[jboss-svn-commits] JBL Code SVN: r29576 - in labs/jbossesb/workspace/dbevenius/saml_support: product and 20 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Mon Oct 12 01:21:25 EDT 2009
Author: beve
Date: 2009-10-12 01:21:24 -0400 (Mon, 12 Oct 2009)
New Revision: 29576
Added:
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/esb.password
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/jmssecured.password
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/wsproxysecurity.password
Modified:
labs/jbossesb/workspace/dbevenius/saml_support/
labs/jbossesb/workspace/dbevenius/saml_support/product/.classpath
labs/jbossesb/workspace/dbevenius/saml_support/product/build-distr.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/build.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/docs/ServicesGuide.odt
labs/jbossesb/workspace/dbevenius/saml_support/product/esb-config.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/ivy.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/conf/base-build.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/helloworld_action/oracle-aq/jboss-esb.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/build.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/deployment.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/jboss-esb.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/readme.txt
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/build.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties
labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml
labs/jbossesb/workspace/dbevenius/saml_support/qa/base-cp.xml
labs/jbossesb/workspace/dbevenius/saml_support/qa/build.xml
labs/jbossesb/workspace/dbevenius/saml_support/qa/quickstarts/build.xml
labs/jbossesb/workspace/dbevenius/saml_support/qa/test.properties
Log:
Merged revisions 29548-29551,29555,29569-29570,29574 via svnmerge from
https://svn.jboss.org/repos/labs/labs/jbossesb/trunk
.......
r29548 | beve | 2009-10-08 07:35:27 +0200 (Thu, 08 Oct 2009) | 2 lines
Just fixed the name of the connectionfactory from QueueConnectionFactory to ConnectionFactory.
.......
r29549 | beve | 2009-10-08 07:38:25 +0200 (Thu, 08 Oct 2009) | 2 lines
Work for https://jira.jboss.org/jira/browse/JBESB-2766 "Requesting mechanism to encrypt keystore password in jbr-provider, http-provider, soapproxy, and httprouter"
.......
r29550 | beve | 2009-10-08 07:46:07 +0200 (Thu, 08 Oct 2009) | 3 lines
Just readding the changes that I had reverted to try to verify https://jira.jboss.org/jira/browse/JBESB-2787.
This had to do with us setting JNDI system properties forceing all JNDI commutnication to go over RMI.
.......
r29551 | beve | 2009-10-08 09:49:27 +0200 (Thu, 08 Oct 2009) | 3 lines
I had checked in this file with my local settings causing the CI builds to fail.
Will manually change this on the server so that the AS5 build are run against the correct AS installations.
.......
r29555 | beve | 2009-10-08 13:12:12 +0200 (Thu, 08 Oct 2009) | 2 lines
Work for https://jira.jboss.org/jira/browse/JBESB-2873 "Quickstart_JMS_Secured.esb fails to deploy"
.......
r29569 | kevin.conner at jboss.com | 2009-10-09 20:44:23 +0200 (Fri, 09 Oct 2009) | 1 line
Prevent build from overwriting reference server: JBESB-2876
.......
r29570 | kevin.conner at jboss.com | 2009-10-10 13:47:41 +0200 (Sat, 10 Oct 2009) | 1 line
Add a test-endorsed directory into the deployment: JBESB-2878
.......
r29574 | kevin.conner at jboss.com | 2009-10-11 00:31:52 +0200 (Sun, 11 Oct 2009) | 1 line
Changed test-endorsed directory definition to path structure: JBESB-2878
.......
Property changes on: labs/jbossesb/workspace/dbevenius/saml_support
___________________________________________________________________
Name: svnmerge-integrated
- /labs/jbossesb/trunk:1-29547
+ /labs/jbossesb/trunk:1-29575
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/.classpath
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/.classpath 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/.classpath 2009-10-12 05:21:24 UTC (rev 29576)
@@ -91,6 +91,7 @@
<classpathentry kind="lib" path="build/lib/xbean-2.2.0.jar"/>
<classpathentry kind="lib" path="build/lib/xercesImpl-2.8.0.jar"/>
<classpathentry kind="lib" path="build/lib/xmlpublic-2.2.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/jbosssx-4.2.3.GA.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftplet-api-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftpserver-core-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="lib/ext/commons-net-2.0.0-652071.jar"/>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/build-distr.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/build-distr.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/build-distr.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -19,15 +19,7 @@
<echo message="org.jboss.esb.server.home=${org.jboss.esb.server.home}"/>
<echo message="esbserver.dist.dir=${esbserver.dist.dir}"/>
