Map<Assertion, List<AssertionState>>>();
+
+        for (SecurityEvent.Event securityEvent : SecurityEvent.Event.values()) {
+            assertionStateMap.put(securityEvent, new HashMap<Assertion, List<AssertionState>>());
+        }
+
+        return assertionStateMap;
+    }
+
+    private void buildAssertionStateMap(PolicyComponent policyComponent, Map<SecurityEvent.Event, Map<Assertion, List<AssertionState>>> assertionStateMap) throws WSSPolicyException {
+        if (policyComponent instanceof PolicyOperator) {
+            PolicyOperator policyOperator = (PolicyOperator) policyComponent;
+            @SuppressWarnings("unchecked")
+            List<PolicyComponent> policyComponents = policyOperator.getPolicyComponents();
+            for (int i = 0; i < policyComponents.size(); i++) {
+                PolicyComponent curPolicyComponent = policyComponents.get(i);
+                buildAssertionStateMap(curPolicyComponent, assertionStateMap);
+            }
+        } else if (policyComponent instanceof AbstractSecurityAssertion) {
+            AbstractSecurityAssertion abstractSecurityAssertion = (AbstractSecurityAssertion) policyComponent;
+            abstractSecurityAssertion.getAssertions(assertionStateMap, effectivePolicy);
+        } else {
+            throw new WSSPolicyException("Unknown PolicyComponent: " + policyComponent + " " + policyComponent.getType());
+        }
+    }
+
+    /**
+     * tries to verify a SecurityEvent in realtime.
+     *
+     * @param securityEvent
+     * @throws WSSPolicyException
+     */
+    private void verifyPolicy(SecurityEvent securityEvent) throws WSSPolicyException {
+
+        if (securityEvent instanceof TokenSecurityEvent
+                && !(securityEvent instanceof HttpsTokenSecurityEvent)
+                && !(securityEvent instanceof EncryptionTokenSecurityEvent)
+                && !(securityEvent instanceof SignatureTokenSecurityEvent)) {
+            //safety check: message tokens or supporting tokens are only allowed
+            throw new WSSPolicyException("Illegal security event received: " + securityEvent);
+        }
+
+        if (log.isDebugEnabled()) {
+            log.debug("Verifying SecurityEvent: " + securityEvent.getSecurityEventType());
+            if (securityEvent.getSecurityEventType() == SecurityEvent.Event.AlgorithmSuite) {
+                log.debug("Algo: " + ((AlgorithmSuiteSecurityEvent) securityEvent).getAlgorithmURI());
+                log.debug("KeyUsage: " + ((AlgorithmSuiteSecurityEvent) securityEvent).getKeyUsage());
+            }
+        }
+
+
+        Map<Assertion, List<AssertionState>> assertionListMap = assertionStateMap.get(securityEvent.getSecurityEventType());
+        if (assertionListMap != null && assertionListMap.size() > 0) {
+            int notAssertedCount = 0;
+            //every map entry counts as an alternative...
