[jboss-svn-commits] JBL Code SVN: r21596 - in labs/jbossesb/branches/JBESB_4_4_GA_CP/product: docs and 46 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Mon Aug 18 04:31:22 EDT 2008
Author: beve
Date: 2008-08-18 04:31:22 -0400 (Mon, 18 Aug 2008)
New Revision: 21596
Added:
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/jboss-security-spi.jar
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/jbosssx.jar
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/servlet-api.jar
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/AMConfig.properties
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/CertCallbackHandler.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/EsbCallbackHandler.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/UserPassCallbackHandler.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/jaas/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfig.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceException.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/actions/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractor.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractor.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/UsernameToken.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/smooks-ws-security.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Group.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Role.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/User.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas/AMConfig.properties
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityContextUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestLoginModule.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestPrincipal.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/UserPassLoginModule.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractorUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractorUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/keystore
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityTokenTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractorUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/cert-example.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/smooks-config.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-keys-example.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-userpass-example.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/GroupUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/RoleUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/build.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/deployment.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jaas.login
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbm-queue-service.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbmq-queue-service.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jboss-esb.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbossesb-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jndi.properties
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/keystore
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/lib/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/log4j.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/readme.txt
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/PrintSubjectAction.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/SendMessage.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_01.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_02.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/webservice/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/webservice/GoodbyeWorldWS.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/resources/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/resources/WEB-INF/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/resources/WEB-INF/web.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/view/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/view/index.jsp
Modified:
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.odt
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/etc/schemas/xml/jbossesb-1.0.1.xsd
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivy.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivysettings.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/build.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Environment.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/util/ClassUtil.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml
Log:
Work for JBESB-1655 "Platform-based security for SSO and message-based interactions"
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.odt
===================================================================
(Binary files differ)
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/etc/schemas/xml/jbossesb-1.0.1.xsd
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/etc/schemas/xml/jbossesb-1.0.1.xsd 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/etc/schemas/xml/jbossesb-1.0.1.xsd 2008-08-18 08:31:22 UTC (rev 21596)
@@ -261,6 +261,7 @@
</xsd:annotation>
<xsd:complexType>
<xsd:sequence>
+ <xsd:element maxOccurs="1" minOccurs="0" ref="jesb:security" />
<xsd:element maxOccurs="unbounded" minOccurs="0"
ref="jesb:property" />
<xsd:element maxOccurs="1" minOccurs="0"
@@ -393,6 +394,48 @@
</xsd:complexType>
</xsd:element>
+ <xsd:element name="security">
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element maxOccurs="unbounded" minOccurs="0" ref="jesb:property" />
+ </xsd:sequence>
+ <xsd:attribute name="runAs" type="xsd:string" use="optional">
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ Is used to specify that a specific security role given by the role-name value should be used
+ as the security identity for this service.
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ <xsd:attribute name="moduleName" type="xsd:string" use="required">
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ <xsd:attribute name="useCallerIdentity" type="xsd:string" use="optional">
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ Is used to indicate that the current caller's identity should be propagated as the security identity
+ this service.
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ <xsd:attribute name="callbackHandler" type="xsd:string" use="optional">
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ CallbackHandler implementation class. This will override the global callbackhandler
+ which can be specified in jbossesb-properties.xml
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+
<!-- 88888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888
Listener base types.
88888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888-->
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivy.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivy.xml 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivy.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -60,5 +60,10 @@
<dependency org="com.thoughtworks.xstream" name="xstream" rev="1.2.2"/>
<dependency org="apache-bsf" name="bsf" rev="2.3.0"/>
<dependency org="beanshell" name="bsh" rev="1.3.0"/>
+
+ <!-- Smooks dependencies -->
+ <dependency org="milyn" name="milyn-smooks-core" rev="1.0.1"/>
+ <dependency org="milyn" name="milyn-commons" rev="1.0"/>
+ <dependency org="milyn" name="milyn-smooks-javabean" rev="1.0.1"/>
</dependencies>
</ivy-module>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivysettings.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivysettings.xml 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/ivysettings.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -6,6 +6,9 @@
<artifact pattern="http://repository.jboss.org/maven2/[organisation]/[artifact]/[revision]/[artifact]-[revision].[ext]"/>
</url>
<ibiblio name="ibiblio" m2compatible="true" />
+ <url name="milyn" m2compatible="true">
+ <artifact pattern="http://dist.codehaus.org/[organisation]/[artifact]/[revision]/[artifact]-[revision].[ext]"/>
+ </url>
</chain>
</resolvers>
-</ivysettings>
\ No newline at end of file
+</ivysettings>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/jboss-security-spi.jar
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/jboss-security-spi.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/jbosssx.jar
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/jbosssx.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/servlet-api.jar
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/lib/ext/servlet-api.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/build.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/build.xml 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/build.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -91,6 +91,7 @@
>
<fileset dir="${org.jboss.esb.rosetta.src.dir}" includes="**/*.groovy"/>
<fileset dir="${org.jboss.esb.rosetta.src.dir}" includes="**/*.properties"/>
+ <fileset dir="${org.jboss.esb.rosetta.src.dir}" includes="org/jboss/soa/esb/services/security/auth/ws/smooks-ws-security.xml"/>
</jar>
<jar destfile="${org.jboss.esb.rosetta.distrib.dir}/lib/test-util.jar" manifest="${org.jboss.esb.rosetta.classes.dir}/MANIFEST.MF">
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/AMConfig.properties
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/AMConfig.properties (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/AMConfig.properties 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,429 @@
+#
+# The contents of this file are subject to the terms
+# of the Common Development and Distribution License
+# (the License). You may not use this file except in
+# compliance with the License.
+#
+# You can obtain a copy of the License at
+# https://opensso.dev.java.net/public/CDDLv1.0.html or
+# opensso/legal/CDDLv1.0.txt
+# See the License for the specific language governing
+# permission and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL
+# Header Notice in each file and include the License file
+# at opensso/legal/CDDLv1.0.txt.
+# If applicable, add the following below the CDDL Header,
+# with the fields enclosed by brackets [] replaced by
+# your own identifying information:
+# "Portions Copyrighted [year] [name of copyright owner]"
+#
+# $Id: AMClient.properties,v 1.12 2008/03/04 00:25:12 beomsuk Exp $
+#
+# Copyright 2006 Sun Microsystems Inc. All Rights Reserved
+#
+
+/* The following keys are used to configure the Debug service.
+ * Possible values for the key 'level' are: off | error | warning | message.
+ * The key 'directory' specifies the output directory where the debug files
+ * will be created.
+ * Trailing spaces are significant.
+ * Windows: Use forward slashes "/" separate directories, not backslash "\".
+ * Windows: Spaces in the file name are allowed for Windows.
+ */
+com.iplanet.services.debug.level=message
+com.iplanet.services.debug.directory=/tmp
+
+/*
+ * Server mode should be 'false'
+ */
+com.iplanet.am.serverMode=false
+
+/*
+ * Cache enable / disable properties
+ */
+com.iplanet.am.sdk.caching.enabled=false
+com.sun.identity.idm.cache.enabled=false
+com.sun.identity.sm.cache.enabled=true
+
+/*
+ * Configure remote plugin classes for configuration (SMS)
+ */
+com.sun.identity.sm.sms_object_class_name=com.sun.identity.sm.jaxrpc.SMSJAXRPCObject
+
+/*
+ * Naming URL
+ */
+com.iplanet.am.naming.url=http://localhost:8080/opensso/namingservice
+
+/*
+ * Notification URL
+ */
+com.iplanet.am.notification.url=
+
+/*
+ * Security Credentails to read the configuration data
+ */
+com.sun.identity.agents.app.username=UrlAccessAgent
+com.iplanet.am.service.password=
+com.iplanet.am.service.secret=AQIC24u86rq9RRbx13mx0nb0uAGpxLdxGBY9
+
+/*
+ * Encryption key that will be used to encrypt and decypt
+ * data to communicate with the server.
+ * This key is needed to decrypt passwords stored
+ * in the SMS configuration.
+ */
+am.encryption.pwd=SAMPLE_RAND
+
+/*
+ * Encryption key that will be used to encrypt and decypt
+ * data used locally within the client.
+ */
+com.sun.identity.client.encryptionKey=SAMPLE_RAND
+
+/*
+ * Encryption: The key "com.iplanet.security.encryptor" specifies
+ * the encrypting class implementation.
+ * Available classes are:
+ * com.iplanet.services.util.JCEEncryption
+ * com.iplanet.services.util.JSSEncryption
+ */
+com.iplanet.security.encryptor=com.iplanet.services.util.JCEEncryption
+
+/*
+ * Property to enable/disable the notifications for am.sdk and IdRepo Caches.
+ * If set to "true" notifications are enabled and disabled if set to "false".
+ */
+com.sun.identity.idm.remote.notification.enabled=true
+
+/*
+ * Cache update time (in minutes) for am.sdk & IdRepo Caches
+ * if notification URL is not provided or if notifications are disabled.
+ * Note:
+ * 1. This property is applicable only if 'com.iplanet.am.notification.url'
+ * is not provided or if 'com.sun.identity.idm.remote.notification.enabled'
+ * is set to 'false'.
+ * 2. If the polling time is set as 0, then polling is disabled.
+ */
+com.iplanet.am.sdk.remote.pollingTime=1
+
+/*
+ * Property to enable/disable the notifications for service management caches.
+ * If set to "true" notifications are enabled and disabled if set to "false".
+ */
+com.sun.identity.sm.notification.enabled=true
+
+/*
+ * Cache update time (in minutes) for service configutation data,
+ * if notification URL is not provided or if notifications are disabled.
+ * Note:
+ * 1. This property is applicable only if 'com.iplanet.am.notification.url'
+ * is not provided or if 'com.sun.identity.sm.notification.enabled' is
+ * set to 'false'.
+ * 2. If the cache time is set as 0, then no cache updates will occur.
+ */
+com.sun.identity.sm.cacheTime=1
+
+/*
+ * Server protocol, host and port to be used by Client Services
+ */
+com.iplanet.am.server.protocol=http
+com.iplanet.am.server.host=localhost
+com.iplanet.am.server.port=8080
+com.iplanet.am.services.deploymentDescriptor=opensso
+com.iplanet.am.console.protocol=@CONSOLE_PROTOCOL@
+com.iplanet.am.console.host=@CONSOLE_HOST@
+com.iplanet.am.console.port=@CONSOLE_PORT@
+com.iplanet.am.console.deploymentDescriptor=@CONSOLE_DEPLOY_URI@
+com.iplanet.am.console.remote=@CONSOLE_REMOTE@
+
+com.iplanet.am.cookie.name=iPlanetDirectoryPro
+
+/*
+ * Session related properties.
+ */
+com.iplanet.am.session.client.polling.enable=true
+com.iplanet.am.session.client.polling.period=180
+
+/*
+ * Identify cert db directory path, prefix and password file
+ * to initialize JSS Socket Factory when Web Container is configured SSL
+ */
+com.iplanet.am.admin.cli.certdb.dir=
+com.iplanet.am.admin.cli.certdb.prefix=
+com.iplanet.am.admin.cli.certdb.passfile=//config/.wtpass
+
+/*
+ * Identify property value for SSL ApprovalCallback / HostnameVerifier
+ * If com.iplanet.services.comm is configured as protocol handler
+ * and the checkSubjectAltName or resolveIPAddress feature is enabled,
+ * cert8.db and key3.db with the prefix value of
+ * com.iplanet.am.admin.cli.certdb.prefix will have to be created under
+ * the directory of com.iplanet.am.admin.cli.certdb.dir before server is
+ * restarted.
+ */
+com.iplanet.am.jssproxy.trustAllServerCerts=false
+com.iplanet.am.jssproxy.checkSubjectAltName=false
+com.iplanet.am.jssproxy.resolveIPAddress=false
+com.iplanet.am.jssproxy.SSLTrustHostList=false
+
+/**************************************************************
+ * Policy Client parameters
+ **************************************************************/
+/* Policy decision log parameters. Possible values for logging.level
+ * are NONE, ALLOW, DENY, BOTH, and DECISION */
+com.sun.identity.agents.server.log.file.name=amRemotePolicyLog
+com.sun.identity.agents.logging.level=NONE
+
+/* Notification URL for updating cache */
+com.sun.identity.agents.notification.enabled=false
+com.sun.identity.agents.notification.url=
+
+/* Cache time in minutes */
+com.sun.identity.agents.polling.interval=3
+
+/* Information to cache. Possible value are "subtree" or "self" */
+com.sun.identity.policy.client.cacheMode=subtree
+
+/* Policy client clock skew value in seconds */
+com.sun.identity.policy.client.clockSkew=10
+
+/*
+* Explicitly disable monitoring services in the client applications.
+*/
+com.sun.identity.monitoring=off
+
+/*
+* Specify if allow to use cached data for HttpURLConnection
+*/
+com.sun.identity.urlconnection.useCache=false
+
+#
+# Specify implementation class for
+# com.sun.identity.plugin.configuration.ConfigurationInstance interface.
+com.sun.identity.plugin.configuration.class=com.sun.identity.plugin.configuration.impl.ConfigurationInstanceImpl
+
+#
+# Specify implementation class for
+# com.sun.identity.plugin.datastore.DataStoreProvider interface.
+# This property defines the default datastore provider.
+com.sun.identity.plugin.datastore.class.default=com.sun.identity.plugin.datastore.impl.IdRepoDataStoreProvider
+
+#
+# Specify implementation class for
+# com.sun.identity.plugin.session.SessionProvider interface.
+com.sun.identity.plugin.session.class=com.sun.identity.plugin.session.impl.FMSessionProvider
+
+#
+# Specify XML signature provider class
+com.sun.identity.saml.xmlsig.signatureprovider.class=com.sun.identity.saml.xmlsig.AMSignatureProvider
+
+#
+# Specify XML key provider implementation class
+com.sun.identity.saml.xmlsig.keyprovider.class=com.sun.identity.saml.xmlsig.JKSKeyProvider
+
+#
+# Identify SAML XML signature keystore file, keystore password file
+# and key password file
+com.sun.identity.saml.xmlsig.keystore=@BASE_DIR@/keystore.jks
+com.sun.identity.saml.xmlsig.storepass=@BASE_DIR@/.storepass
+com.sun.identity.saml.xmlsig.keypass=@BASE_DIR@/.keypass
+com.sun.identity.saml.xmlsig.certalias=test
+
+#
+# Specify type of KeyStore used for saml xml signature. Default is JKS.
+# com.sun.identity.saml.xmlsig.storetype=JKS
+
+#
+# Flag for checking the Certificate which is embedded in the
+# KeyInfo against the certificates in the keystore (specified
+# by the "com.sun.identity.saml.xmlsig.keystore" property).
+# Possible values for the key are: on|off. If the flag is "on",
+# the certification must be presented in the keystore for
+# XML signature validation. If the flag is "off", skip
+# the presence checking.
+com.sun.identity.saml.checkcert=on
+
+#
+# XML cannonicalization algorithm. Used for SAML XML signature generation
+# and verification. When not specified, or value is empty, default value
+# will be used. The following is the list of supported algorithms:
+# http://www.w3.org/2001/10/xml-exc-c14n# (default)
+# http://www.w3.org/2001/10/xml-exc-c14n#WithComments
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
+com.sun.identity.saml.xmlsig.c14nMethod=http://www.w3.org/2001/10/xml-exc-c14n#
+
+#
+# XML signature algorithm. Used for SAML XML Signature generation and
+# verification. When not specified, or value is empty, default value will be
+# used. The following is the list of supported algorithms:
+# http://www.w3.org/2000/09/xmldsig#rsa-sha1 (default)
+# http://www.w3.org/2000/09/xmldsig#hmac-sha1
+# http://www.w3.org/2000/09/xmldsig#dsa-sha1
+# http://www.w3.org/2001/04/xmldsig-more#rsa-md5
+# http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160
+# http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
+# http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
+# http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
+# http://www.w3.org/2001/04/xmldsig-more#hmac-md5
+# http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160
+# http://www.w3.org/2001/04/xmldsig-more#hmac-sha256
+# http://www.w3.org/2001/04/xmldsig-more#hmac-sha384
+# http://www.w3.org/2001/04/xmldsig-more#hmac-sha512
+com.sun.identity.saml.xmlsig.xmlSigAlgorithm=
+
+#
+# XML transformation algorithm. Used for SAML XML signature generation
+# and verification. When not specified, or value is empty, default value
+# will be used. The following is the list of supported algorithms:
+# http://www.w3.org/2001/10/xml-exc-c14n# (default)
+# http://www.w3.org/2001/10/xml-exc-c14n#WithComments
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
+# http://www.w3.org/TR/1999/REC-xslt-19991116
+# http://www.w3.org/2000/09/xmldsig#base64
+# http://www.w3.org/TR/1999/REC-xpath-19991116
+# http://www.w3.org/2000/09/xmldsig#enveloped-signature
+# http://www.w3.org/TR/2001/WD-xptr-20010108
+# http://www.w3.org/2002/04/xmldsig-filter2
+# http://www.w3.org/2002/06/xmldsig-filter2
+# http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter
+com.sun.identity.saml.xmlsig.transformAlg=http://www.w3.org/2001/10/xml-exc-c14n#
+
+
+#
+# SAML2 XML Encryption Provider Implementation class
+com.sun.identity.saml2.xmlenc.EncryptionProvider=com.sun.identity.saml2.xmlenc.FMEncProvider
+
+
+#
+# SAML2 XML Signing Provider Implementation class.
+com.sun.identity.saml2.xmlsig.SignatureProvider=com.sun.identity.saml2.xmlsig.FMSigProvider
+
+#
+# SAML2 XML Signing Certificate Validation.
+com.sun.identity.saml2.crl.check=false
+
+#
+# SAML2 XML Signing Certificate Validation.
+com.sun.identity.saml2.crl.check.ca=false
+
+#
+# Client ceritificate alias that will be used in SSL connection for Liberty
+# SOAP Binding
+com.sun.identity.liberty.ws.soap.certalias=
+
+#
+# If the message timestamp is before current timestamp by this amount
+# (millisec), it is considered a stale message.
+com.sun.identity.liberty.ws.soap.staleTimeLimit=300000
+
+#
+# All the messageID of a valid message will be stored in a cache with the it
+# is received to avoid duplicate messages. If the current time minus the
+# received time is greater than the above staleTimeLimit, it should be removed
+# from the cache. The is property specify the interval(millisec) that a
+# cleanup thread should check the cache and remove those messageID.
+com.sun.identity.liberty.ws.soap.messageIDCacheCleanupInterval=60000
+
+#
+# Supported SOAP actors. Each actor must be seperated by '|'
+com.sun.identity.liberty.ws.soap.supportedActors=http://schemas.xmlsoap.org/soap/actor/next
+
+#
+# Namespace prefix mapping used when marshalling a JAXB content tree to a
+# DOM tree. The syntax is
+# <prefix>=<namespace>|<prefix>=<namespace>|..........
+com.sun.identity.liberty.ws.jaxb.namespacePrefixMappingList=S=http://schemas.xmlsoap.org/soap/envelope/|sb=urn:liberty:sb:2003-08|pp=urn:liberty:id-sis-pp:2003-08|ispp=http://www.sun.com/identity/liberty/pp|is=urn:liberty:is:2003-08
+
+#
+# JAXB package list used when constructing JAXBContext. Each package must be
+# seperated by ':'.
+com.sun.identity.liberty.ws.jaxb.packageList=
+
+#
+# Liberty ID-WSF security profile,
+# com.sun.identity.liberty.ws.wsc.certalias specifies default certificate
+# alias for issuing web service security token for this web service client
+# com.sun.identity.liberty.ws.ta.certalias specifies certificate
+# alias for trusted authority that will be used to sign SAML or SAML
+# BEARER token of response message.
+# com.sun.identity.liberty.ws.trustedca.certaliases specifies certificate
+# aliases for trusted CA. SAML or SAML BEARER token of incoming request
+# message needs to be signed by a trusted CA in this list. The syntax is
+# <cert alias 1>[:<issuer 1>]|<cert alias 2>[:<issuer 2>]|.....
+# For example, 'myalias1:myissuer1|myalias2|myalias3:myissuer3
+# 'issuer' is used when the token doesn't have a KeyInfo inside the
+# signature. The 'issuer' of the token needs to be in this list and the
+# corresponding cert alias will be used to verify signature. If KeyInfo
+# exists, the keystore needs to contain a cert alias that matches the
+# KeyInfo and the cert alias needs to be in this list.
+# com.sun.identity.liberty.ws.security.TokenProviderImpl specifies
+# implementation for security token provider
+com.sun.identity.liberty.ws.wsc.certalias=
+com.sun.identity.liberty.ws.ta.certalias=
+com.sun.identity.liberty.ws.trustedca.certaliases=
+com.sun.identity.liberty.ws.security.TokenProviderImpl=com.sun.identity.liberty.ws.security.LibSecurityTokenProvider
+
+
+#
+# URL for WSPRedirectHandlerServlet to handle Liberty WSF WSP-resource owner
+# interactions based on user agent redirects. This should be running in
+# the same JVM where Liberty SP is running
+com.sun.identity.liberty.interaction.wspRedirectHandler=http://localhost:8080/opensso/WSPRedirectHandler
+
+
+#
+# indicates whether WSC would participate in interaction
+# valid values are interactIfNeeded | doNotInteract | doNotInteractForData
+# default value:interactIfNeeded
+# value used if an invalid value is specified:interactIfNeeded
+com.sun.identity.liberty.interaction.wscSpecifiedInteractionChoice=interactIfNeeded
+
+
+#
+# indicates whether WSC would include userInteractionHeader
+# valid values are yes|no (case ignored)
+# default value:yes
+# value used if no value is specified:yes
+com.sun.identity.liberty.interaction.wscWillInlcudeUserInteractionHeader=yes
+
+
+#
+# indicates whether WSC would redirect user for interaction
+# valid values are yes|no
+# default value:yes
+# value used if no value is specified:yes
+com.sun.identity.liberty.interaction.wscWillRedirect=yes
+
+
+#
+# WSC's preference on the acceptable duration for interaction(in seconds)
+# default value if the value is not specified or a non integer value is
+# specified : 60
+com.sun.identity.liberty.interaction.wscSpecifiedMaxInteractionTime=80
+
+
+#
+# indicates whether WSC would enforce that redirected to URL is https
+# valid values are yes|no (case ignored)
+# liberty specification require the value to be yes
+# default value:yes
+# value used if no value is specified:yes
+com.sun.identity.liberty.interaction.wscWillEnforceHttpsCheck=no
+
+
+#
+# This property is used to determine the Liberty identity web services framework
+# to be used when the framework can not determine from the in-bound message or
+# from the resource offering when AM is acting as the WSC.