- <condition property="esbserver.dist.dir" value="${org.jboss.esb.server.home}" else="${build.dir}/jbossesb-server-${version}">
- <isset property="org.jboss.esb.server.home"/>
- </condition>
- <echo message="esbserver.dist.dir=${esbserver.dist.dir}"/>
- <condition property="skip.server.unzip" value="true">
- <available file="${org.jboss.esb.server.home}/server/${org.jboss.esb.server.config}/deployers"/>
- </condition>
-
<target name="dist" depends="server.dist, copy.esbserver.files" />
<target name="copy.esbserver.files" unless="skip.server.esb">
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/build.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/build.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -39,9 +39,6 @@
<!-- JBoss ESB version -->
<property name="version" value="4.6"/>
<property name="esb.server.name" value="jbossesb-server-${version}"/>
- <condition property="esbserver.dist.dir" value="${org.jboss.esb.server.home}" else="${basedir}/build/jbossesb-server-${version}">
- <isset property="org.jboss.esb.server.home"/>
- </condition>
<property name="esbserver.dist.dir" value="${org.jboss.esb.internal.dest}/${esb.server.name}"/>
<!-- Set internal property defaults -->
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/docs/ServicesGuide.odt
===================================================================
(Binary files differ)
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/esb-config.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/esb-config.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/esb-config.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -47,12 +47,17 @@
<element name="serverElements" implicit="yes" optional="true"/>
<sequential>
<echo message="Starting local ESB server: @{serverHome}/server/@{serverConfig}"/>
- <echo message="java.endorsed.dirs : ${server.endorsed}"/>
+ <path id="endorsed.dirs">
+ <pathelement path="${server.endorsed}"/>
+ <pathelement path="${server.test.endorsed}"/>
+ </path>
+ <property name="endorsed.dirs" refid="endorsed.dirs"/>
+ <echo message="java.endorsed.dirs : ${endorsed.dirs}"/>
<java classname="org.jboss.Main" fork="true" spawn="true"
dir="@{serverHome}/bin">
<classpath refid="server.classpath"/>
<jvmarg line="${agent.jvmarg}"/>
- <jvmarg line="-Djava.endorsed.dirs=${server.endorsed}"/>
+ <jvmarg line="-Djava.endorsed.dirs=${endorsed.dirs}"/>
<jvmarg line="-Dxb.builder.useUnorderedSequence=true"/>
<arg value="-c"/>
<arg value="@{serverConfig}"/>
@@ -215,6 +220,7 @@
<pathelement location="${org.jboss.esb.server.home}/bin/run.jar"/>
</path>
<property name="server.endorsed" location="${org.jboss.esb.server.home}/lib/endorsed"/>
+ <property name="server.test.endorsed" location="${org.jboss.esb.server.home}/test-endorsed"/>
</target>
<target name="esb.configure" depends="esb.init, esb.configure-app-server, esb.configure-esb-server, esb.configure-ftp-server"/>
@@ -226,6 +232,10 @@
<property name="org.jboss.esb.server.home" value="${org.jboss.esb.server.home}"/>
<property name="org.jboss.esb.server.config" value="${org.jboss.esb.test.server.config}"/>
</ant>
+ <delete dir="${server.test.endorsed}" quiet="true"/>
+ <copy todir="${server.test.endorsed}">
+ <fileset dir="${org.jboss.esb.server.home}/client" includes="jboss*jaxrpc.jar jboss*jaxws-ext.jar jboss*jaxws.jar jboss*saaj.jar"/>
+ </copy>
</target>
<target name="esb.setup-server" depends="esb.configure" description="target for configuring a clean app server profile"/>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/ivy.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/ivy.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/ivy.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -156,6 +156,7 @@
<dependency org="javax.xml.bind" name="jaxb-api" rev="2.1"/>
<dependency org="org.jboss.security" name="jboss-security-spi" rev="2.1.0.20090318"/>
+ <dependency org="jboss" name="jbosssx" rev="4.2.3.GA"/>
<!-- JBoss Identity Federation -->
<!-- We will use beta2 when it comes out
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -28,6 +28,7 @@
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.persistence.manager.ConnectionManager;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import com.mchange.v2.c3p0.ComboPooledDataSource;
@@ -84,7 +85,12 @@
pooledDS.setDriverClass(Configuration.getStoreDriver());
pooledDS.setJdbcUrl(Configuration.getStoreUrl());
pooledDS.setUser(Configuration.getStoreUser());
- pooledDS.setPassword(Configuration.getStorePwd());
+ String password = Configuration.getStorePwd();
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ password = new PasswordUtil(password).getPasswordAsString();
+ }
+ pooledDS.setPassword(password);
pooledDS.setMinPoolSize(Integer.valueOf(Configuration
.getStorePoolMinSize()));
pooledDS.setInitialPoolSize(Integer.valueOf(Configuration
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -21,6 +21,8 @@
*/