+            for (Iterator<Map.Entry<Assertion, List<AssertionState>>> assertionStateIterator = assertionListMap.entrySet().iterator(); assertionStateIterator.hasNext(); ) {
+                Map.Entry<Assertion, List<AssertionState>> assertionStateEntry = assertionStateIterator.next();
+                List<AssertionState> assertionStates = assertionStateEntry.getValue();
+                for (int i = 0; i < assertionStates.size(); i++) {
+                    AssertionState assertionState = assertionStates.get(i);
+                    boolean asserted = assertionState.assertEvent(securityEvent);
+                    //...so if one fails, continue with the next map entry and increment the notAssertedCount
+                    if (!asserted) {
+                        notAssertedCount++;
+                        break;
+                    }
+                }
+            }
+            //if the notAssertedCount equals the size of the map (the size of the map is equal to the alternatives)
+            //then we could not satify any alternative
+            if (notAssertedCount == assertionListMap.size()) {
+                logFailedAssertions();
+                throw new PolicyViolationException("No policy alternative could be satisfied");
+            }
+        }
+    }
+
+    /**
+     * verifies the whole policy to try to find a satisfied alternative
+     *
+     * @throws WSSPolicyException       throws when the policy is invalid
+     * @throws PolicyViolationException thrown when no alternative could be satisifed
+     */
+    private void verifyPolicy() throws WSSPolicyException {
+        boolean isAsserted = verifyPolicy(effectivePolicy.getPolicy());
+        if (!isAsserted) {
+            logFailedAssertions();
+            throw new PolicyViolationException("No policy alternative could be satisfied");
+        }
+    }
+
+    private boolean verifyPolicy(PolicyComponent policyComponent) throws WSSPolicyException {
+
+        if (policyComponent instanceof PolicyOperator) {
+            PolicyOperator policyOperator = (PolicyOperator) policyComponent;
+            boolean isExactlyOne = policyOperator instanceof ExactlyOne;
+            @SuppressWarnings("unchecked")
+            List<PolicyComponent> policyComponents = policyOperator.getPolicyComponents();
+
+            boolean isAsserted = false;
+            for (int i = 0; i < policyComponents.size(); i++) {
+                PolicyComponent curPolicyComponent = policyComponents.get(i);
+                //recursive call until a satistfied alternative is found
+                isAsserted = verifyPolicy(curPolicyComponent);
+                if (isExactlyOne && isAsserted) {
+                    return true; //a satisfied alternative is found
+                } else if (!isExactlyOne && !isAsserted) {
+                    return false;
+                }
+            }
+            return isAsserted;
+        } else if (policyComponent instanceof AbstractSecurityAssertion) {
+            AbstractSecurityAssertion abstractSecurityAssertion = (AbstractSecurityAssertion) policyComponent;
+            return abstractSecurityAssertion.isAsserted(assertionStateMap);
+        } else if (policyComponent == null) {
+            throw new WSSPolicyException("Policy not found");
+        } else {
+            throw new WSSPolicyException("Unknown PolicyComponent: " + policyComponent + " " + policyComponent.getType());
+        }
+    }
+
+    private void logFailedAssertions() {
+        Set<Map.Entry<SecurityEvent.Event, Map<Assertion, List<AssertionState>>>> entrySet = assertionStateMap.entrySet();
+        Iterator<Map.Entry<SecurityEvent.Event, Map<Assertion, List<AssertionState>>>> entryIterator = entrySet.iterator();
+        while (entryIterator.hasNext()) {
+            Map.Entry<SecurityEvent.Event, Map<Assertion, List<AssertionState>>> eventCollectionEntry = entryIterator.next();
+            Map<Assertion, List<AssertionState>> assertionStates = eventCollectionEntry.getValue();
+            for (Iterator<Map.Entry<Assertion, List<AssertionState>>> assertionStateEntryIterator = assertionStates.entrySet().iterator(); assertionStateEntryIterator.hasNext(); ) {
+                Map.Entry<Assertion, List<AssertionState>> entry = assertionStateEntryIterator.next();
+                List<AssertionState> assertionState = entry.getValue();
+                for (int i = 0; i < assertionState.size(); i++) {
+                    AssertionState state = assertionState.get(i);
+                    log.error(state.getErrorMessage());
+                }
+            }
+        }
+    }
+
+    //multiple threads can call this method concurrently -> synchronize access