+# The default version is 1.1, but the possible values are 1.0 or 1.1
+# com.sun.identity.liberty.wsf.version=1.1
+
+#
+# Login URL and Authentication web service URL for Liberty use cases
+com.sun.identity.loginurl=http://localhost:8080/opensso/UI/Login
+com.sun.identity.liberty.authnsvc.url=http://localhost:8080/opensso/Liberty/authnsvc
+
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/CertCallbackHandler.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/CertCallbackHandler.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/CertCallbackHandler.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,85 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.internal.soa.esb.services.security;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.ConfirmationCallback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class CertCallbackHandler implements EsbCallbackHandler
+{
+ private String keyStoreAlias;
+ private char[] keyPassword;
+
+ public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException
+ {
+ for (int i = 0; i < callbacks.length; i++)
+ {
+ if (callbacks[i] instanceof NameCallback)
+ {
+ NameCallback nc = (NameCallback) callbacks[i];
+ nc.setName(keyStoreAlias);
+ }
+ if ( callbacks[i] instanceof ConfirmationCallback )
+ {
+ ConfirmationCallback cb = (ConfirmationCallback) callbacks[i];
+ cb.setSelectedIndex(ConfirmationCallback.OK);
+ }
+ else if (callbacks[i] instanceof PasswordCallback)
+ {
+ PasswordCallback passcb = (PasswordCallback) callbacks[i];
+ passcb.setPassword(keyPassword);
+ }
+ }
+ }
+
+ public void setAuthenticationRequest(AuthenticationRequest authRequest) { }
+
+ public void setSecurityConfig(final SecurityConfig config)
+ {
+ if ( config != null )
+ {
+ Map<String, String> properties = config.getProperties();
+ // get the alias for the certificate to look for.
+ this.keyStoreAlias = properties.get("alias");
+
+ // get password for key in keystore(this is the keys password, not the keystores.
+ String keyPass = properties.get("keyPassword");
+ if ( keyPass != null )
+ this.keyPassword = keyPass.toCharArray();
+
+ keyPass = null;
+ }
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/EsbCallbackHandler.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/EsbCallbackHandler.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/EsbCallbackHandler.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.internal.soa.esb.services.security;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+
+/**
+ * EsbCallbackHandler extends CallbackHandler to proved access to
+ * an AuthenticationRequest instance, and SecurityConfig instance.
+ * <p/>
+ * This can be used to access security information, like principals and credentials
+ * needed by a callbacks.
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ *
+ */
+public interface EsbCallbackHandler extends CallbackHandler
+{
+ void setAuthenticationRequest(final AuthenticationRequest authRequest);
+
+ void setSecurityConfig(final SecurityConfig config);
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,356 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.internal.soa.esb.services.security;
+
+import java.net.URL;
+import java.security.Principal;
+import java.security.Security;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import org.apache.log4j.Logger;
+import org.jboss.internal.soa.esb.assertion.AssertArgument;
+import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityAssociation;
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.common.Configuration;
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.SecurityServiceException;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.principals.Group;
+import org.jboss.soa.esb.services.security.principals.Role;
+import org.jboss.soa.esb.util.ClassUtil;
+
+import com.sun.security.auth.login.ConfigFile;
+
+/**
+ * Concrete impl of a SecurityService in JBoss ESB that uses JAAS.
+ * <p/>
+ * This class is indented to be specified as the security implementation
+ * to be used with JBoss ESB. <br>
+ * This would be specified in jbossesb-properties.xml:
+ * <pre>
+ * {@literal
+ * <properties name="security">
+ * <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
+ * <property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
+ * <property name="org.jboss.soa.esb.services.security.configUrl" value="/jaas.login"/>
+ * </properties>
+ * </pre>}
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ * @Since 4.4
+ */
+public final class JaasSecurityService implements SecurityService
+{
+ /*
+ * Property name for login config urls.
+ */
+ private static final String LOGIN_CONFIG_URL_PREFIX = "login.config.url.";
+
+ /*
+ * Callback handler implementation name
+ */
+ private String callbackHandlerClassName;
+
+ /*
+ * Original login configuration e.g JBoss AS login configuration
+ */
+ private javax.security.auth.login.Configuration containerConfig;
+
+ /*
+ * Custom login configuration
+ */
+ private javax.security.auth.login.Configuration configuration;
+
+ private final Logger log = Logger.getLogger(JaasSecurityService.class);
+
+ /**
+ * Performs authentication of the passed in SecurityContext.
+ * </p>
+ *
+ * This method will first try to authenticate the authRequest by using a custom <br>
+ * javax.security.auth.login.Configuration, which would be the case where the <br>
+ * login module name specified exists in a jaas.login file.
+ * <br>
+ * If the login module name cannot be found in jaas.login then this method will <br>
+ * fall back and try to authenticate using a an underlying Configuration. This would <br>
+ * be the case when running in an appserver for instance.
+ *
+ * @param config - the security configuration. Properties from jboss-esb.xml
+ * @param securityContext - the security context to be used.
+ * @param authRequest - the authentication request to be processed.
+ * @throws SecurityServiceException
+ * @throws LoginException if the authentication fails
+ */
+ public void authenticate(final SecurityConfig config, SecurityContext securityContext, final AuthenticationRequest authRequest) throws SecurityServiceException
+ {
+ AssertArgument.isNotNull(securityContext, "securityContext");
+ AssertArgument.isNotNull(config, "config");
+
+ LoginContext loginContext;
+ final String runAs = config.getRunAs();
+ try
+ {
+ final EsbCallbackHandler callbackHandler = createCallbackHandler(config, authRequest);
+ try
+ {
+ // try to login with a standalone jaas login configuration file(for example jaas.login file)
+ loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject(), callbackHandler, getConfiguration());
+ }
+ catch (final LoginException ignore)
+ {
+ // fall back and try using the orginal configuration(for example jboss login-config.xml)
+ loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject(), callbackHandler, containerConfig);
+ }
+
+ // invoke the login process
+ loginContext.login();
+
+ // add a runAs group if specified
+ addRunAs(runAs, securityContext.getSubject());
+ }
+ catch (final LoginException e)
+ {
+ throw new SecurityServiceException("Exception while trying to login:", e);
+ }
+
+ final Subject subject = securityContext.getSubject();
+ final Principal principal = getPrincipal(subject);
+ // associate the subject with jboss security
+ SecurityAssociation.pushSubjectContext(subject, principal, subject.getPublicCredentials());
+
+ // associate the runAs role with jboss security
+ if ( runAs != null )
+ {
+ SecurityAssociation.pushRunAsIdentity(new RunAsIdentity(runAs, principal.getName()));
+ }
+ }
+
+ /**
+ * Determines if the passed in Subject has the role specified in the context.
+ * @return true - if the callers has the role
+ */
+ public boolean isCallerInRole( final Subject subject, final Principal role)
+ {
+ Set<java.security.acl.Group> principals = subject.getPrincipals(java.security.acl.Group.class);
+ for (java.security.acl.Group group : principals)
+ {
+ if ( group.isMember(role) )
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Configures by reading the value of the property 'org.jboss.soa.esb.services.security.configUrl'
+ * from jbossesb-properties, is one exists.
+ */
+ public void configure() throws ConfigurationException
+ {
+ try
+ {
+ containerConfig = javax.security.auth.login.Configuration.getConfiguration();
+ }
+ catch(final SecurityException ignore)
+ {
+ log.warn("Could not locate a security configuration");
+ }
+
+ final Properties securityProperties = Configuration.getSecurityServiceProperies();
+ final String loginConfigUrl = securityProperties.getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
+ if ( loginConfigUrl != null )
+ {
+ final URL loginUrl = ClassUtil.getResource(loginConfigUrl, getClass());
+ if ( loginUrl == null )
+ {
+ final String invalidPropertyMsg = "The value for property [" + Environment.SECURITY_SERVICE_CONFIG_URL +
+ "] must be a valid URL. This property should point to a file on the local file system or on the classpath.";
+ throw new ConfigurationException(invalidPropertyMsg);
+ }
+ addLoginConfig(loginUrl);
+ }
+
+ // get a EsbCallbackHandler if one is configured in jbossesb-properties.xml
+ callbackHandlerClassName = securityProperties.getProperty(Environment.SECURITY_SERVICE_CALLBACK_HANLDER_CLASS);
+ }
+
+ public void logout(SecurityConfig config)
+ {
+ // NoOp
+ }
+
+ public synchronized void refreshSecurityConfig()
+ {
+ if ( configuration != null )
+ {
+ log.info("Refreshing Security configuration");
+ configuration.refresh();
+ }
+ }
+
+ private Principal getPrincipal( final Subject subject)
+ {
+ for (Principal principal : subject.getPrincipals())
+ {
+ return principal;
+ }
+ return null;
+ }
+
+ /**
+ * Creates an instance of EsbCallbackHandler specified in either jboss-esb.xml:
+ * <pre>
+ * {@literal
+ * <security moduleName="OpenSSOLogin" runAs="adminRole" callbackHandler="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
+ * }</pre><br>
+ * or if one was not specified in jboss-esb.xml but one has been specified in jbossesb-properties.xml:
+ * <pre>
+ * {@literal
+ * <property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
+ * }</pre><br>
+ * After an instance has been created its {@link EsbCallbackHandler#setAuthenticationRequest(AuthenticationRequest)} method is called
+ * which gives the callback handler access to the authentication information.
+ *
+ * @param config - the security configuration information(from jboss-esb.xml)
+ * @param authRequest - the authentication request information
+ * @return EsbCallbackHandler - new instance with authReqeust set or null if no callback handler has been specified in either jboss-esb.xml or jbossesb-properties.xml
+ * @throws SecurityServiceException - if an EsbCallbackHandler has specified in the configuration but the implementation cannot be created.
+ */
+ private EsbCallbackHandler createCallbackHandler( final SecurityConfig config, final AuthenticationRequest authRequest ) throws SecurityServiceException
+ {
+ EsbCallbackHandler callbackHandler = null;
+
+ // check if a callbackhandler was specified in jboss-esb.xml
+ String callbackImpl = config.getCallbackHandler();
+ if ( callbackImpl == null )
+ {
+ // use the global callbackhandler that can be specified in jbossesb-properties.xml(optional)
+ callbackImpl = callbackHandlerClassName;
+ }
+
+ if ( callbackImpl != null )
+ {
+ callbackHandler = createNewInstance(callbackImpl);
+ // set the authReqeust so that the callback handler has access to the authentication information(Principals, Credentials)
+ callbackHandler.setAuthenticationRequest(authRequest);
+ // set the SecurityConfig so that the callbakc handler has access to the configuration information
+ callbackHandler.setSecurityConfig(config);
+ }
+ return callbackHandler;
+ }
+
+ private void addLoginConfig(final URL loginConfigUrl) throws ConfigurationException
+ {
+ if (loginConfigUrl == null)
+ {
+ throw new ConfigurationException("Could not locate the login config file at Url [" + loginConfigUrl + "]");
+ }
+
+ int urlIndex = 1;
+ boolean loginUrlRegistered = false;
+ String registeredLoginUrl;
+ while ((registeredLoginUrl = Security.getProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex)) != null)
+ {
+ loginUrlRegistered = registeredLoginUrl.equals(loginConfigUrl.toString());
+ if (loginUrlRegistered)
+ {
+ break;
+ }
+ else
+ {
+ urlIndex++;
+ }
+ }
+
+ if (!loginUrlRegistered)
+ {
+ log.info("Adding file [ " + loginConfigUrl + "] as [" + LOGIN_CONFIG_URL_PREFIX + urlIndex + "]");
+ Security.setProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex, loginConfigUrl.toExternalForm());
+ setConfiguration(new ConfigFile());
+ }
+ }
+
+ private synchronized javax.security.auth.login.Configuration getConfiguration()
+ {
+ return configuration;
+ }
+
+ private synchronized void setConfiguration(final javax.security.auth.login.Configuration configuration)
+ {
+ this.configuration = configuration;
+ }
+
+ private void addRunAs( final String runAs, final Subject subject )
+ {
+ if ( runAs != null )
+ {
+ final Role runAsRole = new Role(runAs);
+ Set<Group> principals = subject.getPrincipals(Group.class);
+ if ( principals.isEmpty() )
+ {
+ final Group group = new Group("Roles");
+ group.addMember(runAsRole);
+ subject.getPrincipals().add(group);
+ }
+ else
+ {
+ for (Group groups : principals)
+ {
+ if ( "Roles".equals(groups.getName()) )
+ {
+ groups.addMember(runAsRole);
+ }
+ }
+ }
+ }
+ }
+
+ private <T extends EsbCallbackHandler> T createNewInstance( final String className ) throws SecurityServiceException
+ {
+ try
+ {
+ @SuppressWarnings("unchecked")
+ Class<T> forName = ClassUtil.forName(className, getClass());
+ return forName.newInstance();
+ }
+ catch (final ClassNotFoundException e)
+ {
+ throw new SecurityServiceException("ClassNotFoundException while trying to create an impl of [" + className + "]", e);
+ }
+ catch (final InstantiationException e)
+ {
+ throw new SecurityServiceException("InstantiationException while trying to create an impl of [" + className + "]", e);
+ }
+ catch (final IllegalAccessException e)
+ {
+ throw new SecurityServiceException("IllegalAccess while trying to create an impl of [" + className + "]", e);
+ }
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/UserPassCallbackHandler.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/UserPassCallbackHandler.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/UserPassCallbackHandler.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,84 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.internal.soa.esb.services.security;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.log4j.Logger;
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class UserPassCallbackHandler implements EsbCallbackHandler
+{
+ private Logger log = Logger.getLogger(UserPassCallbackHandler.class);
+
+ private AuthenticationRequest authRequest;
+
+ public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException
+ {
+ log.debug("Nr of callback to handle : " + callbacks.length);
+ for (int i = 0; i < callbacks.length; i++)
+ {
+ log.debug("Callback" + callbacks[i].getClass().getName());
+ if (callbacks[i] instanceof NameCallback)
+ {
+ NameCallback nc = (NameCallback) callbacks[i];
+ nc.setName(authRequest.getPrincipal().getName());
+ }
+ else if (callbacks[i] instanceof PasswordCallback)
+ {
+ PasswordCallback pc = (PasswordCallback) callbacks[i];
+ for (Object object : authRequest.getCredentials() )
+ {
+ if ( object instanceof char[] )
+ {
+ pc.setPassword((char[]) object);
+ }
+ else if ( object instanceof String )
+ {
+ pc.setPassword( ((String) object).toCharArray() );
+ }
+ }
+ }
+ else
+ {
+ throw new UnsupportedCallbackException(callbacks[i], "UserPassCallbackHandler");
+ }
+ }
+ }
+
+ public void setAuthenticationRequest(AuthenticationRequest authRequest)
+ {
+ this.authRequest = authRequest;
+ }
+
+ public void setSecurityConfig(SecurityConfig config) { }
+}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -36,6 +36,8 @@
import org.jboss.soa.esb.helpers.NamingContextException;
import org.jboss.soa.esb.helpers.NamingContextPool;
+import com.arjuna.common.util.propertyservice.PropertyManager;
+
public class Configuration
{
private static Logger _logger = Logger.getLogger(Configuration.class);
@@ -448,4 +450,29 @@
throw new ConfigurationException("Unexpected exception while accessing naming context pool", nce) ;
}
}
+
+ /**
+ * The SecurityService Implememtation Class
+ *
+ * @return String the fully qualified name of the ServiceService implementation class
+ */
+ public static String getSecurityServiceImplementationClass()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_IMPEMENTATION_CLASS);
+ }
+
+ public static String getSecurityServiceConfigUrl()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
+ }
+
+ public static String getSecurityServiceCallbackHandlerImplClass()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_CALLBACK_HANLDER_CLASS);
+ }
+
+ public static Properties getSecurityServiceProperies()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperties();
+ }
}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Environment.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Environment.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Environment.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -218,6 +218,14 @@
public static final String MESSAGE_TRACE = "org.jboss.soa.esb.messagetrace"; // on or off
public static final String PER_MESSAGE_TRACE = "org.jboss.soa.esb.permessagetrace"; // on or off
+ /**
+ * The SecurityService Implementation class
+ */
+ public static final String SECURITY_SERVICE_IMPEMENTATION_CLASS = "org.jboss.soa.esb.services.security.implementationClass";
+ public static final String SECURITY_SERVICE_CALLBACK_HANLDER_CLASS = "org.jboss.soa.esb.services.security.callbackHandler";
+ public static final String SECURITY_SERVICE_CALLBACK = "org.jboss.soa.esb.services.security.callback_";
+ public static final String SECURITY_SERVICE_CONFIG_URL = "org.jboss.soa.esb.services.security.configUrl";
+
// Configuration options for the Naming Context pooling.
/**
* The maximum pool size.
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -101,6 +101,8 @@
public static final String DBSTORE_MODULE = "dbstore";
public static final String FILTER_MODULE = "filters";
+
+ public static final String SECURITY_MODULE = "security";
/**
* Get the property manager responsible for the module component in the
@@ -143,12 +145,9 @@
try
{
- PropertyManager propertyManager = PropertyManagerFactory
- .getPropertyManager(
- "org.jboss.soa.esb.propertymanager." + name, name);
+ PropertyManager propertyManager = PropertyManagerFactory.getPropertyManager("org.jboss.soa.esb.propertymanager." + name, name);
- String propertiesFilename = System.getProperty(
- Environment.PROPERTIES_FILE, Environment.DEFAULT_PROPERTY_FILE);
+ String propertiesFilename = System.getProperty(Environment.PROPERTIES_FILE, Environment.DEFAULT_PROPERTY_FILE);
/*
* Does not cause reloading of the same file over and over. Once it is
@@ -157,8 +156,7 @@
try
{
- propertyManager.load(XMLFilePlugin.class.getName(),
- propertiesFilename);
+ propertyManager.load(XMLFilePlugin.class.getName(), propertiesFilename);
}
catch (LoadPropertiesException ex)
{
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -72,7 +72,17 @@
public static final String NORMAL_COMPLETION_METHOD_TAG = "okMethod";
public static final String EXCEPTION_METHOD_TAG = "exceptionMethod";
public static final String HTTP_ROUTER_ROUTE_URL = "routeUrl";
+ public static final String SECURITY_TAG = "security";
+ public static final String AUTHENTICATION_TAG = "authentication";
+ public static final String LOGIN_CONFIG_TAG = "login-config";
+ public static final String CONFIG_POLICY_TAG = "policy-config";
+ public static final String CONFIG_POLICY_FILE_TAG = "file";
+ public static final String RUN_AS_TAG = "runAs";
+ public static final String USE_CALLERS_IDENTIDY_TAG = "useCallersIdentity";
+ public static final String MODULE_NAME_TAG = "moduleName";
+ public static final String CALLBACK_HANDLER_TAG = "callbackHandler";
+
public static final String MEP_ONE_WAY = "OneWay" ;
public static final String MEP_REQUEST_RESPONSE = "RequestResponse" ;
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -61,6 +61,7 @@
{
listenerConfigTree.setAttribute(ListenerTagNames.MEP_ATTRIBUTE_TAG, mep.toString()) ;
}
+ SecurityMapper.map(listenerConfigTree, listenerService);
List<Action> actionList = actions.getActionList();
try {
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2006, JBoss Inc., and others contributors as indicated
+ * by the @authors tag. All rights reserved.
+ * See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ * This copyrighted material is made available to anyone wishing to use,
+ * modify, copy, or redistribute it subject to the terms and conditions
+ * of the GNU Lesser General Public License, v. 2.1.
+ * This program is distributed in the hope that it will be useful, but WITHOUT A
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ * You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301, USA.
+ *
+ * (C) 2005-2006,
+ * @author JBoss Inc.
+ */
+
+package org.jboss.soa.esb.listeners.config.mappers;
+
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.dom.YADOMUtil;
+import org.jboss.soa.esb.listeners.ListenerTagNames;
+import org.jboss.soa.esb.listeners.config.xbeanmodel.SecurityDocument.Security;
+import org.jboss.soa.esb.listeners.config.xbeanmodel.ServiceDocument.Service;
+import org.w3c.dom.Element;
+
+/**
+ * Performs the mapping of XSD based configuration service actions onto a
+ * "ConfigTree" style listener configuration.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ */
+public class SecurityMapper
+{
+ private SecurityMapper() {}
+
+ /**
+ * Perform the mapping.
+ *
+ * @param toConfigTree
+ * The listener ConfigTree to which the actions are to be added.
+ * @param service
+ * The Service to which the listener is bound. The Service defines the actions.