package org.jboss.internal.soa.esb.rosetta.pooling;
+import java.io.IOException;
+import java.net.URL;
import java.sql.SQLException;
import java.util.*;
import java.util.concurrent.Callable;
@@ -50,6 +52,8 @@
import org.jboss.soa.esb.common.TransactionStrategyException;
import org.jboss.soa.esb.helpers.NamingContextException;
import org.jboss.soa.esb.helpers.NamingContextPool;
+import org.jboss.soa.esb.services.security.PasswordUtil;
+import org.jboss.soa.esb.util.JmsUtil;
import com.arjuna.common.util.propertyservice.PropertyManager;
@@ -759,10 +763,15 @@
logger.debug("Creating a JMS Connection for poolKey : " + poolKey);
final Object factoryConnection = getFactoryConnection() ;
final String username = poolKey.get( JMSEpr.JMS_SECURITY_PRINCIPAL_TAG );
- final String password = poolKey.get( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG );
- boolean useJMSSecurity = (username != null && password != null);
+ String password = poolKey.get( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG );
+ boolean useJMSSecurity = JmsUtil.isSecurityConfigured(username, password);
logger.debug( "JMS Security principal [" + username + "] using JMS Security : " + useJMSSecurity );
+ if (useJMSSecurity)
+ {
+ password = JmsUtil.getPasswordFromFile(password);
+ }
+
if (isXAAware)
{
final XAConnectionFactory factory = (XAConnectionFactory)factoryConnection ;
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -23,11 +23,14 @@
import org.apache.log4j.Logger;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.ConfigurationException;
import javax.xml.registry.Connection;
import javax.xml.registry.ConnectionFactory;
import javax.xml.registry.JAXRException;
+
+import java.io.IOException;
import java.net.PasswordAuthentication;
import java.util.HashSet;
import java.util.Properties;
@@ -79,6 +82,17 @@
}
String user = Configuration.getRegistryUser();
String password = Configuration.getRegistryPassword();
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ password = new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (IOException e)
+ {
+ throw new ConfigurationException("Could not retrieve password from file", e);
+ }
+ }
if(user != null && password != null) {
PasswordAuthentication passwdAuth = new PasswordAuthentication(user, password.toCharArray());
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -55,6 +55,7 @@
import org.jboss.soa.esb.notification.jms.DefaultJMSPropertiesSetter;
import org.jboss.soa.esb.notification.jms.JMSPropertiesSetter;
import org.jboss.soa.esb.util.ClassUtil;
+import org.jboss.soa.esb.util.JmsUtil;
import org.jboss.soa.esb.util.JndiUtil;
import org.jboss.soa.esb.util.Util;
@@ -259,11 +260,16 @@
}
final String securityPrincipal = properties.getAttribute(SECURITY_PRINCIPAL);
- final String securityCredential = properties.getAttribute(SECURITY_CREDITIAL);
+ String securityCredential = properties.getAttribute(SECURITY_CREDITIAL);
+ boolean useJMSSecurity = JmsUtil.isSecurityConfigured(securityPrincipal, securityCredential);
if ( securityPrincipal != null && securityCredential == null )
throw new ConfigurationException("'" + SECURITY_PRINCIPAL + "' must be accompanied by a '" + SECURITY_CREDITIAL + "'");
else if ( securityCredential != null && securityPrincipal == null )
throw new ConfigurationException("'" + SECURITY_CREDITIAL + "' must be accompanied by a '" + SECURITY_PRINCIPAL + "'");
+ if (useJMSSecurity)
+ {
+ securityCredential = JmsUtil.getPasswordFromFile(securityCredential);
+ }
// Extract and environment properties given as properties in the config.
environment = JndiUtil.parseEnvironmentProperties(propertiesTree);
@@ -271,7 +277,7 @@
environment.setProperty(Context.INITIAL_CONTEXT_FACTORY, jndiContextFactory);
environment.setProperty(Context.URL_PKG_PREFIXES, jndiPkgPrefix);
try {
- pool = ( securityPrincipal != null ) ?
+ pool = ( useJMSSecurity ) ?
JmsConnectionPoolContainer.getPool(environment, connectionFactory, securityPrincipal, securityCredential) :
JmsConnectionPoolContainer.getPool(environment, connectionFactory );
} catch (final ConnectionException ce) {
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -53,6 +53,7 @@
import org.jboss.internal.soa.esb.assertion.AssertArgument;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.util.Util;
/**
@@ -208,7 +209,14 @@
*/
public Email(final String host, final int port, final String username, final String password, final boolean auth) throws AddressException, MessagingException {
AssertArgument.isNotNullAndNotEmpty(host, "host");
- this.oMailSess = initMailServerSession(host, port, username, password, auth);
+ try
+ {
+ this.oMailSess = initMailServerSession(host, port, username, password, auth);
+ }
+ catch (IOException e)
+ {
+ throw new MessagingException(e.getMessage(), e);
+ }
}
@@ -464,12 +472,14 @@
* @param auth If true will attempt to authenticate the user using the AUTH command. This will set the property 'mail.smtp.auth'.
*
* @return The {@link javax.mail.Session}.
