[jboss-svn-commits] JBL Code SVN: r29519 - in labs/jbossesb/trunk/product: rosetta/src/org/jboss/soa/esb/listeners/gateway and 3 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Oct 1 07:27:14 EDT 2009
Author: beve
Date: 2009-10-01 07:27:13 -0400 (Thu, 01 Oct 2009)
New Revision: 29519
Added:
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java
Modified:
labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/webservice/BaseWebService.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecuritySoapExtractor.java
labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/error-soap-message.xml
labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/jboss-esb.xml
labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/soap-userpass-message.xml
Log:
Work for https://jira.jboss.org/jira/browse/JBESB-2552 "Web service publishing support for ESB services ignores WS-Security."
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/webservice/BaseWebService.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/webservice/BaseWebService.java 2009-09-30 22:36:09 UTC (rev 29518)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/webservice/BaseWebService.java 2009-10-01 11:27:13 UTC (rev 29519)
@@ -58,6 +58,10 @@
import org.jboss.soa.esb.message.MessagePayloadProxy;
import org.jboss.soa.esb.message.Properties;
import org.jboss.soa.esb.message.format.MessageFactory;
+import org.jboss.soa.esb.services.security.SecurityServiceException;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.ExtractorUtil;
+import org.jboss.soa.esb.services.security.auth.ws.WSSecuritySoapExtractor;
import org.w3c.dom.Document;
import com.arjuna.common.util.propertyservice.PropertyManager;
@@ -79,6 +83,8 @@
private static final String ADDRESSING_NAMESPACE = ADDRESSING_BUILDER.getNamespaceURI() ;
private static final QName ADDRESSING_REPLY = new QName(ADDRESSING_NAMESPACE, "Reply") ;
+ private final WSSecuritySoapExtractor securityExtractor = new WSSecuritySoapExtractor();
+
protected final ServiceInvoker serviceInvoker ;
protected final MessagePayloadProxy requestProxy ;
protected final MessagePayloadProxy responseProxy ;
@@ -139,6 +145,11 @@
{
initialiseWSAProps(esbReq, soapIncomingProps) ;
}
+
+ // Extract security info from SOAPMessage.
+ AuthenticationRequest authRequest = extractSecurityDetails(request, esbReq);
+
+ ExtractorUtil.addAuthRequestToMessage(authRequest, esbReq);
final Message esbRes = deliverMessage(esbReq) ;
if (esbRes != null)
@@ -236,6 +247,11 @@
}
}
+ protected AuthenticationRequest extractSecurityDetails(SOAPMessage request, Message esbReq) throws SecurityServiceException
+ {
+ return securityExtractor.extractSecurityInfo(request);
+ }
+
private SOAPMessage generateFault(final Throwable th)
throws SOAPException
{
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2009-09-30 22:36:09 UTC (rev 29518)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2009-10-01 11:27:13 UTC (rev 29519)
@@ -54,6 +54,7 @@
import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.ExtractorUtil;
import org.jboss.soa.esb.services.security.auth.http.JbrHttpSecurityInfoExtractor;
import org.jboss.soa.esb.services.security.auth.ws.WSSecurityInfoExtractor;
import org.jboss.soa.esb.util.ClassUtil;
@@ -597,18 +598,11 @@
if ( authRequest == null && payload instanceof String) {
authRequest = wsSecurityExtractor.extractSecurityInfo((String) payload);
}
-
- if ( authRequest != null ) {
- try {
- byte[] encrypted = PublicCryptoUtil.INSTANCE.encrypt((Serializable) authRequest);
- if (encrypted != null) {
- message.getContext().setContext(SecurityService.AUTH_REQUEST, encrypted);
- } else {
- logger.warn("No public keystore has been configured which means that the authentication request cannot be encrypted. Please configure jbossesb-properties.xml with a publickey store.");
- }
- } catch (final SecurityServiceException e) {
- throw new MessageDeliverException(e.getMessage(), e);
- }
+
+ try {
+ ExtractorUtil.addAuthRequestToMessage(authRequest, message);
+ } catch (final SecurityServiceException e) {
+ throw new MessageDeliverException(e.getMessage(), e);
}
Added: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java (rev 0)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java 2009-10-01 11:27:13 UTC (rev 29519)
@@ -0,0 +1,61 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth;
+
+import java.io.Serializable;
+
+import org.apache.log4j.Logger;
+import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.services.security.PublicCryptoUtil;