+ * @throws ConfigurationException
+ */
+ public static void map( final Element toConfigTree, final Service service ) throws ConfigurationException
+ {
+ final Security security = service.getSecurity();
+ if ( security != null)
+ {
+ final Element securityElement = YADOMUtil.addElement( toConfigTree, ListenerTagNames.SECURITY_TAG );
+ MapperUtil.serialize( security, securityElement );
+ }
+ }
+}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -49,6 +49,10 @@
import org.jboss.soa.esb.message.body.content.BytesBody;
import org.jboss.soa.esb.services.registry.RegistryException;
import org.jboss.soa.esb.services.registry.RegistryFactory;
+import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.http.JbrHttpSecurityInfoExtractor;
+import org.jboss.soa.esb.services.security.auth.ws.WSSecurityInfoExtractor;
import org.jboss.soa.esb.util.ClassUtil;
import javax.management.MBeanServer;
@@ -497,7 +501,22 @@
// Copy the request properties onto the message...
Map properties = invocationRequest.getRequestPayload();
+
+
if (properties != null) {
+ // Extract any jbr http security information that may exist
+ AuthenticationRequest authRequest = new JbrHttpSecurityInfoExtractor().extractSecurityInfo(properties);
+
+ // Extract any ws security information that may exist
+ if ( authRequest == null ) {
+ authRequest = new WSSecurityInfoExtractor().extractSecurityInfo((String) invocationRequest.getParameter());
+ }
+
+ if ( authRequest != null ) {
+ message.getProperties().setProperty(SecurityService.AUTH_REQUEST, authRequest);
+ }
+
+
// Purposely not iterating over the Map.Entry Set because there's
// a bug in the Map impl used by JBossRemoting. Not all the
// "values" are actually in the Map.Entry set. Some of them are handled
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -22,6 +22,12 @@
package org.jboss.soa.esb.listeners.message;
+import java.security.PrivilegedAction;
+import java.util.ArrayList;
+import java.util.concurrent.atomic.AtomicBoolean;
+
+import javax.security.auth.Subject;
+
import org.apache.log4j.Logger;
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.actions.ActionLifecycle;
@@ -45,11 +51,15 @@
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.message.Properties;
import org.jboss.soa.esb.services.persistence.MessageStore;
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.SecurityConfigUtil;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.SecurityServiceException;
+import org.jboss.soa.esb.services.security.SecurityServiceFactory;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
import org.jboss.soa.esb.util.ClassUtil;
-import java.util.ArrayList;
-import java.util.concurrent.atomic.AtomicBoolean;
-
/**
* Action Processing Pipeline. <p/> Runs a list of action classes on a message
*
@@ -95,6 +105,8 @@
* The flag indicating whether we are using implicit or explicit processing.
*/
private boolean defaultProcessing ;
+
+ private SecurityConfig securityConf;
/**
* public constructor
@@ -240,6 +252,16 @@
}
processors = processorList
.toArray(new ActionPipelineProcessor[processorList.size()]);
+
+ ConfigTree[] securityConfigs = config.getChildren( ListenerTagNames.SECURITY_TAG );
+ if (securityConfigs.length > 0)
+ {
+ securityConf = SecurityConfigUtil.createSecurityConfig(securityConfigs[0]);
+ LOGGER.info(securityConf);
+ final SecurityService securitySerivce = SecurityServiceFactory.getSecurityService();
+ securitySerivce.configure();
+ securitySerivce.refreshSecurityConfig();
+ }
}
/**
@@ -267,6 +289,7 @@
}
}
active.set(true);
+
}
/**
@@ -289,8 +312,6 @@
{
long start = System.nanoTime();
serviceMessageCounter.incrementTotalCount();
- final Call callDetails = new Call() ;
- callDetails.copy(message.getHeader().getCall()) ;
if (active.get())
{
@@ -299,11 +320,107 @@
LOGGER.debug("pipeline process for message: "+message.getHeader());
}
+ if (securityConf != null)
+ {
+ return processPipelineSecured(message);
+ }
+ else
+ {
+ return processPipeline(message);
+ }
+ }
+ else
+ {
+ final Call callDetails = new Call() ;
+ callDetails.copy(message.getHeader().getCall()) ;
+ LOGGER.debug("pipeline process disabled for message: "+message.getHeader());
+
+ faultTo(callDetails, Factory.createErrorMessage(Factory.NOT_ENABLED, message, null));
+ long procTime = System.nanoTime() - start;
+ DeliveryObservableLogger.getInstance().logMessage(new MessageStatusBean(procTime, message,
+ MessageStatusBean.MESSAGE_FAILED));
+
+ return false;
+ }
+ }
+
+ private boolean processPipelineSecured(final Message message)
+ {
+ final Call callDetails = new Call() ;
+ callDetails.copy(message.getHeader().getCall()) ;
+
+ /*
+ * If the gateway or another service passed a security context, use that context for authentication.
+ * A SecurityContext's subject will only contain Principal(given that they are serializable), but a Principal
+ * might represent an id or a SSO Token that can be used for authentication.
+ * If a SubjectContext does not exist then create one to drive the authentication.
+ */
+ SecurityContext securityContext = SecurityContext.getContext(message);
+ LOGGER.debug("Security Context before authentication : " + securityContext);
+
+ if ( securityContext == null )
+ {
+ securityContext = new SecurityContext();
+ }
+
+ try
+ {
+ // get the authentication request if one exists.
+ AuthenticationRequest authRequest = (AuthenticationRequest) message.getProperties().getProperty( SecurityService.AUTH_REQUEST );
+
+ // perform the authentication
+ SecurityServiceFactory.getSecurityService().authenticate(securityConf, securityContext, authRequest);
+
+ // add the security context to the message
+ message.getProperties().setProperty( SecurityService.CONTEXT, securityContext );
+
+ }
+ catch (final SecurityServiceException e)
+ {
+ LOGGER.error( "Authentication exception : ", e);
+ faultTo(callDetails, Factory.createErrorMessage(Factory.UNEXPECTED_ERROR, message, e));
+ return false;
+ }
+ catch (final ConfigurationException e)
+ {
+ LOGGER.error( "Authentication exception : ", e);
+ faultTo(callDetails, Factory.createErrorMessage(Factory.UNEXPECTED_ERROR, message, e));
+ return false;
+ }
+ finally
+ {
+ // always remove the authentication request as it contains sensitive information
+ message.getProperties().remove( SecurityService.AUTH_REQUEST );
+ }
+
+ PrivilegedAction<Boolean> action = new PrivilegedAction<Boolean>()
+ {
+ public Boolean run()
+ {
+ return processPipeline(message);
+ }
+ };
+
+ Boolean processResult = (Boolean) Subject.doAsPrivileged(securityContext.getSubject(), action, null);
+ return processResult.booleanValue();
+ }
+
+ private boolean processPipeline(final Message message)
+ {
+ long start = System.nanoTime();
+ final Call callDetails = new Call() ;
+ callDetails.copy(message.getHeader().getCall()) ;
+
+ if (LOGGER.isDebugEnabled())
+ {
+ LOGGER.debug("pipeline process for message: "+message.getHeader());
+ }
+
final int numProcessors = processors.length;
final Message[] messages = new Message[numProcessors];
Message currentMessage = message;
-
+
for (int count = 0; count < numProcessors; count++)
{
final ActionPipelineProcessor processor = processors[count];
@@ -386,18 +503,6 @@
DeliveryObservableLogger.getInstance().logMessage(new MessageStatusBean(procTime, message,
MessageStatusBean.MESSAGE_SENT));
return true;
- }
- else
- {
- LOGGER.debug("pipeline process disabled for message: "+message.getHeader());
-
- faultTo(callDetails, Factory.createErrorMessage(Factory.NOT_ENABLED, message, null));
- long procTime = System.nanoTime() - start;
- DeliveryObservableLogger.getInstance().logMessage(new MessageStatusBean(procTime, message,
- MessageStatusBean.MESSAGE_FAILED));
-
- return false;
- }
}
/**
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfig.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfig.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfig.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,107 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import java.util.HashMap;
+import java.util.Map;
+
+
+/**
+ * This class is indended to security related configuration properties.
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ */
+public class SecurityConfig
+{
+ private String runAs;
+ private String useCallerIdentity;
+ private String moduleName;
+ private final String callbackHandler;
+ private Map<String,String> properties = new HashMap<String,String>();
+
+ private SecurityConfig(
+ final String runAs,
+ final String useCallerIdentity,
+ final String moduleName,
+ final String callbackHandler,
+ final Map<String,String> properties)
+ {
+ this.runAs = runAs;
+ this.useCallerIdentity = useCallerIdentity;
+ this.moduleName = moduleName;
+ this.callbackHandler= callbackHandler;
+ this.properties = properties;
+ }
+
+ /**
+ *
+ * @param runAs - run as the specified role
+ * @param useCallerIdentity - use the callers identity
+ * @param moduleName - index into the jaas configuration policy file
+ * @return <code>SecurityConfigInfo</code>
+ */
+ public static SecurityConfig createSecurityInfo(
+ final String runAs,
+ final String useCallerIdentity,
+ final String moduleName,
+ final String callbackHandler,
+ final Map<String,String> properties)
+ {
+ return new SecurityConfig(runAs, useCallerIdentity, moduleName, callbackHandler, properties);
+ }
+
+ public String getCallbackHandler()
+ {
+ return callbackHandler;
+ }
+
+ public String getRunAs()
+ {
+ return runAs;
+ }
+ public String getUseCallerIdentity()
+ {
+ return useCallerIdentity;
+ }
+
+ public String getModuleName()
+ {
+ return moduleName;
+ }
+
+ @Override
+ public String toString()
+ {
+ return "[SecurityConfigInfo : runAs=" + runAs + ", useCallerIdentity=" + useCallerIdentity + ", moduleName=" + moduleName + ", callbackHandler=" + callbackHandler +", properties=" + properties +"]";
+ }
+
+ public boolean hasRunAs()
+ {
+ return runAs != null;
+ }
+
+ public Map<String, String> getProperties()
+ {
+ return properties;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,58 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.jboss.soa.esb.helpers.ConfigTree;
+import org.jboss.soa.esb.listeners.ListenerTagNames;
+
+/**
+ * This util class provides methods to extract information from a security
+ * configuration. <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4.
+ *
+ */
+public class SecurityConfigUtil
+{
+ private SecurityConfigUtil() { }
+
+ public static SecurityConfig createSecurityConfig(final ConfigTree securityFragment)
+ {
+ final String runAs = securityFragment.getAttribute(ListenerTagNames.RUN_AS_TAG);
+ final String useCallersIdentity = securityFragment.getAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG);
+ final String moduleName = securityFragment.getAttribute(ListenerTagNames.MODULE_NAME_TAG);
+ final String callbackHandler = securityFragment.getAttribute(ListenerTagNames.CALLBACK_HANDLER_TAG);
+ final Map<String,String> properties = new HashMap<String, String>();
+ ConfigTree[] children = securityFragment.getChildren("property");
+ for (ConfigTree configTree : children)
+ {
+ String propertyName = configTree.getAttribute("name");
+ String propertyValue = configTree.getAttribute("value");
+ properties.put(propertyName, propertyValue);
+ }
+
+ return SecurityConfig.createSecurityInfo(runAs, useCallersIdentity, moduleName, callbackHandler, properties);
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,114 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import static org.jboss.soa.esb.services.security.principals.Group.ROLES_GROUP_NAME;
+import java.io.Serializable;
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Enumeration;
+import java.util.Set;
+
+
+import javax.security.auth.Subject;
+
+import org.jboss.soa.esb.message.Message;
+
+/**
+ * Security Context contains security related information that
+ * is not sensitive.
+ * <p/>
+ * Note that even though a Subject object instance is serialiable,
+ * its private and public credentials are not(they are transient).
+ * Also not that the Principal interface is not serializable but
+ * all implemenations should be.
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ *
+ */
+public final class SecurityContext implements Serializable
+{
+ private static final long serialVersionUID = 1L;
+
+ private Subject subject;
+
+ public SecurityContext()
+ {
+ subject = new Subject();
+ }
+
+ public SecurityContext(Subject subject)
+ {
+ this.subject = subject;
+ }
+
+ public Subject getSubject()
+ {
+ return subject;
+ }
+
+ public String toString()
+ {
+ return "SecurityContext [" + subject + "]";
+ }
+
+ public boolean isCallerInRole( final String roleName )
+ {
+ Set<Principal> principals = subject.getPrincipals();
+ for(Principal principal: principals)
+ {
+ if(principal instanceof Group)
+ {
+ Group group = (Group) principal;
+ if( group.getName().equalsIgnoreCase( ROLES_GROUP_NAME ) )
+ {
+ Enumeration<? extends Principal> roles = group.members();
+ while(roles.hasMoreElements())
+ {
+ Principal role = roles.nextElement();
+ if(role.getName().equals(roleName))
+ {
+ return true;
+ }
+ }
+ }
+ }
+ }
+ return false;
+ }
+
+ public Set<? extends Principal> getPrincipals()
+ {
+ return subject.getPrincipals();
+ }
+
+ /**
+ * Will retrieve the SecurityContext from the passed in Message.
+ * @param message - the message from which the SecurityContext should be retreieved
+ * @return SecuirtyContext - the currently set SecurityContext or null if none has been set.
+ */
+ public static SecurityContext getContext( final Message message )
+ {
+ return (SecurityContext) message.getProperties().getProperty( SecurityService.CONTEXT );
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,85 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+
+/**
+ * This interface represents a Security service.
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ *
+ */
+public interface SecurityService
+{
+ /**
+ * Constant intended for usage as a key in different types of maps.
+ */
+ String CONTEXT = "org.jboss.soa.esb.services.security.context";
+ String AUTH_REQUEST = "org.jboss.soa.esb.services.security.authRequest";
+
+ /**
+ * Configure the security serivce for usage. This should take care of
+ * reading any needed configurations required by the security system.
+ *
+ * @throws ConfigurationException
+ */
+ void configure() throws ConfigurationException;
+
+ /**
+ * Authenticates a subject.
+ *
+ * @param securityContext - the security context to authenticate
+ * @throws LoginException - if the authentication was not sucessful
+ */
+ void authenticate(final SecurityConfig securityConfig, final SecurityContext securityContext, final AuthenticationRequest authRequest) throws SecurityServiceException;
+
+ /**
+ * Determines if the subject contains the passed in role in it's
+ * set of Principals.
+ *
+ * @param subject - the Subject instance belonging to the caller.
+ * @param context - the principal instance representing the role to check for.
+ * @return true - if the caller has the role of
+ */
+ boolean isCallerInRole(final Subject subject, final Principal role);
+
+ /**
+ * Logout and clean up of any security state.
+ *
+ * @param securityContext
+ * @throws LoginException
+ */
+ void logout(final SecurityConfig securityConfig);
+
+ /**
+ * Refresh the security configuration
+ */
+ void refreshSecurityConfig();
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceException.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceException.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceException.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+/**
+ * Exception for SecurityServices.
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class SecurityServiceException extends Exception
+{
+ private static final long serialVersionUID = 1L;
+
+ public SecurityServiceException()
+ {
+ super();
+ }
+
+ public SecurityServiceException (String msg)
+ {
+ super(msg);
+ }
+
+ public SecurityServiceException (String msg, Throwable cause)
+ {
+ super (msg, cause);
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,68 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import org.apache.log4j.Logger;
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.common.Configuration;
+import org.jboss.soa.esb.util.ClassUtil;
+
+public class SecurityServiceFactory
+{
+ private static Logger log = Logger.getLogger(SecurityServiceFactory.class);
+
+ private static SecurityService instance;
+
+ private SecurityServiceFactory() { }
+
+ public static SecurityService getSecurityService() throws ConfigurationException
+ {
+ if (instance != null)
+ {
+ return instance;
+ }
+
+ String className = Configuration.getSecurityServiceImplementationClass();
+ if ( className == null )
+ {
+ throw new ConfigurationException("No SecurityService implementation has been set. Please check the configuration");
+ }
+
+ SecurityService service = null;
+ try
+ {
+ log.info("Using [" + className + "] as the SecurityService implementation.");
+ Class<?> securityClass = ClassUtil.forName(className, SecurityService.class);
+ service = (SecurityService) securityClass.newInstance();
+ }
+ catch (ClassNotFoundException e)
+ {
+ throw new ConfigurationException("SecurityService Implementation=" + className + " not found", e);
+ }
+ catch (Exception e)
+ {
+ throw new ConfigurationException("Invocation exception. " + e.getLocalizedMessage(), e);
+ }
+ instance = service;
+ return service;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,90 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.actions;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityAssociation;
+import org.jboss.soa.esb.actions.BeanConfiguredAction;
+import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityService;
+
+/**
+ * JBossSecurityPropagator is an ESB action that can be used to
+ * propagate security information to JBoss Application Server(JBossAS).
+ * </p>
+ * This action can be placed before an action that calls out the a
+ * JBossAS instance, for example an EJB call.
+ *
+ * Example config:
+ * <pre>{@code
+ * <action name="propagate" class="org.jboss.soa.esb.services.security.actions.JBossSecurityPropagator">
+ * <property name="runAs" value="adminRole"/>
+ * </action>
+ * }</pre>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class JBossSecurityPropagator implements BeanConfiguredAction
+{
+ private String runAs;
+
+ public Message process(final Message message)
+ {
+ final SecurityContext securityContext = (SecurityContext) message.getProperties().getProperty( SecurityService.CONTEXT );
+ if ( securityContext != null )
+ {
+ final Subject subject = securityContext.getSubject();
+ final Principal principal = getPrincipal(subject);
+
+ // associate the subject with jboss security
+ SecurityAssociation.pushSubjectContext(subject, principal, subject.getPublicCredentials());
+
+ if ( runAs != null )
+ {
+ // associate the runAs role with jboss security
+ SecurityAssociation.pushRunAsIdentity(new RunAsIdentity(runAs, principal.getName()));
+ }
+
+ }
+ return message;
+ }
+
+ public void setRunAs(String runAs)
+ {
+ this.runAs = runAs;
+ }
+
+ private Principal getPrincipal( final Subject subject)
+ {
+ for (Principal principal : subject.getPrincipals())
+ {
+ return principal;
+ }
+ return null;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,45 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth;
+
+import java.security.Principal;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * An AuthenticationRequest is intended to carry sensitive security
+ * information between gateways and ESB services.
+ * The information will be extracted from the specific transport that
+ * the gateway uses.
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ *
+ */
+public interface AuthenticationRequest
+{
+ public abstract Set<?> getCredentials();
+
+ public abstract Map<String, ?> getProperties();
+
+ public abstract Principal getPrincipal();
+
+}
\ No newline at end of file
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,103 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth;
+
+import java.io.Serializable;
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * AuthenticationRequestImpl is indended to transport security related information
+ * needed to authenticate a caller.
+ * </p>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class AuthenticationRequestImpl implements Serializable, AuthenticationRequest
+{
+ private static final long serialVersionUID = 1L;
+
+ private Principal principal;
+ private Set<?> credentials;
+ private Map<String,?> properties;
+
+ /* (non-Javadoc)
+ * @see org.jboss.soa.esb.services.security.auth.AuthenticationRequest#getCredentials()
+ */
+ public Set<?> getCredentials()
+ {
+ return credentials;
+ }
+
+ /* (non-Javadoc)
+ * @see org.jboss.soa.esb.services.security.auth.AuthenticationRequest#getProperties()
+ */
+ public Map<String, ?> getProperties()
+ {
+ return properties;
+ }
+
+ /* (non-Javadoc)
+ * @see org.jboss.soa.esb.services.security.auth.AuthenticationRequest#getPrincipal()
+ */
+ public Principal getPrincipal()
+ {
+ return principal;
+ }
+
+ public static class Builder
+ {
+ // required
+ private Principal principal;
+ private Set<?> credentials;
+
+ // optional
+ private Map<String,Object> properties = new HashMap<String,Object>();
+
+ public Builder(final Principal principal, final Set<?> credentials)
+ {
+ this.principal = principal;
+ this.credentials = credentials;
+ }
+
+ public Builder property( final String name, final Object value)
+ {
+ properties.put(name, value);
+ return this;
+ }
+
+ public AuthenticationRequest bulid()
+ {
+ return new AuthenticationRequestImpl(this);
+ }
+ }
+
+ private AuthenticationRequestImpl(final Builder builder)
+ {
+ principal = builder.principal;
+ credentials = builder.credentials;
+ properties = builder.properties;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth;
+
+/**
+ * SecurityInfoExtractor is indended for extracting security related
+ * information for different of transports.
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ * @param <T>
+ */
+public interface SecurityInfoExtractor<T>
+{
+ /**
+ * Extracts security related information from type T and
+ * populates a {@link AuthenticationRequest}.
+ *
+ * @param t - the type from which security information is to be extracted
+ * @return - and instance of {@link AuthenticationRequest}
+ */
+ AuthenticationRequest extractSecurityInfo( final T t );
+}
\ No newline at end of file
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractor.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractor.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.http;
+
+import java.util.HashSet;
+import java.util.Set;
+import javax.servlet.http.HttpServletRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
+import org.jboss.soa.esb.services.security.auth.SecurityInfoExtractor;
+import org.jboss.soa.esb.services.security.principals.User;
+import org.jboss.util.Base64;
+
+/**
+ * Extracts secuirty information from a HttpServletRequest
+ * </p>
+ * Supports BASIC authentication.