+ * @throws IOException
*/
- private Session initMailServerSession(final String host, final int port, final String username, final String password, final boolean auth) {
+ private Session initMailServerSession(final String host, final int port, final String username, final String password, final boolean auth) throws IOException {
Authenticator authenticator = null;
if (!Util.isNullString(username)) {
- authenticator = new MyAuth(username, password);
+ String pw = new PasswordUtil(password).getPasswordAsString();
+ authenticator = new MyAuth(username, pw);
}
final Properties properties = new Properties();
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -21,9 +21,11 @@
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.http.HttpClientFactory;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.apache.commons.httpclient.HttpClient;
import java.util.Properties;
+import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
@@ -90,4 +92,20 @@
throw new ConfigurationException(getClass().getSimpleName() + " must be configured with an Integer value for the '" + propertyName + "' property.");
}
}
+
+ protected String getPasswordFromFile(final String password) throws ConfigurationException
+ {
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ return new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (final IOException e)
+ {
+ throw new ConfigurationException(e.getMessage(), e);
+ }
+ }
+ return password;
+ }
}
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -68,6 +68,8 @@
assertPropertySetAndNotBlank(authScopeHost, "authscope-host");
assertPropertyIsInteger(authScopePort, "authscope-port");
+ password = getPasswordFromFile(password);
+
Credentials creds = new UsernamePasswordCredentials(username, password);
AuthScope authScope;
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -69,7 +69,9 @@
assertPropertySetAndNotBlank(authScopeHost, "ntauthscope-host");
assertPropertyIsInteger(authScopePort, "ntauthscope-port");
assertPropertySetAndNotBlank(authScopeDomain, "ntauthscope-domain");
-
+
+ password = getPasswordFromFile(password);
+
Credentials creds = new NTCredentials(username, password,
authScopeHost, authScopeDomain);
AuthScope authScope;
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -156,6 +156,8 @@
String keyStore = properties.getProperty("keystore", "/keystore");
String keyStorePassword = properties.getProperty("keystore-passw", "changeit");
+ keyStorePassword = getPasswordFromFile(keyStorePassword);
+
// Try it as a classpath resource ...
InputStream keyStoreStream = ClassUtil.getResourceAsStream(keyStore, HttpProtocol.class);
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -50,8 +50,6 @@
import org.jboss.soa.esb.message.body.content.BytesBody;
import org.jboss.soa.esb.services.registry.RegistryException;
import org.jboss.soa.esb.services.registry.RegistryFactory;
-import org.jboss.soa.esb.services.security.PublicCryptoUtil;
-import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
import org.jboss.soa.esb.services.security.auth.ExtractorUtil;
@@ -62,7 +60,6 @@
import javax.management.MBeanServer;
import javax.security.auth.login.LoginException;
-import java.io.Serializable;
import java.io.StringWriter;
import java.io.PrintWriter;
import java.net.*;
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -22,6 +22,7 @@
package org.jboss.soa.esb.listeners.gateway;
+import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
@@ -62,7 +63,9 @@
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.services.registry.RegistryException;
import org.jboss.soa.esb.services.registry.ServiceNotFoundException;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.util.ClassUtil;
+import org.jboss.soa.esb.util.JmsUtil;
import org.jboss.soa.esb.util.JndiUtil;
public class JmsGatewayListener extends AbstractThreadedManagedLifecycle {
@@ -382,22 +385,29 @@
String destType = _config.getAttribute(JMSEpr.DESTINATION_TYPE_TAG);
boolean persistent = Boolean.valueOf( _config.getAttribute(JMSEpr.PERSISTENT_TAG));
boolean transacted = Boolean.valueOf( _config.getAttribute(JMSEpr.TRANSACTED_TAG));
+ _logger.debug( "JMSGateway isTransacted = " + transacted );
String acknowledgeMode = _config.getAttribute(JMSEpr.ACKNOWLEDGE_MODE_TAG);
final String username = _config.getAttribute( JMSEpr.JMS_SECURITY_PRINCIPAL_TAG );
+
+ // password can be either a clear text password or a file containting an encrypted password.
final String password = _config.getAttribute( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG );
- if ( username != null && password != null )
+ String decryptedPassword = null;
+ if (JmsUtil.isSecurityConfigured(username, password))
{
environment.put( JMSEpr.JMS_SECURITY_PRINCIPAL_TAG, username );
- environment.put( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG, password );
+ decryptedPassword = JmsUtil.getPasswordFromFile(password);
+ environment.put( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG, decryptedPassword);
}
- _logger.debug( "JMSGateway isTransacted = " + transacted );
+ // When creating the EPR we always use the password as seen in the configuration.
_myEpr = (null == _serviceName) ? null : new JMSEpr(JMSEpr.ONE_ONE_PROTOCOL, destType,
jmsDestinationName, sFactClass, environment, _messageSelector, persistent, acknowledgeMode,
username, password, transacted );
- jmsConnectionPool = JmsConnectionPoolContainer.getPool(environment, sFactClass, username, password);
+
+ // To create the connection pool we need to use the decrypted password (if applicable).
+ jmsConnectionPool = JmsConnectionPoolContainer.getPool(environment, sFactClass, username, decryptedPassword);
try {
jmsSession = _myEpr != null ? jmsConnectionPool.getSession(((JMSEpr)_myEpr).getAcknowledgeMode()):
Copied: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java (from rev 29574, labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java)
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -0,0 +1,103 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.jboss.internal.soa.esb.assertion.AssertArgument;
+import org.jboss.internal.soa.esb.util.StreamUtils;
+import org.jboss.security.plugins.FilePassword;
+import org.jboss.soa.esb.ConfigurationException;
+
+/**
+ * Util class that can read a password from a specified file.