+import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.SecurityServiceException;
+
+/**
+ * Util class for operations common to security extractors
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public final class ExtractorUtil
+{
+ private static Logger log = Logger.getLogger(ExtractorUtil.class);
+
+ private ExtractorUtil()
+ {
+ }
+
+ public static void addAuthRequestToMessage(final AuthenticationRequest authRequest, final Message message) throws SecurityServiceException
+ {
+ if (authRequest != null)
+ {
+ byte[] encrypted = PublicCryptoUtil.INSTANCE.encrypt((Serializable) authRequest);
+ if (encrypted != null)
+ {
+ message.getContext().setContext(SecurityService.AUTH_REQUEST, encrypted);
+ }
+ else
+ {
+ log.warn("No public keystore has been configured which means that the authentication request cannot be encrypted. Please configure jbossesb-properties.xml with a publickey store.");
+ }
+ }
+ }
+
+}
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecuritySoapExtractor.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecuritySoapExtractor.java 2009-09-30 22:36:09 UTC (rev 29518)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecuritySoapExtractor.java 2009-10-01 11:27:13 UTC (rev 29519)
@@ -67,13 +67,20 @@
* SOAP Message Security 1.0 NameSpace URL
*/
public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
+ public static final String WSSE_NS2 = "http://schemas.xmlsoap.org/ws/2002/04/secext";
+ /**
+ * SOAP Message Security 1.1 NameSpace URL
+ */
+ public static final String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
+
private Logger log = Logger.getLogger(WSSecuritySoapExtractor.class);
/**
* Extracts UsernameToken element is one exists and creates
* a Principal with the username and sets a Credential using
* the password. The type of the Credential is a character array.
+ *
* If the SOAP message contains a BinarySecurityToken this will be
* extracted and added as a Credential.
* <p>
@@ -155,9 +162,13 @@
final SOAPHeaderElement header = (SOAPHeaderElement) headerElements.next();
final Name name = header.getElementName();
- if (name.getLocalName().equalsIgnoreCase(WSSE_LN) && name.getURI().equalsIgnoreCase(WSSE_NS) )
+ if (name.getLocalName().equalsIgnoreCase(WSSE_LN))
{
- return header;
+ String nsURI = name.getURI();
+ if (nsURI.equalsIgnoreCase(WSSE_NS) || nsURI.equalsIgnoreCase(WSSE_NS2) || nsURI.equalsIgnoreCase(WSSE11_NS))
+ {
+ return header;
+ }
}
}
return null;
Modified: labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/error-soap-message.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/error-soap-message.xml 2009-09-30 22:36:09 UTC (rev 29518)
+++ labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/error-soap-message.xml 2009-10-01 11:27:13 UTC (rev 29519)
@@ -6,6 +6,15 @@
xmlns:cust="http://www.jboss.org/custom-request"
xmlns:sub="http://www.jboss.org/custom-subtype"
xmlns:t="http://www.jboss.org/type2">
+ <soap:Header>
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:UsernameToken>
+ <wsse:Username>kermit</wsse:Username>
+ <wsse:Password>thefrog</wsse:Password>
+ </wsse:UsernameToken>
+ </wsse:Security>
+ </soap:Header>
+
<soap:Body>
<say:sayHi>
Modified: labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/jboss-esb.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/jboss-esb.xml 2009-09-30 22:36:09 UTC (rev 29518)
+++ labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/jboss-esb.xml 2009-10-01 11:27:13 UTC (rev 29519)
@@ -19,6 +19,7 @@
category="ESBServiceSample"
name="HelloWorldPubService"
description="Hello world ESB Service">
+ <security moduleName="JBossWS"/>
<listeners>
<jms-listener name="helloWorld"
busidref="quickstartEsbChannel"
Modified: labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/soap-userpass-message.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/soap-userpass-message.xml 2009-09-30 22:36:09 UTC (rev 29518)
+++ labs/jbossesb/trunk/product/samples/quickstarts/publish_as_webservice/soap-userpass-message.xml 2009-10-01 11:27:13 UTC (rev 29519)
@@ -6,6 +6,15 @@
xmlns:cust="http://www.jboss.org/custom-request"
xmlns:sub="http://www.jboss.org/custom-subtype"
xmlns:t="http://www.jboss.org/type2">
+ <soap:Header>
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+ <wsse:UsernameToken>
+ <wsse:Username>kermit</wsse:Username>
+ <wsse:Password>thefrog</wsse:Password>
+ </wsse:UsernameToken>
+ </wsse:Security>
+ </soap:Header>
+
<soap:Body>
<say:sayHi>
More information about the jboss-svn-commits
mailing list