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class HttpSecurityInfoExtractor implements SecurityInfoExtractor<HttpServletRequest>
+{
+
+ public AuthenticationRequest extractSecurityInfo(HttpServletRequest httpRequest)
+ {
+ final String authType = httpRequest.getAuthType();
+ if ( authType == null )
+ return null;
+
+ Set<Object> credentials = new HashSet<Object>();
+ if ( authType.equals("BASIC"))
+ {
+ String auth = httpRequest.getHeader("Authorization");
+ auth = auth.substring(auth.indexOf(" "));
+ // decode the Base64 encoded username:password
+ String decoded = new String( Base64.decode(auth) );
+ final int separator = decoded.indexOf(":");
+ final String username = decoded.substring(0,separator);
+ String pwd = decoded.substring(separator+1,decoded.length());
+ credentials.add( pwd.toCharArray() );
+ pwd = null;
+ decoded = null;
+ return new AuthenticationRequestImpl.Builder(new User(username), credentials ).bulid();
+ }
+ if ( authType.equals("DIGEST"))
+ {
+ // not supported yet.
+ }
+
+ return null;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractor.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractor.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,70 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.http;
+
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.log4j.Logger;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
+import org.jboss.soa.esb.services.security.auth.SecurityInfoExtractor;
+import org.jboss.soa.esb.services.security.principals.User;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class JbrHttpSecurityInfoExtractor implements SecurityInfoExtractor<Map<String,Object>>
+{
+ private Logger log = Logger.getLogger(JbrHttpSecurityInfoExtractor.class);
+
+ public static final String USERNAME_KEY = "http.basic.username";
+ public static final String PASSWORD_KEY = "http.basic.password";
+
+ public AuthenticationRequest extractSecurityInfo( final Map<String,Object> request )
+ {
+ AuthenticationRequest authRequest = null;
+ String username = (String) request.get(USERNAME_KEY);
+ if ( username != null )
+ {
+ User user = new User((String)username);
+ Set<char[]> credentials = new HashSet<char[]>();
+
+ String passwd = (String) request.get(PASSWORD_KEY);
+ if ( passwd != null )
+ {
+ credentials.add(passwd.toCharArray());
+ Object remove = request.remove(PASSWORD_KEY);
+ if ( remove == null )
+ {
+ log.warn("Could not remove the password from the request map");
+ }
+ }
+
+ authRequest = new AuthenticationRequestImpl.Builder( user, credentials ).bulid();
+ }
+ return authRequest;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,117 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.ws;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+
+import sun.misc.BASE64Decoder;
+
+/**
+ * Represents a WS-Security BinarySecurityToken.
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class BinarySecurityToken
+{
+ private String encodingType;
+ private String valueType;
+ private Certificate cert;
+ private enum EncodingType { Base64Binary, HexBinary }
+
+ public String getEncodingType()
+ {
+ return encodingType;
+ }
+
+ public void setEncodingType(String encodingType)
+ {
+ this.encodingType = stripNSAlias(encodingType);
+ }
+
+ public String getValueType()
+ {
+ return valueType;
+ }
+
+ public void setValueType(String valueType)
+ {
+ this.valueType = stripNSAlias(valueType);
+ }
+
+ public Certificate getKey()
+ {
+ return cert;
+ }
+
+ public void setKey(final String key)
+ {
+ try
+ {
+ byte[] keyBytes = null;
+ if ( encodingType.equalsIgnoreCase( EncodingType.Base64Binary.toString() ) )
+ {
+ BASE64Decoder decoder = new BASE64Decoder();
+ keyBytes = decoder.decodeBuffer(key);
+ }
+ else
+ {
+ keyBytes = key.getBytes();
+ }
+
+ CertificateFactory factory = CertificateFactory.getInstance( certificateMatch( valueType ) );
+ cert = factory.generateCertificate( new ByteArrayInputStream( keyBytes ));
+ }
+ catch (CertificateException e)
+ {
+ throw new IllegalStateException("Could not create certificate: ", e);
+ }
+ catch (IOException e)
+ {
+ throw new IllegalStateException("Could not create certificate: ", e);
+ }
+ }
+
+ private String certificateMatch(final String valueType)
+ {
+ if ( valueType.startsWith("X509") )
+ return "X.509";
+
+ return valueType;
+ }
+
+ private String stripNSAlias(String value)
+ {
+ if ( value != null )
+ {
+ final int idx = value.indexOf(':');
+ if ( idx > 0 )
+ value = value.substring( idx + 1 );
+ }
+ return value;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/UsernameToken.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/UsernameToken.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/UsernameToken.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.ws;
+
+/**
+ * Placeholder for security information form a ws request.
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class UsernameToken
+{
+ private String userName;
+ private char[] password;
+
+ public char[] getPassword()
+ {
+ return password;
+ }
+
+ public void setPassword(String password)
+ {
+ this.password = password.toCharArray();
+ }
+
+ public String getUserName()
+ {
+ return userName;
+ }
+
+ public void setUserName(String userName)
+ {
+ this.userName = userName;
+ }
+
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,127 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.ws;
+
+import java.io.IOException;
+import java.io.StringReader;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.xml.transform.stream.StreamSource;
+
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
+import org.jboss.soa.esb.services.security.auth.SecurityInfoExtractor;
+import org.jboss.soa.esb.services.security.principals.User;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.milyn.Smooks;
+import org.milyn.payload.JavaResult;
+import org.xml.sax.SAXException;
+
+/**
+ * WSSecurityInfoExtractor extracts security related information from
+ * a SOAP security header.
+ * </p>
+ * If the security element contains a 'UsernameToken' element this will be
+ * extraced into a principal with the username and a credential being the
+ * password represented as a character array.
+ *
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class WSSecurityInfoExtractor implements SecurityInfoExtractor<String>
+{
+ /**
+ * Smooks configuration file which specified the extraction
+ */
+ private static final String SMOOK_CONFIG_FILE = "smooks-ws-security.xml";
+ /**
+ * Smooks instance the will perform the extraction
+ */
+ private Smooks smooks;
+
+ /**
+ * Creates an instance using the default Smooks config file.
+ */
+ public WSSecurityInfoExtractor()
+ {
+ createSmooks( SMOOK_CONFIG_FILE );
+ }
+
+ /**
+ * Creates an instance of Smooks using the passed in config file.
+ *
+ * @param configFile - the Smooks config file to use.
+ */
+ public WSSecurityInfoExtractor(final String configFile)
+ {
+ createSmooks(configFile);
+ }
+
+ /**
+ * Extracts UsernameToken element is one exists and creates
+ * a Principal with the username and sets a Credential using
+ * the password. The type of the Credential is a character array.
+ * If the SOAP message contains a BinarySecurityToken this will be
+ * extracted and added as a Credential.
+ * @param soap - the soap message represented as a String
+ * @return {@link AuthenticationRequest}
+ */
+ public AuthenticationRequest extractSecurityInfo(final String soap)
+ {
+ final JavaResult javaResult = new JavaResult();
+ smooks.filter(new StreamSource(new StringReader(soap)), javaResult);
+
+ UsernameToken token = (UsernameToken) javaResult.getBean("userNameToken");
+ User user = null;
+ Set<Object> credentials = new HashSet<Object>();
+ if ( token != null )
+ {
+ user = new User(token.getUserName());
+ credentials.add(token.getPassword());
+ }
+
+ BinarySecurityToken binaryToken = (BinarySecurityToken) javaResult.getBean("binarySecurityToken");
+ if ( binaryToken != null )
+ {
+ credentials.add(binaryToken.getKey());
+ }
+ return new AuthenticationRequestImpl.Builder(user, credentials ).bulid();
+ }
+
+ private void createSmooks(final String configFile)
+ {
+ try
+ {
+ this.smooks = new Smooks( ClassUtil.getResourceAsStream(configFile, getClass()));
+ }
+ catch (final SAXException e)
+ {
+ throw new IllegalStateException("Could not parse " + configFile, e);
+ }
+ catch (final IOException e)
+ {
+ throw new IllegalStateException("Could not parse " + configFile, e);
+ }
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/smooks-ws-security.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/smooks-ws-security.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/smooks-ws-security.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<smooks-resource-list xmlns="http://www.milyn.org/xsd/smooks-1.0.xsd">
+
+ <resource-config selector="Envelope/Header/Security/UsernameToken">
+ <resource>org.milyn.javabean.BeanPopulator</resource>
+ <param name="beanId">userNameToken</param>
+ <param name="beanClass">org.jboss.soa.esb.services.security.auth.ws.UsernameToken</param>
+ <param name="bindings">
+ <binding property="userName" selector="Username" default="" />
+ <binding property="password" selector="Password" />
+ </param>
+ </resource-config>
+
+ <resource-config selector="Envelope/Header/Security/BinarySecurityToken">
+ <resource>org.milyn.javabean.BeanPopulator</resource>
+ <param name="beanId">binarySecurityToken</param>
+ <param name="beanClass">org.jboss.soa.esb.services.security.auth.ws.BinarySecurityToken</param>
+ <param name="bindings">
+ <binding property="encodingType" selector="BinarySecurityToken @EncodingType" />
+ <binding property="valueType" selector="BinarySecurityToken @ValueType" />
+ <binding property="key" selector="BinarySecurityToken" />
+ </param>
+ </resource-config>
+
+</smooks-resource-list>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Group.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Group.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Group.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.principals;
+
+import java.io.Serializable;
+import java.security.Principal;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * A Role is a collection/group of Principals.
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class Group implements java.security.acl.Group, Serializable
+{
+ private static final long serialVersionUID = 1L;
+ public static final String ROLES_GROUP_NAME = "Roles";
+
+ private final String groupName;
+ private final Set<Principal> members = new HashSet<Principal>();
+
+ public Group(final String groupName)
+ {
+ if ( groupName == null )
+ throw new NullPointerException("groupName argument must not be null");
+
+ this.groupName = groupName;
+ }
+
+ public String getName()
+ {
+ return groupName;
+ }
+
+ public String toString()
+ {
+ return "[groupName=" + groupName + ", members=" + members + "]";
+ }
+
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (this == obj)
+ return true;
+ if(!(obj instanceof Group))
+ return false;
+
+ Group other = (Group) obj;
+ return other.groupName.equals(groupName) &&
+ other.members.equals(members);
+ }
+
+ @Override
+ public int hashCode()
+ {
+ int hash = 17;
+ hash = 31 * hash + groupName == null ? 0 : groupName.hashCode();
+ return hash;
+ }
+
+ public boolean addMember(Principal user)
+ {
+ return members.add(user);
+ }
+
+ public boolean isMember(Principal user)
+ {
+ return members.contains(user);
+ }
+
+ public Enumeration<? extends Principal> members()
+ {
+ return Collections.enumeration(members);
+ }
+
+ public boolean removeMember(Principal user)
+ {
+ return members.remove(user);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Role.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Role.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/Role.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,76 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.principals;
+
+import java.io.Serializable;
+import java.security.Principal;
+
+/**
+ * A Role is a collection/group of Principals.
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class Role implements Principal, Serializable
+{
+ private static final long serialVersionUID = 1L;
+ private final String roleName;
+
+ public Role(final String roleName)
+ {
+ if ( roleName == null )
+ throw new NullPointerException("roleName argument must not be null");
+
+ this.roleName = roleName;
+ }
+
+ public String getName()
+ {
+ return roleName;
+ }
+
+ public String toString()
+ {
+ return "[roleName=" + roleName + "]";
+ }
+
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (this == obj)
+ return true;
+ if(!(obj instanceof Role))
+ return false;
+
+ Role other = (Role) obj;
+ return this.roleName.equals(other.roleName);
+ }
+
+ @Override
+ public int hashCode()
+ {
+ int hash = 17;
+ hash = 31 * hash + roleName == null ? 0 : roleName.hashCode();
+ return hash;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/User.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/User.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/principals/User.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,76 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.principals;
+
+import java.io.Serializable;
+import java.security.Principal;
+
+/**
+ * Simple User
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class User implements Principal, Serializable
+{
+ private static final long serialVersionUID = 1L;
+ private final String name;
+
+ public User(final String name)
+ {
+ if ( name == null )
+ throw new NullPointerException("name argument must not be null");
+
+ this.name = name;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public String toString()
+ {
+ return "User [roleName=" + name + "]";
+ }
+
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (this == obj)
+ return true;
+ if(!(obj instanceof User))
+ return false;
+
+ User other = (User) obj;
+ return this.name.equals(other.name);
+ }
+
+ @Override
+ public int hashCode()
+ {
+ int hash = 17;
+ hash = 31 * hash + name == null ? 0 : name.hashCode();
+ return hash;
+ }
+
+}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/util/ClassUtil.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/util/ClassUtil.java 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/util/ClassUtil.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -184,6 +184,48 @@
return ClassLoader.getSystemResourceAsStream(resource) ;
}
+
+ public static URL getResource(final String resourceName, final Class<?> caller)
+ {
+ final String resource ;
+ if (resourceName.startsWith("/"))
+ {
+ resource = resourceName.substring(1) ;
+ }
+ else
+ {
+ final Package callerPackage = caller.getPackage() ;
+ if (callerPackage != null)
+ {
+ resource = callerPackage.getName().replace('.', '/') + '/' + resourceName ;
+ }
+ else
+ {
+ resource = resourceName ;
+ }
+ }
+ final ClassLoader threadClassLoader = Thread.currentThread().getContextClassLoader() ;
+ if (threadClassLoader != null)
+ {
+ final URL url = threadClassLoader.getResource(resource) ;
+ if (url != null)
+ {
+ return url ;
+ }
+ }
+
+ final ClassLoader classLoader = caller.getClassLoader() ;
+ if (classLoader != null)
+ {
+ final URL url = classLoader.getResource(resource) ;
+ if (url != null)
+ {
+ return url ;
+ }
+ }
+
+ return ClassLoader.getSystemResource(resource) ;
+ }
/**
* Get a package name and convert it to a path value, so it can be used
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml 2008-08-18 07:42:43 UTC (rev 21595)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -102,6 +102,9 @@
<copy todir="${org.jboss.esb.test.persistdb.dir}">
<fileset dir="resources/etc/" includes="persistUnitTestDB*"/>
</copy>
+ <copy todir="${org.jboss.esb.tests.classes.dir}" >
+ <fileset dir="${org.jboss.esb.module.tests.src.dir}" includes="**/*.xml" />
+ </copy>
<copy file="${org.jboss.esb.root.dir}/etc/schemas/xml/jbossesb-1.0.1.xsd" todir="${org.jboss.esb.tests.classes.dir}"/>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,185 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.internal.soa.esb.services.security;
+
+import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.net.URL;
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.antlr.stringtemplate.test.FailedAssertionException;
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.SecurityServiceException;
+import org.jboss.soa.esb.services.security.TestPrincipal;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
+import org.jboss.soa.esb.services.security.principals.Group;
+import org.jboss.soa.esb.services.security.principals.Role;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Unit test for {@link SecurityServiceImpl}
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ */
+public class JaasSecurityServiceUnitTest
+{
+ private SecurityService service = new JaasSecurityService();
+ private Subject subject = new Subject();
+ private String jbossEsbProperties;
+
+ @Test
+ public void authenticateUserpassword() throws ConfigurationException, SecurityServiceException
+ {
+ final String userName = "testUser";
+ final String password = "testPassword";
+ SecurityConfig configInfo = SecurityConfig.createSecurityInfo(null, null, "UserPassLogin", "org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler", null);
+ TestPrincipal principal = new TestPrincipal(userName);
+ Set<String> credentials = new HashSet<String>();
+ credentials.add(password);
+
+ AuthenticationRequest authRequest = new AuthenticationRequestImpl.Builder(principal, credentials).bulid();
+ SecurityContext context = new SecurityContext(subject);
+ service.configure();
+ service.authenticate(configInfo, context, authRequest);
+
+ Set<TestPrincipal> principals = subject.getPrincipals( TestPrincipal.class );
+ assertEquals( 1, principals.size() );
+ assertEquals( userName, principals.iterator().next().getName() );
+ }
+
+ @Test
+ public void authenticateWithRole() throws ConfigurationException, SecurityServiceException
+ {
+ SecurityConfig configInfo = SecurityConfig.createSecurityInfo("adminRole", null, "SuccessfulLogin", null, null);
+ SecurityContext context = new SecurityContext(subject);
+ service.authenticate(configInfo, context, null);
+ Set<Principal> principals = subject.getPrincipals( Principal.class );
+ assertEquals( 2, principals.size() );
+ }
+
+ @Test
+ public void authenticateWithExistingRole() throws ConfigurationException, SecurityServiceException
+ {
+ SecurityConfig configInfo = SecurityConfig.createSecurityInfo("adminRole", null, "SuccessfulLogin", null, null);
+ Group group = new Group("Roles");
+ group.addMember(new Role("adminRole1"));
+
+ subject.getPrincipals().add(group);
+
+ SecurityContext context = new SecurityContext(subject);
+ service.authenticate(configInfo, context, null);
+
+ Set<Principal> principals = subject.getPrincipals( Principal.class );
+ assertEquals( 2, principals.size() );
+ }
+
+ @Test
+ public void isCallerInRole() throws SecurityServiceException
+ {
+ final String roleName = "adminRole";
+ SecurityConfig configInfo = SecurityConfig.createSecurityInfo(roleName, null, "SuccessfulLogin", null, null);
+ SecurityContext context = new SecurityContext(subject);
+ service.authenticate(configInfo, context, null);
+ assertTrue( service.isCallerInRole(subject, new Role(roleName)));
+ }
+
+ @Test ( expected = SecurityServiceException.class )
+ public void loginFailure() throws ConfigurationException, SecurityServiceException
+ {
+ SecurityConfig configInfo = SecurityConfig.createSecurityInfo(null, null, "FailureLogin", null, null);
+ SecurityContext context = new SecurityContext(subject);
+ service.authenticate( configInfo, context, null );
+ }
+
+ @Test
+ public void refresh() throws SecurityServiceException
+ {
+ Runnable runnable = new Runnable()
+ {
+ public void run()
+ {
+ threadLogin();
+ }
+ };
+ for (int i = 0; i < 1000; i++)
+ {
+ Thread t1 = new Thread(runnable);
+ Thread t2 = new Thread(runnable);
+ t1.start();
+ t2.start();
+ }
+ }
+
+ private void threadLogin()
+ {
+ SecurityConfig configInfo = SecurityConfig.createSecurityInfo(null, null, "SuccessfulLogin", null, null);
+ SecurityContext context = new SecurityContext(new Subject());
+ service.refreshSecurityConfig();
+ try
+ {
+ service.authenticate( configInfo, context, null );
+ }
+ catch (SecurityServiceException e)
+ {
+ fail(e.getMessage());
+ }
+ }
+
+ @Before
+ public void setup() throws ConfigurationException
+ {
+ jbossEsbProperties = System.getProperty(Environment.PROPERTIES_FILE);
+ URL resource = ClassUtil.getResource("security-properties.xml", getClass());
+ System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
+ service.configure();
+ }
+
+ @After
+ public void tearDown()
+ {
+ if ( jbossEsbProperties != null )
+ System.setProperty(Environment.PROPERTIES_FILE, jbossEsbProperties);
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter( JaasSecurityServiceUnitTest.class );
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas/AMConfig.properties
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas/AMConfig.properties (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas/AMConfig.properties 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,429 @@
+#
+# The contents of this file are subject to the terms
+# of the Common Development and Distribution License
+# (the License). You may not use this file except in
+# compliance with the License.
+#
+# You can obtain a copy of the License at
+# https://opensso.dev.java.net/public/CDDLv1.0.html or
+# opensso/legal/CDDLv1.0.txt
+# See the License for the specific language governing
+# permission and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL
+# Header Notice in each file and include the License file
+# at opensso/legal/CDDLv1.0.txt.
+# If applicable, add the following below the CDDL Header,
+# with the fields enclosed by brackets [] replaced by
+# your own identifying information:
+# "Portions Copyrighted [year] [name of copyright owner]"
+#
+# $Id: AMClient.properties,v 1.12 2008/03/04 00:25:12 beomsuk Exp $
+#
+# Copyright 2006 Sun Microsystems Inc. All Rights Reserved
+#
+
+/* The following keys are used to configure the Debug service.
+ * Possible values for the key 'level' are: off | error | warning | message.
+ * The key 'directory' specifies the output directory where the debug files
+ * will be created.
+ * Trailing spaces are significant.
+ * Windows: Use forward slashes "/" separate directories, not backslash "\".
+ * Windows: Spaces in the file name are allowed for Windows.
+ */
+com.iplanet.services.debug.level=message
+com.iplanet.services.debug.directory=/tmp
+
+/*
+ * Server mode should be 'false'
+ */
+com.iplanet.am.serverMode=false
+
+/*
+ * Cache enable / disable properties
+ */
+com.iplanet.am.sdk.caching.enabled=false
+com.sun.identity.idm.cache.enabled=false
+com.sun.identity.sm.cache.enabled=true
+
+/*
+ * Configure remote plugin classes for configuration (SMS)
+ */
+com.sun.identity.sm.sms_object_class_name=com.sun.identity.sm.jaxrpc.SMSJAXRPCObject
+
+/*
+ * Naming URL
+ */
+com.iplanet.am.naming.url=http://localhost:8080/opensso/namingservice
+
+/*
+ * Notification URL
+ */
+com.iplanet.am.notification.url=
+
+/*
+ * Security Credentails to read the configuration data
+ */
+com.sun.identity.agents.app.username=UrlAccessAgent
+com.iplanet.am.service.password=
+com.iplanet.am.service.secret=AQIC24u86rq9RRbx13mx0nb0uAGpxLdxGBY9
+
+/*
+ * Encryption key that will be used to encrypt and decypt
+ * data to communicate with the server.
+ * This key is needed to decrypt passwords stored
+ * in the SMS configuration.
+ */
+am.encryption.pwd=SAMPLE_RAND
+
+/*
+ * Encryption key that will be used to encrypt and decypt
+ * data used locally within the client.
+ */
+com.sun.identity.client.encryptionKey=SAMPLE_RAND
+
+/*
+ * Encryption: The key "com.iplanet.security.encryptor" specifies
+ * the encrypting class implementation.