+ * </p>
+ * This class simply delegated to {@link FilePassword} which performs the
+ * real work.
+ *
+ * <h3>Creating a password file</h3>
+ * Go to the conf directory of your jboss server instance (eg: default/conf)
+ * java -cp ../lib/jbosssx.jar org.jboss.security.plugins.FilePassword welcometojboss 13 testpass passwordFile
+ * <lu>
+ * <li>welcometojboss Is the salt value.<li>
+ * <li>testpass Is the clear text password you want to protect.<li>
+ * <li>passwordFile Is the name of the file which will contain the encrypted password.<li>
+ * </lu>
+ *
+ * Note that this is security by obscurity in that the password is not store
+ * in plaintext, but it can be recovered by simply using the code from this class.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ * @since 4.7
+ */
+public final class PasswordUtil
+{
+ private FilePassword filePassword;
+
+ public PasswordUtil(final String passwordFile)
+ {
+ AssertArgument.isNotNull(passwordFile, "passwordFile");
+ filePassword = new FilePassword(passwordFile);
+ }
+
+ public char[] getPassword() throws IOException
+ {
+ return filePassword.toCharArray();
+ }
+
+ public String getPasswordAsString() throws IOException
+ {
+ return new String(filePassword.toCharArray());
+ }
+
+ public static boolean isPasswordFile(final String passwordFile)
+ {
+ if (passwordFile == null || "".equals(passwordFile))
+ {
+ return false;
+ }
+ InputStream resource = null;
+ try
+ {
+ resource = StreamUtils.getResource(passwordFile);
+ return resource != null;
+ }
+ catch (final ConfigurationException e)
+ {
+ return false;
+ }
+ finally
+ {
+ try
+ {
+ if (resource != null)
+ {
+ resource.close();
+ }
+ }
+ catch (final IOException ignored)
+ {
+ }
+ }
+ }
+
+}
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -45,7 +45,6 @@
import org.jboss.soa.esb.util.ClassUtil;
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.listeners.message.MessageDeliverException;
-import org.jboss.soa.esb.listeners.gateway.http.HttpGatewayServlet;
/**
* Util for encrypting/decrypting using assymmetric keys.
@@ -167,9 +166,14 @@
{
keystoreType = KeyStore.getDefaultType();
}
+
String keystorePassword = Configuration.getSecurityServicePublicKeystorePassword();
+ String privateKeyPass = Configuration.getSecurityServicePublicKeyPassword();
String privateKeyAlias = Configuration.getSecurityServicePublicKeyAlias();
- String privateKeyPass = Configuration.getSecurityServicePublicKeyPassword();
+
+ // Try to retreive the password from a file if applicable.
+ keystorePassword = getPasswordFromFile(keystorePassword);
+ privateKeyPass = getPasswordFromFile(privateKeyPass);
try
{
@@ -222,6 +226,23 @@
}
}
}
+
+ private String getPasswordFromFile(final String password)
+ {
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ return new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (final IOException e)
+ {
+ throw new IllegalStateException(e.getMessage(), e);
+ }
+ }
+
+ return password;
+ }
private static byte[] getBytes(final Serializable ser) throws IOException
{
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -22,7 +22,6 @@
import java.io.Serializable;
-import org.apache.log4j.Logger;
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.services.security.PublicCryptoUtil;
import org.jboss.soa.esb.services.security.SecurityService;
@@ -36,8 +35,6 @@
*/
public final class ExtractorUtil
{
- private static Logger log = Logger.getLogger(ExtractorUtil.class);
-
private ExtractorUtil()
{
}
@@ -53,7 +50,7 @@
}
else
{
- log.warn("No public keystore has been configured which means that the authentication request cannot be encrypted. Please configure jbossesb-properties.xml with a publickey store.");
+ throw new SecurityServiceException("No public keystore has been configured which means that the authentication request cannot be encrypted. Please configure jbossesb-properties.xml with a publickey store.");
}
}
}
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -81,11 +81,11 @@
}
/**
- * Extracts UsernameToken element is one exists and creates
- * a Principal with the username and sets a Credential using
- * the password. The type of the Credential is a character array.
- * If the SOAP message contains a BinarySecurityToken this will be
- * extracted and added as a Credential.
+ * Extracts UsernameToken element is one exists and creates a Principal with the
+ * username and sets a Credential using the password. The type of the Credential is a character array.
+ * <p/>
+ * If the SOAP message contains a BinarySecurityToken this will be extracted and added as a Credential.
