[jboss-svn-commits] JBL Code SVN: r29578 - in labs/jbossesb/workspace/dbevenius/saml_support/product: rosetta/src/org/jboss/soa/esb/actions/security and 2 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Mon Oct 12 07:44:28 EDT 2009
Author: beve
Date: 2009-10-12 07:44:27 -0400 (Mon, 12 Oct 2009)
New Revision: 29578
Modified:
labs/jbossesb/workspace/dbevenius/saml_support/product/install/build.xml
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
Log:
Updated STS so that it can handle password files.
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/install/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/install/build.xml 2009-10-12 06:26:33 UTC (rev 29577)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/install/build.xml 2009-10-12 11:44:27 UTC (rev 29578)
@@ -171,13 +171,9 @@
<!-- copy JBoss Identity jars -->
<copy todir="${server.lib.dir}" overwrite="true">
<fileset dir="${org.jboss.esb.dist.lib}">
- <!-- commented out until JBoss Identity beta3 is available in maven -->
- <!--include name="jboss-identity-*.jar"/-->
+ <include name="jboss-identity-*.jar"/>
<include name="xmlsec-*.jar"/>
</fileset>
- <fileset dir="${product.dir}/lib/ext">
- <include name="jboss-identity-*.jar"/>
- </fileset>
</copy>
<copy file="${org.jboss.esb.dist.lib}/jbossws-native-core-3.0.5.GA.jar" tofile="${deploy.dir}/jbossws.sar/jbossws-core.jar"/>
@@ -265,13 +261,9 @@
<copy todir="${org.jboss.esb.server.home}/common/lib" overwrite="true">
<fileset dir="${product.dir}/build/lib">
- <!-- Commented out until there is beta3 relaease in maven -->
- <!--include name="jboss-identity-*.jar"/-->
+ <include name="jboss-identity-*.jar"/>
<include name="xmlsec-*.jar"/>
</fileset>
- <fileset dir="${product.dir}/lib/ext">
- <include name="jboss-identity-*.jar"/>
- </fileset>
</copy>
<property name="org.jboss.esb.server.home" value="${org.jboss.esb.server.home}"/>
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java 2009-10-12 06:26:33 UTC (rev 29577)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java 2009-10-12 11:44:27 UTC (rev 29578)
@@ -20,6 +20,7 @@
*/
package org.jboss.soa.esb.actions.security;
+import java.io.IOException;
import java.io.Serializable;
import java.util.Collections;
import java.util.Set;
@@ -30,6 +31,7 @@
import org.jboss.identity.federation.core.wstrust.STSClientFactory;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.STSClientConfig.Builder;
import org.jboss.internal.soa.esb.assertion.AssertArgument;
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.actions.AbstractActionPipelineProcessor;
@@ -37,6 +39,7 @@
import org.jboss.soa.esb.actions.ActionProcessingException;
import org.jboss.soa.esb.helpers.ConfigTree;
import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.services.security.PublicCryptoUtil;
import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
@@ -101,6 +104,12 @@
public JBossSTSAction(final ConfigTree config) throws ConfigurationException
{
wsTrustConfig = new STSClientConfig.Builder().build(config.getRequiredAttribute(STS_CONFIG));
+ // this call will not be required with the next version of jboss-identity
+ // as it will be able to first parse and populate the builder so that
+ // properties, like password, can be overridden.
+ // http://jira.jboss.org/jira/browse/JBID-202
+ wsTrustConfig = checkTypeOfPassword(wsTrustConfig);
+
addAssertionToEsbAuthRequest = config.getBooleanAttribute(ADD_TO_ESB_AUTH_REQUEST, false);
tokenType = config.getAttribute(TOKEN_TYPE_OPTION);
endpointURI = config.getAttribute(ENDPOINT_URI_OPTION);
@@ -142,6 +151,31 @@
return message;
}
+ private STSClientConfig checkTypeOfPassword(final STSClientConfig config) throws ConfigurationException
+ {
+ final String password = config.getPassword();
+
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ final Builder builder = new STSClientConfig.Builder();
+ builder.serviceName(config.getServiceName());
+ builder.endpointAddress(config.getEndPointAddress());
+ builder.portName(config.getPortName());
+ builder.username(config.getUsername());
+ try
+ {
+ // Set the password using password file.