+    public synchronized void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException {
+
+        //we do decide here if we have a message signature/encryption or a supporting signature/encryption
+        //this information is not known in the WSS framework because it knows nothing
+        //about the transportToken
+        if (securityEvent.getSecurityEventType() == SecurityEvent.Event.TransportToken
+                || securityEvent.getSecurityEventType() == SecurityEvent.Event.SignatureToken) {
+            final TokenSecurityEvent tokenSecurityEvent = (TokenSecurityEvent) securityEvent;
+            if (!messageSignatureSecurityEventProcessed) {
+                messageSignatureSecurityEventProcessed = true;
+            } else {
+                securityEvent = new SupportingTokenSecurityEvent(SecurityEvent.Event.SupportingToken, tokenSecurityEvent);
+            }
+            processedSecurityTokens.put(tokenSecurityEvent.getSecurityToken().getId(), tokenSecurityEvent);
+        }
+        if (securityEvent.getSecurityEventType() == SecurityEvent.Event.TransportToken
+                || securityEvent.getSecurityEventType() == SecurityEvent.Event.EncryptionToken) {
+            final TokenSecurityEvent tokenSecurityEvent = (TokenSecurityEvent) securityEvent;
+            if (!messageEncryptionSecurityEventProcessed) {
+                messageEncryptionSecurityEventProcessed = true;
+            } else {
+                securityEvent = new SupportingTokenSecurityEvent(SecurityEvent.Event.SupportingToken, tokenSecurityEvent);
+            }
+            processedSecurityTokens.put(tokenSecurityEvent.getSecurityToken().getId(), tokenSecurityEvent);
+        }
+        if (securityEvent.getSecurityEventType() == SecurityEvent.Event.TransportToken) {
+            transportSecurityActive = true;
+        }
+
+        if (effectivePolicy != null) {
+            //soap-action spoofing detection
+            if (securityEvent.getSecurityEventType().equals(SecurityEvent.Event.Operation)) {
+                if (!effectivePolicy.getOperationName().equals(((OperationSecurityEvent) securityEvent).getOperation().getLocalPart())) {
+                    throw new WSSPolicyException("SOAPAction (" + effectivePolicy.getOperationName() + ") does not match with the current Operation: " + ((OperationSecurityEvent) securityEvent).getOperation());
+                }
+            }
+            verifyPolicy(securityEvent);
+        } else {
+
+            if (securityEvent.getSecurityEventType().equals(SecurityEvent.Event.Operation)) {
+                effectivePolicy = findPolicyBySOAPOperationName(operationPolicies, ((OperationSecurityEvent) securityEvent).getOperation().getLocalPart());
+                if (effectivePolicy == null) {
+                    //no policy to the operation given
+                    effectivePolicy = new OperationPolicy("NoPolicyFoundForOperation");
+                    effectivePolicy.setPolicy(new Policy());
+                }
+                buildAssertionStateMap(effectivePolicy.getPolicy(), assertionStateMap);
+
+                Iterator<SecurityEvent> securityEventIterator = securityEventQueue.descendingIterator();
+                while (securityEventIterator.hasNext()) {
+                    SecurityEvent prevSecurityEvent = securityEventIterator.next();
+
+                    if (prevSecurityEvent instanceof TokenSecurityEvent) {
+                        final TokenSecurityEvent tokenSecurityEvent = (TokenSecurityEvent) prevSecurityEvent;
+                        String id = tokenSecurityEvent.getSecurityToken().getId();
+                        if (!processedSecurityTokens.containsKey(id)) {
+                            prevSecurityEvent = new SupportingTokenSecurityEvent(SecurityEvent.Event.SupportingToken, tokenSecurityEvent);
+                            processedSecurityTokens.put(id, tokenSecurityEvent);
+                        }
+                    }
+                    verifyPolicy(prevSecurityEvent);
+                }
+
+            } else {
+                //queue event until policy is resolved
+                securityEventQueue.push(securityEvent);
+            }
+        }
+    }
+
+    /**
+     * the final Policy validation to find a satisfied alternative
+     *
+     * @throws PolicyViolationException if no alternative could be satisfied
+     */
+    public void doFinal() throws WSSPolicyException {
+        verifyPolicy();
+    }
+
+    public boolean isTransportSecurityActive() {
+        return transportSecurityActive;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision



Mime
View raw message