+ *
* @param soap - the soap message represented as a String
* @return {@link AuthenticationRequest}
*/
@@ -96,28 +96,35 @@
return null;
}
- final JavaResult javaResult = new JavaResult();
- smooks.filter(new StreamSource(new StringReader(soap)), javaResult);
-
- UsernameToken token = (UsernameToken) javaResult.getBean("userNameToken");
- User user = null;
- Set<Object> credentials = new HashSet<Object>();
- if ( token != null )
+ if (soap.contains("UsernameToken") || soap.contains("BinarySecurityToken"))
{
- user = new User(token.getUserName());
- credentials.add(token.getPassword());
- }
+ final JavaResult javaResult = new JavaResult();
+ smooks.filterSource(new StreamSource(new StringReader(soap)), javaResult);
- BinarySecurityToken binaryToken = (BinarySecurityToken) javaResult.getBean("binarySecurityToken");
- if ( binaryToken != null )
- {
- credentials.add(binaryToken.getKey());
+ UsernameToken token = (UsernameToken) javaResult.getBean("userNameToken");
+ User user = null;
+ Set<Object> credentials = new HashSet<Object>();
+ if (token != null)
+ {
+ user = new User(token.getUserName());
+ credentials.add(token.getPassword());
+ }
+
+ BinarySecurityToken binaryToken = (BinarySecurityToken) javaResult.getBean("binarySecurityToken");
+ if (binaryToken != null)
+ {
+ credentials.add(binaryToken.getKey());
+ }
+ if (credentials.isEmpty())
+ {
+ return null;
+ }
+ return new AuthenticationRequestImpl.Builder(user, credentials ).build();
}
- if (credentials.isEmpty())
+ else
{
- return null ;
+ return null;
}
- return new AuthenticationRequestImpl.Builder(user, credentials ).build();
}
private void createSmooks(final String configFile)
Copied: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java (from rev 29574, labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java)
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -0,0 +1,77 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.util;
+
+import java.io.IOException;
+
+import javax.jms.JMSException;
+
+import org.apache.log4j.Logger;
+import org.jboss.soa.esb.services.security.PasswordUtil;
+
+/**
+ * Utility methods for JMS operations.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public class JmsUtil
+{
+ private static Logger log = Logger.getLogger(JmsUtil.class);
+
+ private JmsUtil()
+ {
+ }
+
+ /**
+ * Will return the decrypted password from the passed in file.
+ *
+ * @param password The path to the password file.
+ * @return String Either the decrypted password or the passed in password unchanged.
+ *
+ * @throws JMSException If an error occurs while decrypting.
+ */
+ public static String getPasswordFromFile(final String password) throws JMSException
+ {
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ return new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (final IOException e)
+ {
+ final String errorMsg = "Could not read password from file : " + password;
+ log.error(errorMsg, e);
+ throw new JMSException(errorMsg + ", " + e.getMessage());
+ }
+ }
+
+ return password;
+
+ }
+
+ public static boolean isSecurityConfigured(final String principal, final String credential)
+ {
+ return principal != null && credential != null;
+ }
+
+}
Copied: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java (from rev 29574, labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java)
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java 2009-10-12 05:21:24 UTC (rev 29576)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.net.URL;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Unit test for {@link PasswordUtil}.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public class PasswordUtilUnitTest
+{
+ private String jbossEsbProperties;
+
+ @Test
+ public void getPassword() throws IOException
+ {
+ final URL file = getClass().getResource("esb.password");
+ final PasswordUtil passwordUtil = new PasswordUtil(file.getFile());
+
+ final char[] password = passwordUtil.getPassword();
+ assertNotNull(password);
+ assertEquals("JBossESB", new String(password));
+ }
+
+ @Test (expected = IllegalArgumentException.class )
+ public void shouldThrowIfSecurityDomainIsNull() throws Exception
+ {
+ new PasswordUtil(null);
+ }
+
+ @Test
+ public void isPasswordFile()
+ {
+ final URL file = getClass().getResource("esb.password");
+ assertTrue(PasswordUtil.isPasswordFile(file.getFile()));
+ assertFalse(PasswordUtil.isPasswordFile("somepass"));
+ assertFalse(PasswordUtil.isPasswordFile("/webservice_proxy_security_pass"));
+ assertFalse(PasswordUtil.isPasswordFile(null));
+ assertFalse(PasswordUtil.isPasswordFile(""));
+ }
+
+ @Before
+ public void setup() throws ConfigurationException
+ {
+ jbossEsbProperties = System.getProperty(Environment.PROPERTIES_FILE);
+ URL resource = ClassUtil.getResource("security-properties.xml", getClass());
+ System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
+ }
+
+ @After
+ public void tearDown()
+ {
+ if ( jbossEsbProperties != null )
+ System.setProperty(Environment.PROPERTIES_FILE, jbossEsbProperties);
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(PasswordUtilUnitTest.class);
+ }
+
+}
Copied: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/esb.password (from rev 29574, labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/esb.password)
===================================================================
(Binary files differ)
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/conf/base-build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/conf/base-build.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/conf/base-build.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -165,6 +165,7 @@
<pathelement location="${org.jboss.esb.server.server}/lib/cglib.jar"/>
<pathelement location="${org.jboss.esb.server.server}/lib/dom4j.jar"/>
<pathelement location="${org.jboss.esb.server.server}/lib/antlr.jar"/>
+ <pathelement location="${org.jboss.esb.server.server}/lib/jbosssx.jar"/>
<!-- smooks config -->
<fileset dir="${org.jboss.esb.server.deploy.dir}/smooks.esb" includes="*.jar"/>
<pathelement location="${org.jboss.esb.server.deploy.dir}/smooks.esb"/>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/helloworld_action/oracle-aq/jboss-esb.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/helloworld_action/oracle-aq/jboss-esb.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/helloworld_action/oracle-aq/jboss-esb.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -2,7 +2,7 @@
<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.0.1.xsd" parameterReloadSecs="5">
<providers>
- <jms-provider name="JBossMQ" connection-factory="QueueConnectionFactory">