+ * Available classes are:
+ * com.iplanet.services.util.JCEEncryption
+ * com.iplanet.services.util.JSSEncryption
+ */
+com.iplanet.security.encryptor=com.iplanet.services.util.JCEEncryption
+
+/*
+ * Property to enable/disable the notifications for am.sdk and IdRepo Caches.
+ * If set to "true" notifications are enabled and disabled if set to "false".
+ */
+com.sun.identity.idm.remote.notification.enabled=true
+
+/*
+ * Cache update time (in minutes) for am.sdk & IdRepo Caches
+ * if notification URL is not provided or if notifications are disabled.
+ * Note:
+ * 1. This property is applicable only if 'com.iplanet.am.notification.url'
+ * is not provided or if 'com.sun.identity.idm.remote.notification.enabled'
+ * is set to 'false'.
+ * 2. If the polling time is set as 0, then polling is disabled.
+ */
+com.iplanet.am.sdk.remote.pollingTime=1
+
+/*
+ * Property to enable/disable the notifications for service management caches.
+ * If set to "true" notifications are enabled and disabled if set to "false".
+ */
+com.sun.identity.sm.notification.enabled=true
+
+/*
+ * Cache update time (in minutes) for service configutation data,
+ * if notification URL is not provided or if notifications are disabled.
+ * Note:
+ * 1. This property is applicable only if 'com.iplanet.am.notification.url'
+ * is not provided or if 'com.sun.identity.sm.notification.enabled' is
+ * set to 'false'.
+ * 2. If the cache time is set as 0, then no cache updates will occur.
+ */
+com.sun.identity.sm.cacheTime=1
+
+/*
+ * Server protocol, host and port to be used by Client Services
+ */
+com.iplanet.am.server.protocol=http
+com.iplanet.am.server.host=localhost
+com.iplanet.am.server.port=8080
+com.iplanet.am.services.deploymentDescriptor=opensso
+com.iplanet.am.console.protocol=@CONSOLE_PROTOCOL@
+com.iplanet.am.console.host=@CONSOLE_HOST@
+com.iplanet.am.console.port=@CONSOLE_PORT@
+com.iplanet.am.console.deploymentDescriptor=@CONSOLE_DEPLOY_URI@
+com.iplanet.am.console.remote=@CONSOLE_REMOTE@
+
+com.iplanet.am.cookie.name=iPlanetDirectoryPro
+
+/*
+ * Session related properties.
+ */
+com.iplanet.am.session.client.polling.enable=true
+com.iplanet.am.session.client.polling.period=180
+
+/*
+ * Identify cert db directory path, prefix and password file
+ * to initialize JSS Socket Factory when Web Container is configured SSL
+ */
+com.iplanet.am.admin.cli.certdb.dir=
+com.iplanet.am.admin.cli.certdb.prefix=
+com.iplanet.am.admin.cli.certdb.passfile=//config/.wtpass
+
+/*
+ * Identify property value for SSL ApprovalCallback / HostnameVerifier
+ * If com.iplanet.services.comm is configured as protocol handler
+ * and the checkSubjectAltName or resolveIPAddress feature is enabled,
+ * cert8.db and key3.db with the prefix value of
+ * com.iplanet.am.admin.cli.certdb.prefix will have to be created under
+ * the directory of com.iplanet.am.admin.cli.certdb.dir before server is
+ * restarted.
+ */
+com.iplanet.am.jssproxy.trustAllServerCerts=false
+com.iplanet.am.jssproxy.checkSubjectAltName=false
+com.iplanet.am.jssproxy.resolveIPAddress=false
+com.iplanet.am.jssproxy.SSLTrustHostList=false
+
+/**************************************************************
+ * Policy Client parameters
+ **************************************************************/
+/* Policy decision log parameters. Possible values for logging.level
+ * are NONE, ALLOW, DENY, BOTH, and DECISION */
+com.sun.identity.agents.server.log.file.name=amRemotePolicyLog
+com.sun.identity.agents.logging.level=NONE
+
+/* Notification URL for updating cache */
+com.sun.identity.agents.notification.enabled=false
+com.sun.identity.agents.notification.url=
+
+/* Cache time in minutes */
+com.sun.identity.agents.polling.interval=3
+
+/* Information to cache. Possible value are "subtree" or "self" */
+com.sun.identity.policy.client.cacheMode=subtree
+
+/* Policy client clock skew value in seconds */
+com.sun.identity.policy.client.clockSkew=10
+
+/*
+* Explicitly disable monitoring services in the client applications.
+*/
+com.sun.identity.monitoring=off
+
+/*
+* Specify if allow to use cached data for HttpURLConnection
+*/
+com.sun.identity.urlconnection.useCache=false
+
+#
+# Specify implementation class for
+# com.sun.identity.plugin.configuration.ConfigurationInstance interface.
+com.sun.identity.plugin.configuration.class=com.sun.identity.plugin.configuration.impl.ConfigurationInstanceImpl
+
+#
+# Specify implementation class for
+# com.sun.identity.plugin.datastore.DataStoreProvider interface.
+# This property defines the default datastore provider.
+com.sun.identity.plugin.datastore.class.default=com.sun.identity.plugin.datastore.impl.IdRepoDataStoreProvider
+
+#
+# Specify implementation class for
+# com.sun.identity.plugin.session.SessionProvider interface.
+com.sun.identity.plugin.session.class=com.sun.identity.plugin.session.impl.FMSessionProvider
+
+#
+# Specify XML signature provider class
+com.sun.identity.saml.xmlsig.signatureprovider.class=com.sun.identity.saml.xmlsig.AMSignatureProvider
+
+#
+# Specify XML key provider implementation class
+com.sun.identity.saml.xmlsig.keyprovider.class=com.sun.identity.saml.xmlsig.JKSKeyProvider
+
+#
+# Identify SAML XML signature keystore file, keystore password file
+# and key password file
+com.sun.identity.saml.xmlsig.keystore=@BASE_DIR@/keystore.jks
+com.sun.identity.saml.xmlsig.storepass=@BASE_DIR@/.storepass
+com.sun.identity.saml.xmlsig.keypass=@BASE_DIR@/.keypass
+com.sun.identity.saml.xmlsig.certalias=test
+
+#
+# Specify type of KeyStore used for saml xml signature. Default is JKS.
+# com.sun.identity.saml.xmlsig.storetype=JKS
+
+#
+# Flag for checking the Certificate which is embedded in the
+# KeyInfo against the certificates in the keystore (specified
+# by the "com.sun.identity.saml.xmlsig.keystore" property).
+# Possible values for the key are: on|off. If the flag is "on",
+# the certification must be presented in the keystore for
+# XML signature validation. If the flag is "off", skip
+# the presence checking.
+com.sun.identity.saml.checkcert=on
+
+#
+# XML cannonicalization algorithm. Used for SAML XML signature generation
+# and verification. When not specified, or value is empty, default value
+# will be used. The following is the list of supported algorithms:
+# http://www.w3.org/2001/10/xml-exc-c14n# (default)
+# http://www.w3.org/2001/10/xml-exc-c14n#WithComments
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
+com.sun.identity.saml.xmlsig.c14nMethod=http://www.w3.org/2001/10/xml-exc-c14n#
+
+#
+# XML signature algorithm. Used for SAML XML Signature generation and
+# verification. When not specified, or value is empty, default value will be
+# used. The following is the list of supported algorithms:
+# http://www.w3.org/2000/09/xmldsig#rsa-sha1 (default)
+# http://www.w3.org/2000/09/xmldsig#hmac-sha1
+# http://www.w3.org/2000/09/xmldsig#dsa-sha1
+# http://www.w3.org/2001/04/xmldsig-more#rsa-md5
+# http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160
+# http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
+# http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
+# http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
+# http://www.w3.org/2001/04/xmldsig-more#hmac-md5
+# http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160
+# http://www.w3.org/2001/04/xmldsig-more#hmac-sha256
+# http://www.w3.org/2001/04/xmldsig-more#hmac-sha384
+# http://www.w3.org/2001/04/xmldsig-more#hmac-sha512
+com.sun.identity.saml.xmlsig.xmlSigAlgorithm=
+
+#
+# XML transformation algorithm. Used for SAML XML signature generation
+# and verification. When not specified, or value is empty, default value
+# will be used. The following is the list of supported algorithms:
+# http://www.w3.org/2001/10/xml-exc-c14n# (default)
+# http://www.w3.org/2001/10/xml-exc-c14n#WithComments
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315
+# http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
+# http://www.w3.org/TR/1999/REC-xslt-19991116
+# http://www.w3.org/2000/09/xmldsig#base64
+# http://www.w3.org/TR/1999/REC-xpath-19991116
+# http://www.w3.org/2000/09/xmldsig#enveloped-signature
+# http://www.w3.org/TR/2001/WD-xptr-20010108
+# http://www.w3.org/2002/04/xmldsig-filter2
+# http://www.w3.org/2002/06/xmldsig-filter2
+# http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter
+com.sun.identity.saml.xmlsig.transformAlg=http://www.w3.org/2001/10/xml-exc-c14n#
+
+
+#
+# SAML2 XML Encryption Provider Implementation class
+com.sun.identity.saml2.xmlenc.EncryptionProvider=com.sun.identity.saml2.xmlenc.FMEncProvider
+
+
+#
+# SAML2 XML Signing Provider Implementation class.
+com.sun.identity.saml2.xmlsig.SignatureProvider=com.sun.identity.saml2.xmlsig.FMSigProvider
+
+#
+# SAML2 XML Signing Certificate Validation.
+com.sun.identity.saml2.crl.check=false
+
+#
+# SAML2 XML Signing Certificate Validation.
+com.sun.identity.saml2.crl.check.ca=false
+
+#
+# Client ceritificate alias that will be used in SSL connection for Liberty
+# SOAP Binding
+com.sun.identity.liberty.ws.soap.certalias=
+
+#
+# If the message timestamp is before current timestamp by this amount
+# (millisec), it is considered a stale message.
+com.sun.identity.liberty.ws.soap.staleTimeLimit=300000
+
+#
+# All the messageID of a valid message will be stored in a cache with the it
+# is received to avoid duplicate messages. If the current time minus the
+# received time is greater than the above staleTimeLimit, it should be removed
+# from the cache. The is property specify the interval(millisec) that a
+# cleanup thread should check the cache and remove those messageID.
+com.sun.identity.liberty.ws.soap.messageIDCacheCleanupInterval=60000
+
+#
+# Supported SOAP actors. Each actor must be seperated by '|'
+com.sun.identity.liberty.ws.soap.supportedActors=http://schemas.xmlsoap.org/soap/actor/next
+
+#
+# Namespace prefix mapping used when marshalling a JAXB content tree to a
+# DOM tree. The syntax is
+# <prefix>=<namespace>|<prefix>=<namespace>|..........
+com.sun.identity.liberty.ws.jaxb.namespacePrefixMappingList=S=http://schemas.xmlsoap.org/soap/envelope/|sb=urn:liberty:sb:2003-08|pp=urn:liberty:id-sis-pp:2003-08|ispp=http://www.sun.com/identity/liberty/pp|is=urn:liberty:is:2003-08
+
+#
+# JAXB package list used when constructing JAXBContext. Each package must be
+# seperated by ':'.
+com.sun.identity.liberty.ws.jaxb.packageList=
+
+#
+# Liberty ID-WSF security profile,
+# com.sun.identity.liberty.ws.wsc.certalias specifies default certificate
+# alias for issuing web service security token for this web service client
+# com.sun.identity.liberty.ws.ta.certalias specifies certificate
+# alias for trusted authority that will be used to sign SAML or SAML
+# BEARER token of response message.
+# com.sun.identity.liberty.ws.trustedca.certaliases specifies certificate
+# aliases for trusted CA. SAML or SAML BEARER token of incoming request
+# message needs to be signed by a trusted CA in this list. The syntax is
+# <cert alias 1>[:<issuer 1>]|<cert alias 2>[:<issuer 2>]|.....
+# For example, 'myalias1:myissuer1|myalias2|myalias3:myissuer3
+# 'issuer' is used when the token doesn't have a KeyInfo inside the
+# signature. The 'issuer' of the token needs to be in this list and the
+# corresponding cert alias will be used to verify signature. If KeyInfo
+# exists, the keystore needs to contain a cert alias that matches the
+# KeyInfo and the cert alias needs to be in this list.
+# com.sun.identity.liberty.ws.security.TokenProviderImpl specifies
+# implementation for security token provider
+com.sun.identity.liberty.ws.wsc.certalias=
+com.sun.identity.liberty.ws.ta.certalias=
+com.sun.identity.liberty.ws.trustedca.certaliases=
+com.sun.identity.liberty.ws.security.TokenProviderImpl=com.sun.identity.liberty.ws.security.LibSecurityTokenProvider
+
+
+#
+# URL for WSPRedirectHandlerServlet to handle Liberty WSF WSP-resource owner
+# interactions based on user agent redirects. This should be running in
+# the same JVM where Liberty SP is running
+com.sun.identity.liberty.interaction.wspRedirectHandler=http://localhost:8080/opensso/WSPRedirectHandler
+
+
+#
+# indicates whether WSC would participate in interaction
+# valid values are interactIfNeeded | doNotInteract | doNotInteractForData
+# default value:interactIfNeeded
+# value used if an invalid value is specified:interactIfNeeded
+com.sun.identity.liberty.interaction.wscSpecifiedInteractionChoice=interactIfNeeded
+
+
+#
+# indicates whether WSC would include userInteractionHeader
+# valid values are yes|no (case ignored)
+# default value:yes
+# value used if no value is specified:yes
+com.sun.identity.liberty.interaction.wscWillInlcudeUserInteractionHeader=yes
+
+
+#
+# indicates whether WSC would redirect user for interaction
+# valid values are yes|no
+# default value:yes
+# value used if no value is specified:yes
+com.sun.identity.liberty.interaction.wscWillRedirect=yes
+
+
+#
+# WSC's preference on the acceptable duration for interaction(in seconds)
+# default value if the value is not specified or a non integer value is
+# specified : 60
+com.sun.identity.liberty.interaction.wscSpecifiedMaxInteractionTime=80
+
+
+#
+# indicates whether WSC would enforce that redirected to URL is https
+# valid values are yes|no (case ignored)
+# liberty specification require the value to be yes
+# default value:yes
+# value used if no value is specified:yes
+com.sun.identity.liberty.interaction.wscWillEnforceHttpsCheck=no
+
+
+#
+# This property is used to determine the Liberty identity web services framework
+# to be used when the framework can not determine from the in-bound message or
+# from the resource offering when AM is acting as the WSC.
+# The default version is 1.1, but the possible values are 1.0 or 1.1
+# com.sun.identity.liberty.wsf.version=1.1
+
+#
+# Login URL and Authentication web service URL for Liberty use cases
+com.sun.identity.loginurl=http://localhost:8080/opensso/UI/Login
+com.sun.identity.liberty.authnsvc.url=http://localhost:8080/opensso/Liberty/authnsvc
+
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,9 @@
+SuccessfulLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
+};
+FailureLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
+};
+UserPassLogin {
+ org.jboss.soa.esb.services.security.UserPassLoginModule required;
+};
\ No newline at end of file
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ JBoss, Home of Professional Open Source
+ Copyright 2006, JBoss Inc., and others contributors as indicated
+ by the @authors tag. All rights reserved.
+ See the copyright.txt in the distribution for a
+ full listing of individual contributors.
+ This copyrighted material is made available to anyone wishing to use,
+ modify, copy, or redistribute it subject to the terms and conditions
+ of the GNU Lesser General Public License, v. 2.1.
+ This program is distributed in the hope that it will be useful, but WITHOUT A
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ You should have received a copy of the GNU Lesser General Public License,
+ v.2.1 along with this distribution; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ MA 02110-1301, USA.
+
+ (C) 2005-2006,
+ @author JBoss Inc.
+-->
+<!-- $Id: jbossesb-unittest-properties.xml $ -->
+<!--
+ These options are described in the JBossESB manual.
+ Defaults are provided here for convenience only.
+
+ Please read through this file prior to using the system, and consider
+ updating the specified entries.