+ builder.password(new PasswordUtil(password).getPasswordAsString());
+ }
+ catch (final IOException e)
+ {
+ throw new ConfigurationException("Could not read password from file :" + config.getPassword(), e);
+ }
+ return builder.build();
+ }
+ return config;
+ }
+
private void addToEsbAuthRequest(final Element assertion, final Message message) throws ActionProcessingException
{
final SamlCredential samlCredential = new SamlCredential(assertion);
@@ -160,7 +194,7 @@
STSClient createWSTrustClient() throws ActionLifecycleException
{
- try
+ try
{
return STSClientFactory.getInstance().create(wsTrustConfig);
}
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java 2009-10-12 06:26:33 UTC (rev 29577)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java 2009-10-12 11:44:27 UTC (rev 29578)
@@ -20,13 +20,13 @@
*/
package org.jboss.soa.esb.services.security;
+import java.io.File;
import java.io.IOException;
-import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
import org.jboss.internal.soa.esb.assertion.AssertArgument;
-import org.jboss.internal.soa.esb.util.StreamUtils;
import org.jboss.security.plugins.FilePassword;
-import org.jboss.soa.esb.ConfigurationException;
/**
* Util class that can read a password from a specified file.
@@ -72,32 +72,21 @@
public static boolean isPasswordFile(final String passwordFile)
{
if (passwordFile == null || "".equals(passwordFile))
- {
return false;
- }
- InputStream resource = null;
- try
- {
- resource = StreamUtils.getResource(passwordFile);
- return resource != null;
- }
- catch (final ConfigurationException e)
- {
- return false;
- }
- finally
- {
- try
- {
- if (resource != null)
- {
- resource.close();
- }
- }
- catch (final IOException ignored)
- {
- }
- }
+
+ try
+ {
+ final URL url = new URL(passwordFile);
+ if (url != null)
+ return true;
+ }
+ catch (final MalformedURLException ignored)
+ {
+ final File pwFile = new File(passwordFile);
+ if (pwFile.exists() && !pwFile.isDirectory())
+ return true;
+ }
+ return false;
}
}
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-10-12 06:26:33 UTC (rev 29577)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-10-12 11:44:27 UTC (rev 29578)
@@ -37,7 +37,9 @@
import org.jboss.identity.federation.core.wstrust.STSClientFactory;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.STSClientConfig.Builder;
import org.jboss.security.auth.callback.ObjectCallback;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
import org.w3c.dom.Element;
@@ -124,10 +126,40 @@
this.callbackHandler = callbackHandler;
final String configFile = getRequiredOption(options, STS_CONFIG_FILE);
- STSClientConfig config = new STSClientConfig.Builder().build(configFile);
+ // this call will not be required with the next version of jboss-identity
+ // as it will be able to first parse and populate the builder so that
+ // properties, like password, can be overridden.
+ // http://jira.jboss.org/jira/browse/JBID-202
+ final STSClientConfig config = checkTypeOfPassword(new STSClientConfig.Builder().build(configFile));
wsTrustClient = createWSTrustClient(config);
}
+ private STSClientConfig checkTypeOfPassword(final STSClientConfig config)
+ {
+ final String password = config.getPassword();
+
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ final Builder builder = new STSClientConfig.Builder();
+ builder.serviceName(config.getServiceName());
+ builder.endpointAddress(config.getEndPointAddress());
+ builder.portName(config.getPortName());
+ builder.username(config.getUsername());
+ try
+ {
+ // Set the password using password file.
+ builder.password(new PasswordUtil(password).getPasswordAsString());
+ return builder.build();
+ }
+ catch (final IOException e)
+ {
+ throw new IllegalArgumentException("Could not read password from file :" + config.getPassword(), e);
+ }
+ }
+
+ return config;
+ }
+
STSClient createWSTrustClient(final STSClientConfig config)
{
try
More information about the jboss-svn-commits
mailing list