+ <jms-provider name="JBossMQ" connection-factory="ConnectionFactory">
<property name="java.naming.factory.initial" value="org.jboss.soa.esb.oracle.aq.AQInitialContextFactory"/>
<property name="java.naming.oracle.aq.user" value="kurt"/>
<property name="java.naming.oracle.aq.password" value="kurt"/>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/build.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/build.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -6,7 +6,18 @@
</description>
<property name="additional.deploys" value="messaging-db-users-service.xml" />
-
+ <target name="quickstart-specific-assemblies" depends="filter"/>
+
+ <target name="filter">
+ <property name="password.file" value="${basedir}/jmssecured.password"/>
+ <echo message="${password.file}"/>
+ <copy file="jboss-esb.xml" tofile="${build.dir}/META-INF/jboss-esb.xml" filtering="true" overwrite="true">
+ <filterset>
+ <filter token="password.file" value="${password.file}" />
+ </filterset>
+ </copy>
+ </target>
+
<!-- Import the base Ant build script... -->
<import file="../conf/base-build.xml"/>
@@ -32,8 +43,6 @@
</copy>
</target>
-
-
<target name="runtest" depends="compile"
description="sends a JMS message to queue/quickstart_jms_secured_Request_gw">
<echo>Runs Test JMS Sender</echo>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/deployment.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/deployment.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/deployment.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -2,4 +2,5 @@
<depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_jms_secured_Request_esb</depends>
<depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_jms_secured_Request_gw</depends>
<depends>jboss.messaging:service=JMSSecuredQuickstartUserManager</depends>
+ <depends>jboss.esb:deployment=jbossesb.esb</depends>
</jbossesb-deployment>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/jboss-esb.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/jboss-esb.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/jboss-esb.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -1,5 +1,5 @@
<?xml version = "1.0" encoding = "UTF-8"?>
-<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.0.1.xsd" parameterReloadSecs="5">
+<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.2.0.xsd" parameterReloadSecs="5">
<providers>
<jms-provider name="JBossMessaging" connection-factory="ConnectionFactory">
@@ -7,7 +7,7 @@
<jms-message-filter
dest-type="QUEUE"
dest-name="queue/quickstart_jms_secured_Request_gw"
- jms-security-principal="esbuser" jms-security-credential="esbpassword"
+ jms-security-principal="esbuser" jms-security-credential="@password.file@"
/>
</jms-bus>
<jms-bus busid="quickstartEsbChannel">
Copied: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/jmssecured.password (from rev 29574, labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/jmssecured.password)
===================================================================
(Binary files differ)
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/readme.txt
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/readme.txt 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/jms_secured/readme.txt 2009-10-12 05:21:24 UTC (rev 29576)
@@ -45,3 +45,10 @@
5. messaging-db-users.properties
Is a jboss service that insert users and roles into the JBoss Messaging database. This is only used when JBoss
Messaging is configured to use a database for managing users and roles.
+ 6. jmssecured.password
+ This is an encrypted password file for the configured JMS destination. This is configured in jboss-esb.xml instead of the
+ clear text password for the jmsbus with id 'quickstartGwChannel'.
+
+ The password was encrypted by issuing the following command (from the conf directory of your jboss server instance (eg: default/conf):
+ java -cp ../lib/jbosssx.jar org.jboss.security.plugins.FilePassword welcometojboss 13 esbpassword jmssecured.password
+
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/build.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/build.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -28,6 +28,7 @@
<mkdir dir="${build.dir}/META-INF/"/>
<property name="keystore" location="${build.dir}/webservice_proxy_security.keystore" />
+ <property name="password.file" location="${basedir}/wsproxysecurity.password" />
<delete file="${keystore}" failonerror="false"/>
<genkey
@@ -57,6 +58,7 @@
<copy file="httpclient-8443.properties" todir="${build.dir}/META-INF">
<filterset>
<filter token="keystore" value="${keystoredir}" />
+ <filter token="keystore.password" value="${password.file}" />
</filterset>
</copy>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties 2009-10-12 05:21:24 UTC (rev 29576)
@@ -11,7 +11,7 @@
#protocol-socket-factory=org.jboss.soa.esb.http.protocol.SelfSignedSSLProtocolSocketFactoryBuilder
#protocol-socket-factory=org.jboss.soa.esb.http.protocol.AuthSSLProtocolSocketFactoryBuilder
keystore=@keystore@
-keystore-passw=webservice_proxy_security_pass
+keystore-passw=@keystore.password@
truststore=@keystore@
truststore-passw=webservice_proxy_security_pass
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -1,6 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.2.0.xsd" parameterReloadSecs="5">
+ <globals>
+ <!-- Security setting for all http-providers and all EBWSs in this jboss-esb.xml file.-->
+ <war-security method="BASIC" domain="JBossWS" /> <!-- uname: "kermit" pw: "thefrog" -->
+ </globals>
+
<providers>
<http-provider name="HTTP-PROVIDER">
<http-bus busid="HTTP-BUS" transportGuarantee="CONFIDENTIAL">
@@ -8,7 +13,6 @@
<role name="friend" />
</allowed-roles>
</http-bus>
- <auth method="BASIC" domain="JBossWS" />
</http-provider>
</providers>
@@ -16,7 +20,6 @@
<service category="Proxy_Security" name="Proxy"
description="Security WebService Proxy"
invmScope="GLOBAL">
- <security moduleName="JBossWS" />
<listeners>
<http-gateway name="HTTP-GATEWAY" busidref="HTTP-BUS" urlPattern="ProxyWS/*" />
</listeners>
Copied: labs/jbossesb/workspace/dbevenius/saml_support/product/samples/quickstarts/webservice_proxy_security/wsproxysecurity.password (from rev 29574, labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/wsproxysecurity.password)
===================================================================
(Binary files differ)
Modified: labs/jbossesb/workspace/dbevenius/saml_support/qa/base-cp.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/qa/base-cp.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/qa/base-cp.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -11,11 +11,10 @@
- Restrict jar files to those known to be required.