+-->
+<esb
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="jbossesb-1_0.xsd">
+ <properties name="core">
+ <property name="org.jboss.soa.esb.jndi.server.context.factory" value="org.jnp.interfaces.NamingContextFactory"/>
+ <property name="org.jboss.soa.esb.jndi.server.url" value="${jboss.esb.bind.address}:1099"/>
+ <property name="org.jboss.soa.esb.persistence.connection.factory" value="org.jboss.internal.soa.esb.persistence.format.MessageStoreFactoryImpl"/>
+ <property name="org.jboss.soa.esb.loadbalancer.policy" value="org.jboss.soa.esb.listeners.ha.RoundRobin"/>
+ <property name="jboss.esb.invm.scope.default" value="NONE"/>
+ </properties>
+ <properties name="security">
+ <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
+ <property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
+ <property name="org.jboss.soa.esb.services.security.configUrl" value="jaas.login"/>
+ </properties>
+ <properties name="registry">
+ <property name="org.jboss.soa.esb.registry.queryManagerURI" value="org.apache.juddi.registry.local.InquiryService#inquire"/>
+ <property name="org.jboss.soa.esb.registry.lifeCycleManagerURI" value="org.apache.juddi.registry.local.PublishService#publish"/>
+ <property name="org.jboss.soa.esb.registry.implementationClass" value="org.jboss.internal.soa.esb.services.registry.JAXRRegistryImpl"/>
+ <property name="org.jboss.soa.esb.registry.factoryClass" value="org.apache.ws.scout.registry.ConnectionFactoryImpl"/>
+ <property name="org.jboss.soa.esb.registry.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.registry.password" value="password"/>
+ <!-- the following parameter is scout specific to set the type of communication between scout and the UDDI (embedded, rmi, soap) -->
+ <property name="org.jboss.soa.esb.scout.proxy.transportClass" value="org.apache.ws.scout.transport.LocalTransport"/>
+ </properties>
+ <properties name="transports" depends="core">
+ <property name="org.jboss.soa.esb.mail.smtp.host" value="localhost"/>
+ <property name="org.jboss.soa.esb.mail.smtp.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.mail.smtp.password" value=""/>
+ <property name="org.jboss.soa.esb.mail.smtp.port" value="25"/>
+ <property name="org.jboss.soa.esb.mail.smtp.auth" value="true"/>
+ <property name="org.jboss.soa.esb.ftp.localdir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.ftp.remotedir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.jms.connectionPool" value="20"/>
+ <property name="org.jboss.soa.esb.jms.sessionSleep" value="30"/>
+ </properties>
+ <properties name="connection">
+ <property name="min-pool-size" value="5"/>
+ <property name="max-pool=size" value="10"/>
+ <property name="blocking-timeout-millis" value="5000"/>
+ <property name="abandoned-connection-timeout" value="10000"/>
+ <property name="abandoned-connection-time-interval" value="30000"/>
+ </properties>
+ <properties name="dbstore">
+
+ <!-- connection manager type -->
+ <!-- <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.StandaloneConnectionManager"/> -->
+ <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.J2eeConnectionManager"/>
+
+ <!-- this property is only used if using the j2ee connection manager -->
+ <property name="org.jboss.soa.esb.persistence.db.datasource.name" value="java:/JBossESBDS"/>
+
+ <!-- standalone connection pooling settings -->
+ <property name="org.jboss.soa.esb.persistence.db.connection.url" value="jdbc:hsqldb:hsql://localhost:9001/"/>
+ <property name="org.jboss.soa.esb.persistence.db.jdbc.driver" value="org.hsqldb.jdbcDriver"/>
+ <property name="org.jboss.soa.esb.persistence.db.user" value="sa"/>
+ <property name="org.jboss.soa.esb.persistence.db.pwd" value=""/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.initial.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.min.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.max.size" value="5"/>
+ <!--table managed by pool to test for valid connections - created by pool automatically -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.test.table" value="pooltest"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.timeout.millis" value="5000"/>
+
+ </properties>
+ <properties name="filters">
+ <property name="org.jboss.soa.esb.filter.1" value="org.jboss.internal.soa.esb.message.filter.MetaDataFilter"/>
+ <property name="org.jboss.soa.esb.filter.2" value="org.jboss.internal.soa.esb.message.filter.GatewayFilter"/>
+ </properties>
+</esb>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,138 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2006, JBoss Inc., and
+ * individual contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.listeners.config.mappers;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.dom.YADOMUtil;
+import org.jboss.soa.esb.listeners.ListenerTagNames;
+import org.jboss.soa.esb.listeners.config.Generator;
+import org.jboss.soa.esb.listeners.config.Generator.XMLBeansModel;
+import org.jboss.soa.esb.listeners.config.xbeanmodel.ServiceDocument.Service;
+import org.junit.Before;
+import org.junit.Test;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+/**
+ * Unit test for {@link SecurityMapper}
+ * <p/>
+ *
+ * @author Daniel Bevenius
+ *
+ */
+public class SecurityMapperUnitTest
+{
+ private static final String ESB_CONFIG = "jbossesb_config_security.xml";
+
+ private Element root;
+ private XMLBeansModel model;
+
+ private Service service;
+
+ private Node securityNode;
+
+ @Test
+ public void mapRunAs() throws ConfigurationException
+ {
+ Node runAsNode = securityNode.getAttributes().getNamedItem( ListenerTagNames.RUN_AS_TAG );
+ assertNotNull( runAsNode.getNodeName() );
+ assertEquals( "MrPoon", runAsNode.getNodeValue() );
+ }
+
+ @Test
+ public void mapModuleName() throws ConfigurationException
+ {
+ Node moduleNameNode = securityNode.getAttributes().getNamedItem( ListenerTagNames.MODULE_NAME_TAG );
+ assertNotNull( moduleNameNode.getNodeName() );
+ assertEquals( "mod1", moduleNameNode.getNodeValue());
+ }
+
+ @Test
+ public void mapUseCallersIdentity() throws ConfigurationException
+ {
+ Node userIdentityNode = securityNode.getAttributes().getNamedItem( ListenerTagNames.USE_CALLERS_IDENTIDY_TAG );
+ assertNotNull( userIdentityNode.getNodeName() );
+ assertEquals( "user1", userIdentityNode.getNodeValue());
+ }
+
+ // setup methods
+
+ @Before
+ public void setup() throws ConfigurationException, IOException
+ {
+ root = createRootElement();
+ model = getXmlBeanModel( ESB_CONFIG );
+ service = model.getServices().get( 0 );
+
+ SecurityMapper.map( root, service );
+ securityNode = root.getFirstChild();
+ }
+
+ private XMLBeansModel getXmlBeanModel( String fileName ) throws ConfigurationException, IOException
+ {
+ InputStream inputStream = getClass().getResourceAsStream( ESB_CONFIG );
+ GeneratorMock mock = new GeneratorMock( inputStream );
+ XMLBeansModel model = mock.getModel();
+ return model;
+ }
+
+ private Element createRootElement() throws ConfigurationException
+ {
+ Document doc = YADOMUtil.createDocument();
+ Element root = YADOMUtil.addElement(doc, "jbossesb-gateways");
+ root.setAttribute("parameterReloadSecs", "1000" );
+ return root;
+ }
+
+ /**
+ * Just here to get proved access to the XMLBeansModel
+ *
+ */
+ private class GeneratorMock extends Generator
+ {
+
+ public GeneratorMock(InputStream config) throws ConfigurationException, IOException
+ {
+ super( config );
+ }
+
+ @Override
+ public XMLBeansModel getModel()
+ {
+ return super.getModel();
+ }
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter( SecurityMapperUnitTest.class );
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,34 @@
+<?xml version = "1.0" encoding = "UTF-8"?>
+<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.0.1.xsd">
+
+ <providers>
+
+ <jms-provider
+ name="JBossMessaging"
+ connection-factory="XAConnectionFactory"
+ jndi-URL="jnp://127.0.0.1:1099"
+ jndi-context-factory="org.jnp.interfaces.NamingContextFactory"
+ jndi-pkg-prefix="org.jboss.naming:org.jnp.interfaces">
+
+ <jms-bus busid="quickstartEsbChannel">
+ <jms-message-filter
+ dest-type="QUEUE"
+ dest-name="queue/quickstart_jms_transacted_Request_esb"
+ selector="CorrelationID = '13'"/>
+ </jms-bus>
+ </jms-provider>
+
+ </providers>
+ <services>
+ <service category="Test2" name="JMSJCATest" description="JMS JCA Test">
+ <security runAs="MrPoon" moduleName="mod1" useCallersIdentity="user1"/>
+ <listeners>
+ <jms-listener name="JMSListener" busidref="quickstartEsbChannel" maxThreads="1"/>
+ </listeners>
+ <actions>
+ <action name="TestDefaultRouteAction" class="org.jboss.soa.esb.actions.ContentBasedRouter"/>
+ </actions>
+ </service>
+ </services>
+
+</jbossesb>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,130 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.util.Map;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.helpers.ConfigTree;
+import org.jboss.soa.esb.listeners.ListenerTagNames;
+import org.junit.Test;
+
+/**
+ * Unit test for {@link SecurityConfigUtil}
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class SecurityConfigUtilUnitTest
+{
+ private String runAs = "kalle";
+
+ @Test
+ public void createSecurityConfigInfoWithAuth()
+ {
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, null);
+
+ SecurityConfig securityInfo = SecurityConfigUtil.createSecurityConfig(securityFragment);
+ assertEquals(runAs, securityInfo.getRunAs());
+ assertNull(securityInfo.getUseCallerIdentity());
+ }
+
+ @Test
+ public void createSecurityConfigInfoWithoutAuth()
+ {
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, null);
+ SecurityConfig securityInfo = SecurityConfigUtil.createSecurityConfig(securityFragment);
+ assertEquals(runAs, securityInfo.getRunAs());
+ assertNull(securityInfo.getUseCallerIdentity());
+ }
+
+ @Test
+ public void createSecurityConfigInfoWithUseCallersIdentity()
+ {
+ final String callersIdentity = "DrCox";
+ final ConfigTree securityFragment = createSecurityFragment(runAs, callersIdentity, null);
+ SecurityConfig securityInfo = SecurityConfigUtil.createSecurityConfig(securityFragment);
+ assertEquals(callersIdentity, securityInfo.getUseCallerIdentity());
+ }
+
+ @Test
+ public void createSecurityConfigInfoWithModuleName()
+ {
+ final String moduleName = "testModule";
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, moduleName);
+ SecurityConfig securityInfo = SecurityConfigUtil.createSecurityConfig(securityFragment);
+ assertEquals(moduleName, securityInfo.getModuleName());
+ }
+
+ @Test
+ public void hasRunAs()
+ {
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, null);
+ SecurityConfig securityInfo = SecurityConfigUtil.createSecurityConfig(securityFragment);
+ assertTrue(securityInfo.hasRunAs());
+ }
+
+ @Test
+ public void properties()
+ {
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, null, "kalle");
+ SecurityConfig securityInfo = SecurityConfigUtil.createSecurityConfig(securityFragment);
+ Map<String, String> properties = securityInfo.getProperties();
+ assertNotNull( properties );
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(SecurityConfigUtilUnitTest.class);
+ }
+
+ private ConfigTree createSecurityFragment(
+ final String runAs,
+ final String callerIdentity,
+ final String moduleName)
+ {
+ final ConfigTree securityElement = new ConfigTree(ListenerTagNames.SECURITY_TAG);
+ securityElement.setAttribute(ListenerTagNames.RUN_AS_TAG, runAs);
+ securityElement.setAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG, callerIdentity);
+ securityElement.setAttribute(ListenerTagNames.MODULE_NAME_TAG, moduleName);
+ return securityElement;
+ }
+
+ private ConfigTree createSecurityFragment(
+ final String runAs,
+ final String callerIdentity,
+ final String moduleName,
+ final String alias)
+ {
+ final ConfigTree securityElement = createSecurityFragment(runAs, callerIdentity, moduleName);
+ ConfigTree property = new ConfigTree("property", securityElement);
+ property.setAttribute("name", "alias");
+ property.setAttribute("value", alias);
+ return securityElement;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityContextUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityContextUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityContextUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import static org.junit.Assert.*;
+
+import javax.security.auth.Subject;
+
+import org.jboss.soa.esb.services.security.principals.Group;
+import org.jboss.soa.esb.services.security.principals.Role;
+import org.jboss.soa.esb.services.security.principals.User;
+import org.junit.Test;
+
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class SecurityContextUnitTest
+{
+ @Test
+ public void isCallerInRole()
+ {
+ Subject subject = new Subject();
+ subject.getPrincipals().add( new User("AustinPowerwich") );
+ Group roles = new Group("Roles");
+ roles.addMember( new Role("Admin"));
+ subject.getPrincipals().add(roles);
+
+ SecurityContext securityContext = new SecurityContext(subject);
+ boolean callerInRole = securityContext.isCallerInRole("Admin");
+ assertTrue( callerInRole );
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(SecurityContextUnitTest.class);
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import static org.junit.Assert.assertNotNull;
+
+import java.net.URL;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class SecurityServiceFactoryUnitTest
+{
+ private String jbossEsbProperties;
+
+
+ @Test
+ public void getSecurityService() throws Exception
+ {
+ SecurityService securityService = SecurityServiceFactory.getSecurityService();
+ assertNotNull( securityService );
+ }
+
+ @Before
+ public void setup()
+ {
+ jbossEsbProperties = System.getProperty(Environment.PROPERTIES_FILE);
+ URL resource = ClassUtil.getResource("security-properties.xml", getClass());
+ System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
+ }
+
+ @After
+ public void tearDown()
+ {
+ if ( jbossEsbProperties != null )
+ System.setProperty(Environment.PROPERTIES_FILE, jbossEsbProperties);
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(SecurityServiceFactoryUnitTest.class);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestLoginModule.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestLoginModule.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestLoginModule.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,126 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+/**
+ * LoginModule intended for testing perposes. <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ */
+public class TestLoginModule implements LoginModule
+{
+ private Subject subject;
+
+ // the authentication status
+ private boolean succeeded = false;
+
+ private boolean commitSucceeded = false;
+
+ private String username = "test";
+
+ private TestPrincipal principal;
+
+ private static boolean forceLogin;
+
+ private CallbackHandler callbackHandler;
+
+ public void initialize( final Subject subject, final CallbackHandler callbackHandler, final Map<String,?> sharedState, final Map<String,?> options )
+ {
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ forceLogin = "true".equalsIgnoreCase( (String) options.get( "forceLogin" ) );
+ }
+
+ public boolean login() throws LoginException
+ {
+ if ( forceLogin )
+ {
+ succeeded = true;
+ return true;
+ }
+ else
+ {
+ succeeded = false;
+ throw new FailedLoginException( "Login failed" );
+ }
+ }
+
+ public boolean commit() throws LoginException
+ {
+ if (succeeded == false)
+ {
+ return false;
+ }
+ else
+ {
+ principal = new TestPrincipal( username );
+ if ( !subject.getPrincipals().contains( principal ) )
+ {
+ subject.getPrincipals().add( principal );
+ }
+
+ // in any case, clean out state
+ username = null;
+
+ commitSucceeded = true;
+ return true;
+ }
+ }
+
+ public boolean abort() throws LoginException
+ {
+ if (succeeded == false)
+ {
+ return false;
+ }
+ else if ( succeeded == true && commitSucceeded == false)
+ {
+ // login succeeded but overall authentication failed
+ succeeded = false;
+ username = null;
+ principal = null;
+ }
+ else
+ {
+ logout();
+ }
+ return true;
+ }
+
+ public boolean logout() throws LoginException
+ {
+
+ subject.getPrincipals().remove( principal );
+ succeeded = false;
+ succeeded = commitSucceeded;
+ username = null;
+ principal = null;
+ return true;
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestPrincipal.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestPrincipal.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/TestPrincipal.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,58 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import java.security.Principal;
+
+import org.jboss.internal.soa.esb.assertion.AssertArgument;
+
+/**
+ * Principal intented for use in test. </p>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ */
+public class TestPrincipal implements Principal, java.io.Serializable
+{
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * @serial
+ */
+ private String name;
+
+ public TestPrincipal(String name)
+ {
+ AssertArgument.isNotNull( name, "name" );
+ this.name = name;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ @Override
+ public String toString()
+ {
+ return "TestPrincipal [ name=" + name + "]";
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/UserPassLoginModule.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/UserPassLoginModule.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/UserPassLoginModule.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,111 @@
+package org.jboss.soa.esb.services.security;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+public class UserPassLoginModule implements LoginModule
+{
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private TestPrincipal principal;
+
+ private String userName = null;
+ private boolean succeeded = false;
+ private boolean commitSucceeded = false;
+
+ public void initialize(
+ final Subject subject,
+ final CallbackHandler callbackHandler ,
+ final Map<String,?> sharedMap,
+ final Map<String,?> options)
+ {
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ }
+
+ public boolean login() throws LoginException
+ {
+ NameCallback nameCallback = new NameCallback("user:");
+ PasswordCallback passwordCallback = new PasswordCallback("password:", true);
+ try
+ {
+ callbackHandler.handle(new Callback[] { nameCallback, passwordCallback });
+ }
+ catch (IOException e)
+ {
+ throw new LoginException(e.getMessage());
+ }
+ catch (UnsupportedCallbackException e)
+ {
+ throw new LoginException(e.getMessage());
+ }
+
+ // dummy login
+ final String name = nameCallback.getName();
+ final String passwd = new String(passwordCallback.getPassword());
+ if (name.equals("testUser") && passwd.equals("testPassword"))
+ {
+ userName = name;
+ succeeded = true;
+ return true;
+ } else
+ {
+ succeeded = false;
+ return false;
+ }
+ }
+
+ public boolean commit() throws LoginException
+ {
+ if (!succeeded)
+ {
+ userName = null;
+ return false;
+ }
+
+ principal = new TestPrincipal(userName);
+ if (!subject.getPrincipals().contains(principal))
+ {
+ subject.getPrincipals().add(principal);
+ }
+
+ userName = null;
+ commitSucceeded = true;
+ return true;
+ }
+
+ public boolean abort() throws LoginException
+ {
+ if (succeeded == false)
+ {
+ return false;
+ }
+ else if (succeeded == true && commitSucceeded == true)
+ {
+ logout();
+ }
+ else
+ {
+ succeeded = false;
+ }
+ return true;
+ }
+
+ public boolean logout() throws LoginException
+ {
+ subject.getPrincipals().remove(principal);
+ principal = null;
+ userName = null;
+ succeeded = commitSucceeded = false;
+ return true;
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,70 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.actions;
+
+import static org.junit.Assert.*;
+
+import javax.security.auth.Subject;
+
+import org.jboss.security.SecurityAssociation;
+import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.message.format.MessageFactory;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.principals.User;
+import org.junit.Test;
+
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ * Unittest for {@link JBossSecurityPropagator}
+ * </p>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class JBossSecurityPropagatorUnitTest
+{
+ @Test
+ public void process()
+ {
+ JBossSecurityPropagator propagator = new JBossSecurityPropagator();
+ propagator.setRunAs("adminRole");
+ Message message = MessageFactory.getInstance().getMessage();
+ Subject subject = new Subject();
+ subject.getPrincipals().add(new User("testUser"));
+
+ SecurityContext securityContext = new SecurityContext(subject);
+ message.getProperties().setProperty( SecurityService.CONTEXT, securityContext );
+
+ propagator.process(message);
+
+ Subject jbossSubject = SecurityAssociation.getSubject();
+ System.out.println(jbossSubject);
+ assertEquals( subject, jbossSubject);
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(JBossSecurityPropagatorUnitTest.class);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,52 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth;
+
+import static org.junit.Assert.*;
+
+import java.security.Principal;
+
+import org.jboss.soa.esb.services.security.TestPrincipal;
+import org.junit.Test;
+
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class AuthenticationRequestUnitTest
+{
+ @Test
+ public void contruct()
+ {
+ final Principal principal = new TestPrincipal("testUser");
+ AuthenticationRequest request = new AuthenticationRequestImpl.Builder(principal, null ).bulid();
+ assertEquals( principal, request.getPrincipal());
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(AuthenticationRequestUnitTest.class);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractorUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractorUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/HttpSecurityInfoExtractorUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,373 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.http;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.Principal;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.util.Base64;
+import org.junit.Test;
+
+/**
+ * Unit test for {@link HttpSecurityInfoExtractor}
+ * <p>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ */
+public class HttpSecurityInfoExtractorUnitTest
+{
+ private String username = "Bob";
+ private String password = "Kelso";
+
+ @Test
+ public void extractSecurityInfo() throws IOException
+ {
+ HttpSecurityInfoExtractor extractor = new HttpSecurityInfoExtractor();
+ MockHttpServletRequest httpRequest = new MockHttpServletRequest();
+ httpRequest.setAuthType("BASIC");
+ String userNamePassword= username + ":" + password;
+ String base64Userpass = Base64.encodeBytes(userNamePassword.getBytes());
+ final String authString = "Basic " + base64Userpass;
+
+ httpRequest.addHeader("Authorization", authString);
+ AuthenticationRequest authRequest = extractor.extractSecurityInfo(httpRequest);
+
+ assertNotNull(authRequest);
+ char[] passwd = (char[]) authRequest.getCredentials().iterator().next();
+ assertEquals(password, new String(passwd));
+ assertEquals(username, authRequest.getPrincipal().getName());
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(HttpSecurityInfoExtractorUnitTest.class);
+ }
+
+ private static class MockHttpServletRequest implements HttpServletRequest
+ {
+ private String authType;
+ private Map<String,String> headers = new HashMap<String,String>();
+
+ public void setAuthType(String authType)
+ {
+ this.authType = authType;
+ }
+
+ public String getAuthType()
+ {
+ return authType;
+ }
+
+ public String getContextPath()
+ {
+ return null;
+ }
+
+ public Cookie[] getCookies()
+ {
+ return null;
+ }
+
+ public long getDateHeader(String arg0)
+ {
+ return 0;
+ }
+
+ public String getHeader(String header)
+ {
+ return headers.get(header);
+ }
+ public void addHeader(final String headerName, final String object)
+ {
+ headers.put(headerName, object);
+ }
+
+ public Enumeration getHeaderNames()
+ {
+ return null;
+ }
+
+ public Enumeration getHeaders(String arg0)
+ {
+ return null;
+ }
+
+ public int getIntHeader(String arg0)
+ {
+ return 0;
+ }
+
+ public String getMethod()
+ {
+ return null;
+ }
+
+ public String getPathInfo()
+ {
+ return null;
+ }
+
+ public String getPathTranslated()
+ {
+ return null;
+ }
+
+ public String getQueryString()
+ {
+ return null;
+ }
+
+ public String getRemoteUser()
+ {
+ return null;
+ }
+
+ public String getRequestURI()
+ {
+ return null;
+ }
+
+ public StringBuffer getRequestURL()
+ {
+ return null;
+ }
+
+ public String getRequestedSessionId()
+ {
+ return null;
+ }
+
+ public String getServletPath()
+ {
+ return null;
+ }
+
+ public HttpSession getSession()
+ {
+ return null;
+ }
+
+ public HttpSession getSession(boolean arg0)
+ {
+ return null;
+ }
+
+ private Principal userPrincipal;
+
+ public void setUserPrincipal(Principal userPrincipal)
+ {
+ this.userPrincipal = userPrincipal;
+ }
+
+ public Principal getUserPrincipal()
+ {
+ return this.userPrincipal;
+ }
+
+ public boolean isRequestedSessionIdFromCookie()
+ {
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromURL()
+ {
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromUrl()
+ {
+ return false;
+ }
+
+ public boolean isRequestedSessionIdValid()
+ {
+ return false;
+ }
+
+ public boolean isUserInRole(String arg0)
+ {
+ return false;
+ }
+
+ public Object getAttribute(String arg0)
+ {
+ return null;
+ }
+
+ public Enumeration getAttributeNames()
+ {
+ return null;
+ }
+
+ public String getCharacterEncoding()
+ {
+ return null;
+ }
+
+ public int getContentLength()
+ {
+ return 0;
+ }
+
+ public String getContentType()
+ {
+ return null;
+ }
+
+ public ServletInputStream getInputStream() throws IOException
+ {
+ return null;
+ }
+
+ public String getLocalAddr()
+ {
+ return null;
+ }
+
+ public String getLocalName()
+ {
+ return null;
+ }
+
+ public int getLocalPort()
+ {
+ return 0;
+ }
+
+ public Locale getLocale()
+ {
+ return null;
+ }
+
+ public Enumeration getLocales()
+ {
+ return null;
+ }
+
+ public String getParameter(String arg0)
+ {
+ return null;
+ }
+
+ public Map getParameterMap()
+ {
+ return null;
+ }
+
+ public Enumeration getParameterNames()
+ {
+ return null;
+ }
+
+ public String[] getParameterValues(String arg0)
+ {
+ return null;
+ }
+
+ public String getProtocol()
+ {
+ return null;
+ }
+
+ public BufferedReader getReader() throws IOException
+ {
+ return null;
+ }
+
+ public String getRealPath(String arg0)
+ {
+ return null;
+ }
+
+ public String getRemoteAddr()
+ {
+ return null;
+ }
+
+ public String getRemoteHost()
+ {
+ return null;
+ }
+
+ public int getRemotePort()
+ {
+ return 0;
+ }
+
+ public RequestDispatcher getRequestDispatcher(String arg0)
+ {
+ return null;
+ }
+
+ public String getScheme()
+ {
+ return null;
+ }
+
+ public String getServerName()
+ {
+ return null;
+ }
+
+ public int getServerPort()
+ {
+ return 0;
+ }
+
+ public boolean isSecure()
+ {
+ return false;
+ }
+
+ public void removeAttribute(String arg0)
+ {
+ }
+
+ public void setAttribute(String arg0, Object arg1)
+ {
+ }
+
+ public void setCharacterEncoding(String arg0) throws UnsupportedEncodingException
+ {
+ }
+
