Author: jim.ma
Date: 2014-01-03 07:38:10 -0500 (Fri, 03 Jan 2014)
New Revision: 18223
Added:
stack/cxf/branches/jaspi/modules/jaspi/
stack/cxf/branches/jaspi/modules/jaspi/pom.xml
stack/cxf/branches/jaspi/modules/jaspi/src/
stack/cxf/branches/jaspi/modules/jaspi/src/main/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/jaspi-config-client.xml
Removed:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthConfig.java
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthContext.java
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/WSS4JOutInterceptor.java
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
Modified:
stack/cxf/branches/jaspi/modules/client/pom.xml
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/ProviderImpl.java
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/SOAPClientAuthModule.java
stack/cxf/branches/jaspi/modules/server/pom.xml
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java
stack/cxf/branches/jaspi/pom.xml
Log:
Add jaspi module and ClientAuthModule test
Modified: stack/cxf/branches/jaspi/modules/client/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/modules/client/pom.xml 2014-01-02 14:47:49 UTC (rev 18222)
+++ stack/cxf/branches/jaspi/modules/client/pom.xml 2014-01-03 12:38:10 UTC (rev 18223)
@@ -34,6 +34,11 @@
</dependency>
<dependency>
<groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf-jaspi</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.ws.cxf</groupId>
<artifactId>jbossws-cxf-factories</artifactId>
<version>${project.version}</version>
</dependency>
Modified:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/ProviderImpl.java
===================================================================
---
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/ProviderImpl.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/ProviderImpl.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -82,6 +82,8 @@
import org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientAuthenticator;
import org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientInInterceptor;
import org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientOutInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider;
+import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConstants;
import org.w3c.dom.Element;
/**
@@ -647,8 +649,10 @@
String contextRoot =
client.getEndpoint().getEndpointInfo().getName().toString();
String appId = "localhost " + contextRoot;
AuthConfigFactory factory = AuthConfigFactory.getFactory();
- AuthConfigProvider provider = factory.getConfigProvider("soap", appId,
null);;
-
+
+ Properties properties = new Properties();
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties,
factory);
+ provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId,
null);
JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
try
{
Deleted:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthConfig.java
===================================================================
---
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthConfig.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthConfig.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -1,118 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2013, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.wsf.stack.cxf.client.jaspi;
-
-import java.lang.reflect.Constructor;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.config.ClientAuthContext;
-import javax.security.auth.message.module.ClientAuthModule;
-
-import org.jboss.security.auth.container.config.AuthModuleEntry;
-import org.jboss.security.auth.login.JASPIAuthenticationInfo;
-import org.jboss.security.auth.message.config.JBossClientAuthConfig;
-import org.jboss.security.config.ControlFlag;
-import org.jboss.security.plugins.ClassLoaderLocator;
-import org.jboss.security.plugins.ClassLoaderLocatorFactory;
-
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
- */
-public class JBossWSClientAuthConfig extends JBossClientAuthConfig
-{
-
- @SuppressWarnings("rawtypes")
- private List modules = new ArrayList();
- private CallbackHandler callbackHandler;
-
- @SuppressWarnings("rawtypes")
- public JBossWSClientAuthConfig(String layer, String appContext, CallbackHandler
handler, Map properties)
- {
- super(layer, appContext, handler, properties);
- }
-
- @SuppressWarnings({ "rawtypes", "unchecked" })
- public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject,
Map properties) throws AuthException
- {
- List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
-
- Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
-
- String secDomain = (String)properties.get("security-domain");
-
- JASPIAuthenticationInfo jai =
(JASPIAuthenticationInfo)properties.get("jaspi-policy");
- AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
-
- ClassLoader moduleCL = null;
- String jbossModule = jai.getJBossModuleName();
- if (jbossModule != null && !jbossModule.isEmpty())
- {
- ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
- if (locator != null)
- moduleCL = locator.get(jbossModule);
- }
-
- for (AuthModuleEntry ame : amearr)
- {
-
- try
- {
- mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
- controlFlags.add(ame.getControlFlag());
- ClientAuthModule sam = this.createCAM(moduleCL, ame.getAuthModuleName());
-
- Map options = new HashMap();
- sam.initialize(null, null, callbackHandler, options);
- modules.add(sam);
- }
- catch (Exception e)
- {
- throw new AuthException(e.getLocalizedMessage());
- }
- }
-
- JBossWSClientAuthContext clientAuthContext = new JBossWSClientAuthContext(modules,