-->
<property name="org.jboss.esb.server.server"
- location="${org.jboss.esb.server.home}/server/${org.jboss.esb.server.config}" />
+ location="${org.jboss.esb.server.home}/server/${org.jboss.esb.test.server.config}" />
<dirname property="pwd" file="${ant.file.base-cp}" />
<target name="check-as-version">
- <property name="org.jboss.esb.server.server" location="${org.jboss.esb.server.home}/server/${org.jboss.esb.server.config}"/>
<!-- Check for JBossAS5 -->
<condition property="jbossas5">
<available file="${org.jboss.esb.server.server}/deployers"/>
@@ -89,7 +88,6 @@
</target>
<target name="as5-path" if="jbossas5">
- <property name="org.jboss.esb.server.server" location="${org.jboss.esb.server.home}/server/${org.jboss.esb.server.config}"/>
<property name="org.jboss.esb.server.deploy.dir" location="${org.jboss.esb.server.server}/deploy"/>
<property name="org.jboss.esb.server.common.lib" location="${org.jboss.esb.server.home}/common/lib"/>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/qa/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/qa/build.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/qa/build.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -15,10 +15,6 @@
<property name="build.location" location="build"/>
<property file="test.properties" />
- <condition property="org.jboss.esb.server.home" value="${esb.server.home}">
- <available file="${esb.server.home}"/>
- </condition>
-
<import file="${product.dir}/esb-config.xml"/>
<property name="org.jboss.esb.properties" location="${product.dir}/product.properties"/>
@@ -49,7 +45,6 @@
<sysproperty key="ant.home" value="${ant.home}"/>
<sysproperty key="ant.library.dir" value="${ant.library.dir}"/>
<sysproperty key="org.jboss.esb.properties" value="${org.jboss.esb.properties}"/>
- <sysproperty key="esb.server.home" value="${esb.server.home}"/>
<arg value="-cp"/>
<arg value="${junit.jar}"/>
<arg value="-f"/>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/qa/quickstarts/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/qa/quickstarts/build.xml 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/qa/quickstarts/build.xml 2009-10-12 05:21:24 UTC (rev 29576)
@@ -26,6 +26,8 @@
<property name="junit.jar" location="${product.dir}/../testlib/junit-4.1.jar"/>
+ <property file="${org.jboss.esb.properties}"/>
+
<import file="../base-cp.xml"/>
<macrodef name="runant">
@@ -144,7 +146,7 @@
<property name="quickstart.jbossesb.ftp.password" value="${org.jboss.esb.test.ftp.pwd}"/>
<property name="quickstart.jbossesb.ftp.directory" value="${org.jboss.esb.test.ftp.dir}"/>
<property name="org.jboss.esb.server.home" location="${qa.quickstarts.server.home}"/>
- <property name="org.jboss.esb.server.config" value="${org.jboss.esb.server.config}"/>
+ <property name="org.jboss.esb.server.config" value="${org.jboss.esb.test.server.config}"/>
</ant>
</sequential>
</macrodef>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/qa/test.properties
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/qa/test.properties 2009-10-11 19:20:10 UTC (rev 29575)
+++ labs/jbossesb/workspace/dbevenius/saml_support/qa/test.properties 2009-10-12 05:21:24 UTC (rev 29576)
@@ -11,7 +11,7 @@
# Set these options to run the tests against a SOA/JBoss AS container
####
#soa.test.no-prepare=true
-#org.jboss.esb.server.home=/opt/jboss-soa-p.4.2.0/jboss-as
+#org.jboss.esb.server.home=
#org.jboss.esb.test.server.config=all
#org.jboss.esb.server.config=all
More information about the jboss-svn-commits
mailing list