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractorUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractorUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/JbrHttpSecurityInfoExtractorUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,73 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.http;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.junit.Test;
+
+/**
+ * Unit test for {@link JbrHttpSecurityInfoExtractor}
+ * <p>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
+ */
+public class JbrHttpSecurityInfoExtractorUnitTest
+{
+ private String username = "Alf";
+ private String password = "Melmac";
+
+ @Test
+ public void extractSecurityInfo()
+ {
+ Map<String,Object> metadata = createRequestMap(username, password);
+
+ JbrHttpSecurityInfoExtractor extractor = new JbrHttpSecurityInfoExtractor();
+ AuthenticationRequest authRequest = extractor.extractSecurityInfo(metadata);
+
+ assertNotNull(authRequest);
+ assertEquals(username, authRequest.getPrincipal().getName());
+ char[] passwd = (char[]) authRequest.getCredentials().iterator().next();
+ assertEquals(password, new String(passwd));
+ }
+
+ private Map<String,Object> createRequestMap(final String username, final String password)
+ {
+ Map<String,Object> metadata = new HashMap<String,Object>();
+ metadata.put("http.basic.username", username);
+ metadata.put("http.basic.password", password);
+ return metadata;
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(JbrHttpSecurityInfoExtractorUnitTest.class);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/keystore
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/keystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityTokenTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityTokenTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityTokenTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.ws;
+
+import static org.junit.Assert.*;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.jboss.internal.soa.esb.util.StreamUtils;
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.Test;
+import org.xml.sax.SAXException;
+
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ * Unittest for {@link BinarySecurityToken}
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class BinarySecurityTokenTest
+{
+ private String expectedEncoding = "Base64Binary";
+ private String expectedValueType = "X509v3";
+ private BinarySecurityToken token = new BinarySecurityToken();
+
+ @Test
+ public void setEncodingTypeWithNSPrefix()
+ {
+ token.setEncodingType("wsse:" + expectedEncoding);
+ assertEquals( expectedEncoding, token.getEncodingType() );
+ }
+
+ @Test
+ public void setEncodingTypeWithNSPrefix2()
+ {
+ token.setEncodingType("d:" + expectedEncoding);
+ assertEquals( expectedEncoding, token.getEncodingType() );
+ }
+
+ @Test
+ public void setEncodingTypeWithoutNSPrefix()
+ {
+ token.setEncodingType(expectedEncoding);
+ assertEquals( expectedEncoding, token.getEncodingType() );
+ }
+
+ @Test
+ public void setEncodingType()
+ {
+ token.setEncodingType(expectedEncoding);
+ assertEquals( expectedEncoding, token.getEncodingType() );
+ }
+
+ @Test
+ public void setEncodingTypeNull()
+ {
+ token.setEncodingType(null);
+ assertNull(token.getEncodingType());
+ }
+
+ @Test
+ public void setKey() throws ConfigurationException, SAXException, IOException, ParserConfigurationException
+ {
+ token.setEncodingType(expectedEncoding);
+ token.setValueType(expectedValueType);
+ token.setKey(getExampleCert());
+ }
+
+ private String getExampleCert() throws SAXException, IOException, ParserConfigurationException, ConfigurationException
+ {
+ InputStream inputStream = ClassUtil.getResourceAsStream("cert-example.xml", getClass() );
+ return new String(StreamUtils.readStream(inputStream));
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(BinarySecurityTokenTest.class);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractorUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractorUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractorUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,90 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.ws;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import java.io.IOException;
+import java.io.InputStream;
+import javax.xml.parsers.ParserConfigurationException;
+import junit.framework.JUnit4TestAdapter;
+import org.jboss.internal.soa.esb.util.StreamUtils;
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.Test;
+import org.xml.sax.SAXException;
+
+
+/**
+ * Unit test for {@link WSSecurityInfoExtractor}
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class WSSecurityInfoExtractorUnitTest
+{
+ @Test
+ public void extractUserPassSecurityInfo() throws SAXException, IOException, ParserConfigurationException, ConfigurationException
+ {
+ WSSecurityInfoExtractor extractor = new WSSecurityInfoExtractor("smooks-config.xml");
+ String soap = createUserPassSoapString();
+ AuthenticationRequest authRequest = extractor.extractSecurityInfo(soap);
+ assertNotNull(authRequest);
+ assertEquals( "Clark", authRequest.getPrincipal().getName());
+ }
+
+ @Test
+ public void extractKeySecurityInfo() throws SAXException, IOException, ParserConfigurationException, ConfigurationException
+ {
+ WSSecurityInfoExtractor extractor = new WSSecurityInfoExtractor("smooks-config.xml");
+ String soap = createKeySoapString();
+ AuthenticationRequest authRequest = extractor.extractSecurityInfo(soap);
+ assertNotNull(authRequest);
+ assertTrue( authRequest.getCredentials().size() > 0 );
+ Object cert = authRequest.getCredentials().iterator().next();
+ assertTrue( cert instanceof java.security.cert.X509Certificate);
+ }
+
+ private String createUserPassSoapString() throws SAXException, IOException, ParserConfigurationException, ConfigurationException
+ {
+ return getStringFromFile("soap-userpass-example.xml");
+ }
+
+ private String createKeySoapString() throws SAXException, IOException, ParserConfigurationException, ConfigurationException
+ {
+ return getStringFromFile("soap-keys-example.xml");
+ }
+
+ private String getStringFromFile(final String fileName ) throws SAXException, IOException, ParserConfigurationException, ConfigurationException
+ {
+ InputStream inputStream = ClassUtil.getResourceAsStream(fileName, getClass() );
+ return new String(StreamUtils.readStream(inputStream));
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(WSSecurityInfoExtractorUnitTest.class);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/cert-example.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/cert-example.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/cert-example.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,11 @@
+MIICQjCCAasCBEif0tUwDQYJKoZIhvcNAQEEBQAwaDELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0
+b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRAwDgYDVQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVK
+Qm9zczEPMA0GA1UEAxMGRGFuaWVsMB4XDTA4MDgxMTA1NDkwOVoXDTA4MTEwOTA1NDkwOVowaDEL
+MAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRAwDgYD
+VQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVKQm9zczEPMA0GA1UEAxMGRGFuaWVsMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCdSh96Xyt4LeZbXz9pk4eaHrj2sGFmI9lkLQiW/DbF9ETXFvWYCS4N
+lsONmPx63KSbzJZQZRlJSAW2y6hQO18G9NMFQpn2W/jtPSw61kH3dXDQ+kZ2UMk9K93nt4XLvGm6
+dMQAGZAjzpz4lzhcYrDJI4NMw5LpeljDawkradtuiwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAHi2
+S1zC8jIqncSeMRwOvPOEQIcsZJELYFUCiTwPrAg5hNkp/oewm6uCkgqmry09+3+ZXg2KLQ+RgeuV
+8yfeBvk7TFjtOWeHWnBOaxKiAyLibxGchVfMPl847MZ2w4d6vu776cqb1NKghAE53dn9AzUHIWwx
+OizXyDaDiBMj5xgs
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/smooks-config.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/smooks-config.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/smooks-config.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<smooks-resource-list xmlns="http://www.milyn.org/xsd/smooks-1.0.xsd">
+
+ <resource-config selector="Envelope/Header/Security/UsernameToken">
+ <resource>org.milyn.javabean.BeanPopulator</resource>
+ <param name="beanId">userNameToken</param>
+ <param name="beanClass">org.jboss.soa.esb.services.security.auth.ws.UsernameToken</param>
+ <param name="bindings">
+ <binding property="userName" selector="Username" default="" />
+ <binding property="password" selector="Password" />
+ </param>
+ </resource-config>
+
+ <resource-config selector="Envelope/Header/Security/BinarySecurityToken">
+ <resource>org.milyn.javabean.BeanPopulator</resource>
+ <param name="beanId">binarySecurityToken</param>
+ <param name="beanClass">org.jboss.soa.esb.services.security.auth.ws.BinarySecurityToken</param>
+ <param name="bindings">
+ <binding property="encodingType" selector="BinarySecurityToken @EncodingType" />
+ <binding property="valueType" selector="BinarySecurityToken @ValueType" />
+ <binding property="key" selector="BinarySecurityToken" />
+ </param>
+ </resource-config>
+
+</smooks-resource-list>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-keys-example.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-keys-example.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-keys-example.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,22 @@
+<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+ <soap:Header>
+ <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
+ <wsse:BinarySecurityToken EncodingType="wsse:Base64Binary" ValueType="wsse:X509v3">MIICVDCCAb0CBEii4NgwDQYJKoZIhvcNAQEEBQAwcTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0
+b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRAwDgYDVQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVK
+Qm9zczEYMBYGA1UEAxMPRGFuaWVsIEJldmVuaXVzMB4XDTA4MDgxMzEzMjU0NFoXDTM1MTIyOTEz
+MjU0NFowcTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2to
+b2xtMRAwDgYDVQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVKQm9zczEYMBYGA1UEAxMPRGFuaWVsIEJl
+dmVuaXVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJRSE6wHkF5DK6DkHTMPnP4dNZXeon
+cCP7Ufn5hjXWLdsq9dAEbuiRLAE4HoNxxqgCHdoKjMO9N1/CIn5dmWw4DBWLp8OHx8Wnyp0MYmCz
+B31jHJpuXkkRq50vRYtKN0NIOyw7eF+XWf4u0dXNgFtXHuUxhAyEm/kTxO1SNVUTwwIDAQABMA0G
+CSqGSIb3DQEBBAUAA4GBADCzl0gXAY0xysdHkKNdwaBDzlibLPz2zmaHcit841qVn05p/I1gsbUV
+vEPh6i/Dj57vdE+X66sPbI36uZiqyWqEr6wvCJDtaTbhSLmckk7ioXwLvdKEQ150MPBsjWRRnFGN
+tZhrQfjo0q8seLh0kgconbfN4pHllfNkJPcdSBvi</wsse:BinarySecurityToken>
+ </wsse:Security>
+ </soap:Header>
+ <soap:Body>
+ </soap:Body>
+</soap:Envelope>
+
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-userpass-example.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-userpass-example.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/ws/soap-userpass-example.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,18 @@
+<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+
+ <soap:Header>
+ <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
+ <wsse:UsernameToken>
+ <wsse:Username>Clark</wsse:Username>
+ <wsse:Password>griswald</wsse:Password>
+ </wsse:UsernameToken>
+ </wsse:Security>
+ </soap:Header>
+
+ <soap:Body>
+ </soap:Body>
+
+</soap:Envelope>
+
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,9 @@
+SuccessfulLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
+};
+FailureLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
+};
+UserPassLogin {
+ org.jboss.soa.esb.services.security.SimpleLoginModule required ;
+};
\ No newline at end of file
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/GroupUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/GroupUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/GroupUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,69 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.principals;
+
+import static org.junit.Assert.*;
+import org.junit.Test;
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ * Unit test for {@link Role}
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class GroupUnitTest
+{
+ private Group groupOne = new Group("groupOne");
+ private Group group1 = new Group("groupOne");
+ private Group groupTwo = new Group("groupTwo");
+ private Group group2 = new Group("groupTwo");
+
+ @Test (expected = NullPointerException.class)
+ public void constuctWithNullGroupName()
+ {
+ new Group(null);
+ }
+
+ @Test
+ public void equals()
+ {
+ groupOne.addMember(new Role("role1"));
+ assertFalse(group1.equals(groupOne));
+ assertFalse(groupOne.equals(group1));
+ assertFalse(groupOne.equals(group2));
+ group1.addMember(new Role("role1"));
+ assertEquals(groupOne, group1);
+ }
+
+ @Test
+ public void hashcode()
+ {
+ assertEquals(groupOne.hashCode(), group1.hashCode());
+ assertFalse(groupOne.hashCode() == groupTwo.hashCode());
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(GroupUnitTest.class);
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/RoleUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/RoleUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/principals/RoleUnitTest.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,65 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.principals;
+
+import static org.junit.Assert.*;
+import org.junit.Test;
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ * Unit test for {@link Role}
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class RoleUnitTest
+{
+ private Role roleOne = new Role("roleOne");
+ private Role role1 = new Role("roleOne");
+ private Role roleTwo = new Role("roleTwo");
+ private Role role2 = new Role("roleTwo");
+
+ @Test (expected = NullPointerException.class)
+ public void constuctWithNullRoleName()
+ {
+ new Role(null);
+ }
+
+ @Test
+ public void equals()
+ {
+ assertEquals(roleOne, role1);
+ assertFalse(roleOne.equals(role2));
+ }
+
+ @Test
+ public void hashcode()
+ {
+ assertEquals(roleOne.hashCode(), role1.hashCode());
+ assertFalse(roleOne.hashCode() == roleTwo.hashCode());
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(RoleUnitTest.class);
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ JBoss, Home of Professional Open Source
+ Copyright 2006, JBoss Inc., and others contributors as indicated
+ by the @authors tag. All rights reserved.
+ See the copyright.txt in the distribution for a
+ full listing of individual contributors.
+ This copyrighted material is made available to anyone wishing to use,
+ modify, copy, or redistribute it subject to the terms and conditions
+ of the GNU Lesser General Public License, v. 2.1.
+ This program is distributed in the hope that it will be useful, but WITHOUT A
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ You should have received a copy of the GNU Lesser General Public License,
+ v.2.1 along with this distribution; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ MA 02110-1301, USA.
+
+ (C) 2005-2006,
+ @author JBoss Inc.
+-->
+<!-- $Id: jbossesb-unittest-properties.xml $ -->
+<!--
+ These options are described in the JBossESB manual.
+ Defaults are provided here for convenience only.
+
+ Please read through this file prior to using the system, and consider
+ updating the specified entries.
+-->
+<esb
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="jbossesb-1_0.xsd">
+ <properties name="core">
+ <property name="org.jboss.soa.esb.jndi.server.type" value="jboss"/>
+ <property name="org.jboss.soa.esb.jndi.server.url" value="localhost"/>
+ <property name="org.jboss.soa.esb.persistence.connection.factory" value="org.jboss.internal.soa.esb.persistence.format.MessageStoreFactoryImpl"/>
+ <property name="jboss.esb.invm.scope.default" value="NONE"/>
+ </properties>
+ <properties name="security">
+ <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
+ <property name="org.jboss.soa.esb.services.security.configUrl" value="jaas.login"/>
+ </properties>
+ <properties name="registry">
+ <property name="org.jboss.soa.esb.registry.queryManagerURI"
+ value="jnp://localhost:1099/InquiryService?org.apache.juddi.registry.rmi.Inquiry#inquire"/>
+ <property name="org.jboss.soa.esb.registry.lifeCycleManagerURI"
+ value="jnp://localhost:1099/PublishService?org.apache.juddi.registry.rmi.Publish#publish" />
+ <property name="org.jboss.soa.esb.registry.implementationClass"
+ value="org.jboss.internal.soa.esb.services.registry.JAXRRegistryImpl"/>
+ <property name="org.jboss.soa.esb.registry.factoryClass"
+ value="org.apache.ws.scout.registry.ConnectionFactoryImpl"/>
+ <property name="org.jboss.soa.esb.registry.user"
+ value="jbossesb"/>
+ <property name="org.jboss.soa.esb.registry.password"
+ value="password"/>
+ <!-- the following parameter is scout specific to set the type of communication between scout and the UDDI (embedded, rmi, soap) -->
+ <property name="org.jboss.soa.esb.scout.proxy.transportClass"
+ value="org.apache.ws.scout.transport.RMITransport"/>
+ </properties>
+ <properties name="transports" depends="core">
+ <property name="org.jboss.soa.esb.mail.smtp.host" value="localhost"/>
+ <property name="org.jboss.soa.esb.mail.smtp.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.mail.smtp.password" value=""/>
+ <property name="org.jboss.soa.esb.mail.smtp.port" value="25"/>
+ </properties>
+ <properties name="connection">
+ <property name="min-pool-size" value="5"/>
+ <property name="max-pool=size" value="10"/>
+ <property name="blocking-timeout-millis" value="5000"/>
+ <property name="abandoned-connection-timeout" value="10000"/>
+ <property name="abandoned-connection-time-interval" value="30000"/>
+ </properties>
+ <properties name="dbstore">
+ <property name="org.jboss.soa.esb.persistence.db.connection.url" value="jdbc:hsqldb:hsql://localhost:9001/"/>
+ <property name="org.jboss.soa.esb.persistence.db.jdbc.driver" value="org.hsqldb.jdbcDriver"/>
+ <property name="org.jboss.soa.esb.persistence.db.user" value="sa"/>
+ <property name="org.jboss.soa.esb.persistence.db.pwd" value=""/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.initial.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.min.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.max.size" value="5"/>
+ <!--table managed by pool to test for valid connections - created by pool automatically -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.test.table" value="pooltest"/>
+ <!-- # of milliseconds to timeout waiting for a connection from pool -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.timeout.millis" value="5000"/>
+ <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.StandaloneConnectionManager"/>
+ </properties>
+ <properties name="messagerouting">
+ <property name="org.jboss.soa.esb.routing.cbrClass" value="org.jboss.internal.soa.esb.services.routing.cbr.JBossRulesRouter"/>
+ </properties>
+</esb>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/build.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/build.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/build.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,78 @@
+<project name="Quickstart_webservice_producer_secured" default="deploy" basedir=".">
+
+ <description>
+ ${ant.project.name}
+ ${line.separator}
+ </description>
+
+ <!-- Import the base Ant build script... -->
+ <import file="../conf/base-build.xml"/>
+
+ <target name="quickstart-specific-checks" depends="assert-ws-available"/>
+
+ <target name="quickstart-specific-dependencies">
+ <path id="quickstart-dependencies-classpath">
+ <fileset dir="${org.jboss.esb.server.home}/client" includes="jbossws-client.jar,jboss-remoting.jar" />
+ </path>
+ </target>
+
+ <target name="quickstart-specific-assemblies">
+ <!-- Overriden from the target of the same name in base-build.xml. -->
+ <!-- Called by the "deploy" target. Don't call directly!! -->
+
+ <!-- Build the webservice... -->
+ <war warfile="build/${ant.project.name}.war"
+ webxml="${basedir}/war/resources/WEB-INF/web.xml">
+ <fileset dir="${basedir}/war/view">
+ <include name="**/*"/>
+ </fileset>
+ </war>
+ </target>
+
+ <target name="runtest" depends="compile" description="run tests over jms, http, and socket">
+ <!--antcall target="saygoodbye_over_jms" /-->
+ <antcall target="saygoodbye_over_http" />
+ <!--antcall target="saygoodbye_over_socket" /-->
+ </target>
+
+ <target name="saygoodbye_over_jms" depends="compile">
+ <echo>Invoking a JBossWS Endpoint over JMS (via JBoss ESB).</echo>
+ <java fork="yes" classname="org.jboss.soa.esb.samples.quickstart.webserviceproducersecured.test.SendMessage" failonerror="true">
+ <arg value="jms" />
+ <classpath refid="exec-classpath" />
+ </java>
+ </target>
+
+ <target name="saygoodbye_over_http" depends="compile">
+ <echo>Invoking a JBossWS Endpoint over HTTP (via JBoss ESB).</echo>
+ <java fork="yes" classname="org.jboss.soa.esb.samples.quickstart.webserviceproducersecured.test.SendMessage" failonerror="true">
+ <arg value="http" />
+ <arg value="8765" />
+ <classpath refid="exec-classpath" />
+ </java>
+ </target>
+
+ <target name="saygoodbye_over_socket" depends="compile">
+ <echo>Invoking a JBossWS Endpoint over a raw socket connection (via JBoss ESB).</echo>
+ <java fork="yes" classname="org.jboss.soa.esb.samples.quickstart.webserviceproducersecured.test.SendMessage" failonerror="true">
+ <arg value="socket" />
+ <arg value="8888" />
+ <classpath refid="exec-classpath" />
+ </java>
+ </target>
+
+ <target name="quickstart-specific-deploys">
+ <echo message="Copy jbossesb-properties.xml and jaas.login to jbossesb.sar" />
+ <copy todir="${quickstart.org.jboss.esb.server.home}/server/${quickstart.org.jboss.esb.server.config}/deploy/jbossesb.sar" filtering="true" overwrite="true">
+ <filterset>
+ <filter token="KEYSTORE_PATH" value="${basedir}/keystore"/>
+ </filterset>
+ <fileset dir="${basedir}">
+ <include name="jbossesb-properties.xml"/>
+ <include name="jaas.login"/>
+ </fileset>
+ </copy>
+ </target>
+
+
+</project>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/deployment.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/deployment.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/deployment.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,7 @@
+<jbossesb-deployment>
+ <depends>jboss.esb:deployment=soap.esb</depends>
+ <depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_gw</depends>
+ <depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_esb</depends>
+ <depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_esb_reply
+ </depends>
+</jbossesb-deployment>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jaas.login (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jaas.login 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,3 @@
+CertLogin {
+ com.sun.security.auth.module.KeyStoreLoginModule required keyStoreURL="file://@KEYSTORE_PATH@" debug=false;
+};
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbm-queue-service.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbm-queue-service.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbm-queue-service.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<server>
+ <mbean code="org.jboss.jms.server.destination.QueueService"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_gw"
+ xmbean-dd="xmdesc/Queue-xmbean.xml">
+ <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
+ <depends>jboss.messaging:service=PostOffice</depends>
+ </mbean>
+ <mbean code="org.jboss.jms.server.destination.QueueService"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_esb"
+ xmbean-dd="xmdesc/Queue-xmbean.xml">
+ <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
+ <depends>jboss.messaging:service=PostOffice</depends>
+ </mbean>
+ <mbean code="org.jboss.jms.server.destination.QueueService"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_esb_reply"
+ xmbean-dd="xmdesc/Queue-xmbean.xml">
+ <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
+ <depends>jboss.messaging:service=PostOffice</depends>
+ </mbean>
+</server>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbmq-queue-service.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbmq-queue-service.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbmq-queue-service.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<server>
+ <mbean code="org.jboss.mq.server.jmx.Queue"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_gw">
+ <depends optional-attribute-name="DestinationManager">
+ jboss.mq:service=DestinationManager
+ </depends>
+ </mbean>
+ <mbean code="org.jboss.mq.server.jmx.Queue"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_esb">
+ <depends optional-attribute-name="DestinationManager">
+ jboss.mq:service=DestinationManager
+ </depends>
+ </mbean>
+ <mbean code="org.jboss.mq.server.jmx.Queue"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_webservice_producer_secured_esb_reply">
+ <depends optional-attribute-name="DestinationManager">
+ jboss.mq:service=DestinationManager
+ </depends>
+ </mbean>
+</server>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jboss-esb.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jboss-esb.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jboss-esb.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,54 @@
+<?xml version = "1.0" encoding = "UTF-8"?>
+<jbossesb
+ xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.0.1.xsd"
+ parameterReloadSecs="5">
+
+ <providers>
+ <jms-provider name="JBossMQ" connection-factory="ConnectionFactory">
+ <jms-bus busid="quickstartGwChannel">
+ <jms-message-filter dest-type="QUEUE" dest-name="queue/quickstart_webservice_producer_secured_gw"/>
+ </jms-bus>
+ <jms-bus busid="quickstartEsbChannel">
+ <jms-message-filter dest-type="QUEUE" dest-name="queue/quickstart_webservice_producer_secured_esb"/>
+ </jms-bus>
+ </jms-provider>
+
+ <jbr-provider name="JBR-Http" protocol="http" host="localhost">
+ <jbr-bus busid="Http-1" port="8765" />
+ </jbr-provider>
+
+ <jbr-provider name="JBR-Socket" protocol="socket" host="localhost">
+ <jbr-bus busid="Socket-1" port="8888" />
+ </jbr-provider>
+
+ </providers>
+
+ <services>
+
+ <service category="MyServiceCategory" name="MyWSProducerService" description="WS Frontend speaks natively to the ESB">
+ <security moduleName="CertLogin" runAs="adminRole" callbackHandler="org.jboss.internal.soa.esb.services.security.CertCallbackHandler">
+ <property name="alias" value="jbossesb"/>
+ <property name="keyPassword" value="jbossesb"/>
+ </security>
+
+ <listeners>
+ <jms-listener name="JMS-Gateway" busidref="quickstartGwChannel" is-gateway="true"/>
+ <jbr-listener name="Http-Gateway" busidref="Http-1" is-gateway="true"/>
+ <jbr-listener name="Socket-Gateway" busidref="Socket-1" is-gateway="true"/>
+
+ <jms-listener name="JMS-ESBListener" busidref="quickstartEsbChannel"/>
+ </listeners>
+ <actions>
+
+ <action name="print-before" class="org.jboss.soa.esb.samples.quickstart.webserviceproducersecured.PrintSubjectAction"/>
+
+ <action name="JBossWSAdapter" class="org.jboss.soa.esb.actions.soap.SOAPProcessor">
+ <property name="jbossws-endpoint" value="GoodbyeWorldWS"/>
+ </action>
+ <action name="testStore" class="org.jboss.soa.esb.actions.TestMessageStore"/>
+ </actions>
+ </service>
+
+ </services>
+
+</jbossesb>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbossesb-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbossesb-properties.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jbossesb-properties.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ JBoss, Home of Professional Open Source
+ Copyright 2006, JBoss Inc., and others contributors as indicated
+ by the @authors tag. All rights reserved.
+ See the copyright.txt in the distribution for a
+ full listing of individual contributors.
+ This copyrighted material is made available to anyone wishing to use,
+ modify, copy, or redistribute it subject to the terms and conditions
+ of the GNU Lesser General Public License, v. 2.1.
+ This program is distributed in the hope that it will be useful, but WITHOUT A
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ You should have received a copy of the GNU Lesser General Public License,
+ v.2.1 along with this distribution; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ MA 02110-1301, USA.
+
+ (C) 2005-2006,
+ @author JBoss Inc.
+-->
+<!-- $Id: jbossesb-unittest-properties.xml $ -->
+<!--
+ These options are described in the JBossESB manual.
+ Defaults are provided here for convenience only.
+
+ Please read through this file prior to using the system, and consider
+ updating the specified entries.
+-->
+<esb
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="jbossesb-1_0.xsd">
+ <properties name="core">
+ <property name="org.jboss.soa.esb.jndi.server.context.factory" value="org.jnp.interfaces.NamingContextFactory"/>
+ <property name="org.jboss.soa.esb.jndi.server.url" value="${jboss.esb.bind.address}:1099"/>
+ <property name="org.jboss.soa.esb.persistence.connection.factory" value="org.jboss.internal.soa.esb.persistence.format.MessageStoreFactoryImpl"/>
+ <property name="org.jboss.soa.esb.loadbalancer.policy" value="org.jboss.soa.esb.listeners.ha.RoundRobin"/>
+ <property name="jboss.esb.invm.scope.default" value="NONE"/>
+ </properties>
+ <properties name="security">
+ <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
+ <property name="org.jboss.soa.esb.services.security.configUrl" value="/jaas.login"/>
+ </properties>
+ <properties name="registry">
+ <property name="org.jboss.soa.esb.registry.queryManagerURI" value="org.apache.juddi.registry.local.InquiryService#inquire"/>
+ <property name="org.jboss.soa.esb.registry.lifeCycleManagerURI" value="org.apache.juddi.registry.local.PublishService#publish"/>
+ <property name="org.jboss.soa.esb.registry.implementationClass" value="org.jboss.internal.soa.esb.services.registry.JAXRRegistryImpl"/>
+ <property name="org.jboss.soa.esb.registry.factoryClass" value="org.apache.ws.scout.registry.ConnectionFactoryImpl"/>
+ <property name="org.jboss.soa.esb.registry.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.registry.password" value="password"/>
+ <!-- the following parameter is scout specific to set the type of communication between scout and the UDDI (embedded, rmi, soap) -->
+ <property name="org.jboss.soa.esb.scout.proxy.transportClass" value="org.apache.ws.scout.transport.LocalTransport"/>
+ </properties>
+ <properties name="transports" depends="core">
+ <property name="org.jboss.soa.esb.mail.smtp.host" value="localhost"/>
+ <property name="org.jboss.soa.esb.mail.smtp.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.mail.smtp.password" value=""/>
+ <property name="org.jboss.soa.esb.mail.smtp.port" value="25"/>
+ <property name="org.jboss.soa.esb.mail.smtp.auth" value="true"/>
+ <property name="org.jboss.soa.esb.ftp.localdir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.ftp.remotedir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.jms.connectionPool" value="20"/>
+ <property name="org.jboss.soa.esb.jms.sessionSleep" value="30"/>
+ </properties>
+ <properties name="connection">
+ <property name="min-pool-size" value="5"/>
+ <property name="max-pool=size" value="10"/>
+ <property name="blocking-timeout-millis" value="5000"/>
+ <property name="abandoned-connection-timeout" value="10000"/>
+ <property name="abandoned-connection-time-interval" value="30000"/>
+ </properties>
+ <properties name="dbstore">
+
+ <!-- connection manager type -->
+ <!-- <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.StandaloneConnectionManager"/> -->
+ <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.J2eeConnectionManager"/>
+
+ <!-- this property is only used if using the j2ee connection manager -->
+ <property name="org.jboss.soa.esb.persistence.db.datasource.name" value="java:/JBossESBDS"/>
+
+ <!-- standalone connection pooling settings -->
+ <property name="org.jboss.soa.esb.persistence.db.connection.url" value="jdbc:hsqldb:hsql://localhost:9001/"/>
+ <property name="org.jboss.soa.esb.persistence.db.jdbc.driver" value="org.hsqldb.jdbcDriver"/>
+ <property name="org.jboss.soa.esb.persistence.db.user" value="sa"/>
+ <property name="org.jboss.soa.esb.persistence.db.pwd" value=""/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.initial.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.min.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.max.size" value="5"/>
+ <!--table managed by pool to test for valid connections - created by pool automatically -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.test.table" value="pooltest"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.timeout.millis" value="5000"/>
+
+ </properties>
+ <properties name="filters">
+ <property name="org.jboss.soa.esb.filter.1" value="org.jboss.internal.soa.esb.message.filter.MetaDataFilter"/>
+ <property name="org.jboss.soa.esb.filter.2" value="org.jboss.internal.soa.esb.message.filter.GatewayFilter"/>
+ </properties>
+</esb>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jndi.properties
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jndi.properties (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/jndi.properties 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,5 @@
+java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
+java.naming.provider.url=jnp://localhost:1099
+java.naming.factory.url.pkgs=org.jboss.naming
+java.naming.factory.url.pkgs=org.jnp.interfaces
+
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/keystore
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/keystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/log4j.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/log4j.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/log4j.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<!-- ===================================================================== -->
+<!-- -->
+<!-- Log4j Configuration -->
+<!-- -->
+<!-- ===================================================================== -->
+
+<!-- $Id: log4j.xml,v 1.26.2.5 2005/09/15 09:31:02 dimitris Exp $ -->
+
+<!--
+ | For more configuration infromation and examples see the Jakarta Log4j
+ | owebsite: http://jakarta.apache.org/log4j
+ -->
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
+
+ <!-- ============================== -->
+ <!-- Append messages to the console -->
+ <!-- ============================== -->
+
+ <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
+ <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
+ <param name="Target" value="System.out"/>
+
+ <layout class="org.apache.log4j.PatternLayout">
+ <!-- The default pattern: Date Priority [Category] Message\n -->
+ <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%t][%c{1}] %m%n"/>
+ </layout>
+ </appender>
+
+ <!-- ================================= -->
+ <!-- Preserve messages in a local file -->
+ <!-- ================================= -->
+
+ <!-- A size based file rolling appender -->
+ <appender name="FILE" class="org.jboss.logging.appender.RollingFileAppender">
+ <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
+ <param name="File" value="./listener.log"/>
+ <param name="Append" value="false"/>
+ <param name="MaxFileSize" value="500KB"/>
+ <param name="MaxBackupIndex" value="1"/>
+
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d %-5p [%t][%c] %m%n"/>
+ </layout>
+ </appender>
+
+ <!-- ================ -->
+ <!-- Limit categories -->
+ <!-- ================ -->
+
+ <category name="org.jboss">
+ <priority value="WARN"/>
+ </category>
+ <category name="org.jboss.soa.esb">
+ <priority value="ERROR"/>
+ </category>
+ <category name="org.jboss.internal.soa.esb">
+ <priority value="ERROR"/>
+ </category>
+ <category name="org.apache">
+ <priority value="ERROR"/>
+ </category>
+ <category name="quickstart">
+ <priority value="INFO"/>
+ </category>
+ <!-- ======================= -->
+ <!-- Setup the Root category -->
+ <!-- ======================= -->
+
+ <root>
+ <appender-ref ref="CONSOLE"/>
+ <appender-ref ref="FILE"/>
+ </root>
+
+</log4j:configuration>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/readme.txt
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/readme.txt (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/readme.txt 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,23 @@
+Overview:
+=========
+ This sample demonstrates how to deploy a JSR181 Webservice endpoint on
+ JBossESB using the SOAPProcessor action and configuring security in JBossESB.
+ This quickstart sends a SOAP message, with a security header using a BinarySecurityToken
+ which is a public certifcate.
+
+Running this quickstart:
+========================
+ Please refer to 'ant help-quickstarts' for prerequisites about the quickstarts
+ and a more detailed descripton of the different ways to run the quickstarts.
+
+ Note, this quickstart requires an ESB and JBossWS installation into
+ JBoss AS 4.2.0.GA. Installation instructions for both can be found in the
+ install/readme.txt.
+
+To Run:
+=======
+ 1. Type 'ant deploy'.
+ 2. Restart you esb server
+ 2. Type 'ant runtest'.
+ 3. Switch back to Application Server console to see the output from the ESB
+ 4. In this folder ("Window1"), type 'ant undeploy'.
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/PrintSubjectAction.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/PrintSubjectAction.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/PrintSubjectAction.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2006, JBoss Inc., and others contributors as indicated
+ * by the @authors tag. All rights reserved.
+ * See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ * This copyrighted material is made available to anyone wishing to use,
+ * modify, copy, or redistribute it subject to the terms and conditions
+ * of the GNU Lesser General Public License, v. 2.1.
+ * This program is distributed in the hope that it will be useful, but WITHOUT A
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ * You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301, USA.
+ *
+ * (C) 2005-2006,
+ * @author JBoss Inc.
+ */
+package org.jboss.soa.esb.samples.quickstart.webserviceproducersecured;
+
+
+import java.net.URL;
+import java.io.File;
+import java.io.FilePermission;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.CodeSource;
+import java.security.Permissions;
+import java.security.PermissionCollection;
+import java.security.Policy;
+
+import javax.security.auth.Subject;
+
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.actions.AbstractActionLifecycle;
+import org.jboss.soa.esb.helpers.ConfigTree;
+import org.jboss.soa.esb.message.Message;
+
+public class PrintSubjectAction extends AbstractActionLifecycle
+{
+
+ protected ConfigTree config;
+
+ public PrintSubjectAction(ConfigTree config) throws ConfigurationException
+ {
+ this.config = config;
+ }
+
+ public Message process(Message message) throws Exception
+ {
+ System.out.println("Subject : " + Subject.getSubject(AccessController.getContext()));
+ return message;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/SendMessage.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/SendMessage.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/SendMessage.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,120 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2006, JBoss Inc., and others contributors as indicated
+ * by the @authors tag. All rights reserved.
+ * See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ * This copyrighted material is made available to anyone wishing to use,
+ * modify, copy, or redistribute it subject to the terms and conditions
+ * of the GNU Lesser General Public License, v. 2.1.
+ * This program is distributed in the hope that it will be useful, but WITHOUT A
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ * You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301, USA.
+ *
+ * (C) 2005-2006,
+ * @author JBoss Inc.
+ */
+package org.jboss.soa.esb.samples.quickstart.webserviceproducersecured.test;
+
+import org.jboss.internal.soa.esb.util.StreamUtils;
+import org.jboss.remoting.InvokerLocator;
+import org.jboss.remoting.Client;
+
+import javax.jms.JMSException;
+import javax.jms.ObjectMessage;
+import javax.jms.Queue;
+import javax.jms.QueueConnection;
+import javax.jms.QueueConnectionFactory;
+import javax.jms.QueueSender;
+import javax.jms.QueueSession;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import java.net.InetAddress;
+
+import org.jboss.soa.esb.actions.StoreMessageToFile;
+
+public class SendMessage {
+ QueueConnection conn;
+ QueueSession session;
+ Queue que;
+
+ public void sendMessageOverJMS(String message) throws JMSException, NamingException {
+ QueueSender sender = null;
+
+ setupJMSConnection();
+ try {
+ ObjectMessage tm = null;
+
+ sender = session.createSender(que);
+ tm = session.createObjectMessage(message);
+ tm.setStringProperty(StoreMessageToFile.PROPERTY_JBESB_FILENAME, "WebServiceProducerTest.log");
+ sender.send(tm);
+ } finally {
+ if(sender != null) {
+ sender.close();
+ }
+ cleanupJMSConnection();
+ }
+ }
+
+ private void sendMessageToJBRListener(String protocol, int port, String message) throws Throwable {
+ String locatorURI = protocol + "://localhost:" + port;
+ InvokerLocator locator = new InvokerLocator(locatorURI);
+ System.out.println("Calling JBoss Remoting Listener using locator URI: " + locatorURI);
+
+ Client remotingClient = null;
+ try {
+ remotingClient = new Client(locator);
+ remotingClient.connect();
+
+ // Deliver the message to the listener...
+ Object response = remotingClient.invoke(message);
+ System.out.println("JBR Class: " + response.getClass().getName());
+ System.out.println("Response from JBoss Remoting Listener '" + locatorURI + "' was '" + response + "'.");
+ } finally {
+ if(remotingClient != null) {
+ remotingClient.disconnect();
+ }
+ }
+ }
+
+ public void setupJMSConnection() throws JMSException, NamingException
+ {
+ InitialContext iniCtx = new InitialContext();
+ Object tmp = iniCtx.lookup("ConnectionFactory");
+ QueueConnectionFactory qcf = (QueueConnectionFactory) tmp;
+ conn = qcf.createQueueConnection();
+ que = (Queue) iniCtx.lookup("queue/quickstart_webservice_producer_gw");
+ session = conn.createQueueSession(false, QueueSession.AUTO_ACKNOWLEDGE);
+ conn.start();
+ }
+
+ public void cleanupJMSConnection() throws JMSException
+ {
+ conn.stop();
+ session.close();
+ conn.close();
+ }
+
+ private static String getMessage(String messageNum) {
+ String msg = new String(StreamUtils.readStream(SendMessage.class.getResourceAsStream("soap_message_" + messageNum + ".xml")));
+ return msg;
+ }
+
+ public static void main(String args[]) throws Throwable
+ {
+ SendMessage sm = new SendMessage();
+ String msg = getMessage("01");
+
+ String protocol = args[0];
+ if(protocol.equals("jms")) {
+ sm.sendMessageOverJMS(msg);
+ } else {
+ sm.sendMessageToJBRListener(protocol, Integer.parseInt(args[1]), msg);
+ }
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_01.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_01.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_01.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,22 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:good="http://webservice_producer/goodbyeworld">
+ <soapenv:Header>
+<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
+ <wsse:BinarySecurityToken EncodingType="wsse:Base64Binary" ValueType="wsse:X509v3">MIICVDCCAb0CBEii4NgwDQYJKoZIhvcNAQEEBQAwcTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0
+b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRAwDgYDVQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVK
+Qm9zczEYMBYGA1UEAxMPRGFuaWVsIEJldmVuaXVzMB4XDTA4MDgxMzEzMjU0NFoXDTM1MTIyOTEz
+MjU0NFowcTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2to
+b2xtMRAwDgYDVQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVKQm9zczEYMBYGA1UEAxMPRGFuaWVsIEJl
+dmVuaXVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJRSE6wHkF5DK6DkHTMPnP4dNZXeon
+cCP7Ufn5hjXWLdsq9dAEbuiRLAE4HoNxxqgCHdoKjMO9N1/CIn5dmWw4DBWLp8OHx8Wnyp0MYmCz
+B31jHJpuXkkRq50vRYtKN0NIOyw7eF+XWf4u0dXNgFtXHuUxhAyEm/kTxO1SNVUTwwIDAQABMA0G
+CSqGSIb3DQEBBAUAA4GBADCzl0gXAY0xysdHkKNdwaBDzlibLPz2zmaHcit841qVn05p/I1gsbUV
+vEPh6i/Dj57vdE+X66sPbI36uZiqyWqEr6wvCJDtaTbhSLmckk7ioXwLvdKEQ150MPBsjWRRnFGN
+tZhrQfjo0q8seLh0kgconbfN4pHllfNkJPcdSBvi</wsse:BinarySecurityToken>
+ </wsse:Security>
+ </soapenv:Header>
+ <soapenv:Body>
+ <good:sayGoodbye>
+ <message>Goodbye!!</message>
+ </good:sayGoodbye>
+ </soapenv:Body>
+</soapenv:Envelope>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_02.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_02.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/test/soap_message_02.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,8 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:good="http://webservice_producer/goodbyeworld">
+ <soapenv:Header/>
+ <soapenv:Body>
+ <good:sayGoodbyeWithoutResponse>
+ <message>Goodbye!!</message>
+ </good:sayGoodbyeWithoutResponse>
+ </soapenv:Body>
+</soapenv:Envelope>
\ No newline at end of file
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/webservice/GoodbyeWorldWS.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/webservice/GoodbyeWorldWS.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/src/org/jboss/soa/esb/samples/quickstart/webserviceproducersecured/webservice/GoodbyeWorldWS.java 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,55 @@
+package org.jboss.soa.esb.samples.quickstart.webserviceproducersecured.webservice;
+
+import javax.jws.WebService;
+import javax.jws.WebMethod;
+import javax.jws.Oneway;
+import javax.jws.WebParam;
+import javax.jws.soap.SOAPBinding;
+
+import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.message.Body;
+import org.jboss.soa.esb.actions.ActionUtils;
+import org.jboss.soa.esb.actions.soap.SOAPProcessor;
+
+/**
+ * @author
+ */
+ at WebService(name = "GoodbyeWorldWS", targetNamespace="http://webservice_producer/goodbyeworld")
+// @SOAPBinding(style = SOAPBinding.Style.RPC)
+public class GoodbyeWorldWS {
+
+ @WebMethod
+ public String sayGoodbye(@WebParam(name="message") String message) {
+
+ Message esbMessage = SOAPProcessor.getMessage();
+ if(esbMessage != null) {
+ System.out.println("**** SOAPRequest perhaps mediated by ESB:\n" + esbMessage.getBody().get());
+ // System.out.println("\n" + esbMessage.toString() + "\n");
+ }
+ System.out.println("Web Service Parameter - message=" + message);
+ return "... Ah Goodbye then!!!! - " + message;
+ }
+
+ @WebMethod
+ public String sayAdios(String message) {
+ Message esbMessage = SOAPProcessor.getMessage();
+ if(esbMessage != null) {
+ System.out.println("**** SOAPRequest perhaps mediated by ESB:\n" + esbMessage.getBody().get());
+ // System.out.println("\n" + esbMessage.toString() + "\n");
+ }
+ System.out.println("Web Service Parameter - message=" + message);
+ return "... Adios Amigo!!!! - " + message;
+ }
+
+ @WebMethod
+ @Oneway
+ public void sayGoodbyeWithoutResponse(@WebParam(name="message") String message) {
+
+ Message esbMessage = SOAPProcessor.getMessage();
+ if(esbMessage != null) {
+ System.out.println("**** SOAPRequest perhaps mediated by ESB:\n" + esbMessage.getBody().get());
+ }
+ System.out.println("Web Service Parameter - message=" + message);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/resources/WEB-INF/web.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/resources/WEB-INF/web.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/resources/WEB-INF/web.xml 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+
+<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
+ version="2.4">
+
+ <servlet>
+ <servlet-name>GoodbyeWorldWS</servlet-name>
+ <servlet-class>org.jboss.soa.esb.samples.quickstart.webserviceproducersecured.webservice.GoodbyeWorldWS</servlet-class>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>GoodbyeWorldWS</servlet-name>
+ <url-pattern>/GoodbyeWorldWS</url-pattern>
+ </servlet-mapping>
+
+</web-app>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/view/index.jsp
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/view/index.jsp (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/webservice_producer_secured/war/view/index.jsp 2008-08-18 08:31:22 UTC (rev 21596)
@@ -0,0 +1,9 @@
+<html>
+ <body>
+ This is just a place holder.<br>
+ Verify the that the WS has been deployed by hitting
+ <a href="http://localhost:8080/jbossws">
+ http://localhost:8080/jbossws
+ </a>
+ </body>
+</html>
\ No newline at end of file
More information about the jboss-svn-commits
mailing list