mapOptionsByName, this.callbackHandler);
- clientAuthContext.setControlFlags(controlFlags);
- return clientAuthContext;
- }
-
- @SuppressWarnings({ "unchecked", "rawtypes" })
- private ClientAuthModule createCAM(ClassLoader moduleCL, String name) throws
Exception
- {
- Class clazz = SecurityActions.loadClass(moduleCL, name);
- Constructor ctr = clazz.getConstructor(new Class[0]);
- return (ClientAuthModule)ctr.newInstance(new Object[0]);
- }
-
- @SuppressWarnings({ "rawtypes" })
- public List getClientAuthModules()
- {
- return modules;
- }
-
-}
\ No newline at end of file
Deleted:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthContext.java
===================================================================
---
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthContext.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/JBossWSClientAuthContext.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -1,100 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2013, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.wsf.stack.cxf.client.jaspi;
-
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.ClientAuthContext;
-import javax.security.auth.message.module.ClientAuthModule;
-
-import org.jboss.security.config.ControlFlag;
-
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
- */
-public class JBossWSClientAuthContext implements ClientAuthContext {
- private List<ClientAuthModule> modules = new
ArrayList<ClientAuthModule>();
- @SuppressWarnings("rawtypes")
- private Map<String, Map> moduleOptionsByName = new HashMap<String,
Map>();
- protected List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
-
- @SuppressWarnings("rawtypes")
- public JBossWSClientAuthContext(List<ClientAuthModule> modules,
- Map<String, Map> moduleNameToOptions, CallbackHandler cbh)
- throws AuthException {
- this.modules = modules;
- this.moduleOptionsByName = moduleNameToOptions;
- for (ClientAuthModule cam : modules) {
- cam.initialize(null, null, cbh,
- moduleOptionsByName.get(cam.getClass().getName()));
- }
- }
-
- @Override
- public void cleanSubject(MessageInfo messageInfo, Subject subject)
- throws AuthException {
- for (ClientAuthModule cam : modules) {
- cam.cleanSubject(messageInfo, subject);
- }
-
- }
-
- public void setControlFlags(List<ControlFlag> controlFlags) {
- this.controlFlags = controlFlags;
- }
-
- @Override
- public AuthStatus secureRequest(MessageInfo messageInfo,
- Subject clientSubject) throws AuthException {
- AuthStatus status = null;
- for (ClientAuthModule sam : modules) {
- status = sam.secureRequest(messageInfo, clientSubject);
- if (status == AuthStatus.FAILURE) {
- break;
- }
- }
- return status;
- }
-
- @Override
- public AuthStatus validateResponse(MessageInfo messageInfo,
- Subject clientSubject, Subject serviceSubject) throws AuthException {
- AuthStatus status = null;
- for (ClientAuthModule sam : modules) {
- status = sam.secureRequest(messageInfo, clientSubject);
- if (status == AuthStatus.FAILURE) {
- break;
- }
- }
- return status;
- }
-
-}
\ No newline at end of file
Modified:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/SOAPClientAuthModule.java
===================================================================
---
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/SOAPClientAuthModule.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/SOAPClientAuthModule.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -90,33 +90,6 @@
{
SOAPMessage soapMessage = (SOAPMessage)messageInfo.getRequestMessage();
- SoapVersion soapVersion = null;
- try
- {
- String ns = soapMessage.getSOAPBody().getNamespaceURI();
- soapVersion = SoapVersionFactory.getInstance().getSoapVersion(ns);
- }
- catch (SOAPException e)
- {
- throw new AuthException(e.getMessage());
- }
- if (soapVersion == null)
- {
- throw new AuthException("Invalid soap message");
- }
-
- Exchange exchange = new ExchangeImpl();
- MessageImpl messageImpl = new MessageImpl();
- messageImpl.setExchange(exchange);
- SoapMessage cxfSoapMessage = new SoapMessage(messageImpl);
- cxfSoapMessage.setVersion(soapVersion);
- cxfSoapMessage.setContent(SOAPMessage.class, soapMessage);
-
- WSSConfig wssConfig = WSSConfig.getNewInstance();
- cxfSoapMessage.put(WSSConfig.class.getName(), wssConfig);
-
- WSS4JOutInterceptor wss4jOutInterceptor = new WSS4JOutInterceptor(options);
- wss4jOutInterceptor.createEndingInterceptor().handleMessage(cxfSoapMessage);
return AuthStatus.SUCCESS;
}
Deleted:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/WSS4JOutInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/WSS4JOutInterceptor.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/module/WSS4JOutInterceptor.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -1,360 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2013, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.wsf.stack.cxf.client.jaspi.module;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import javax.xml.soap.SOAPMessage;
-
-import org.apache.cxf.binding.soap.SoapFault;
-import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.binding.soap.SoapVersion;
-import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
-import org.apache.cxf.common.i18n.Message;
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.phase.Phase;
-import org.apache.cxf.phase.PhaseInterceptor;
-import org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor;
-
-import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSSConfig;
-import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.action.Action;
-import org.apache.ws.security.handler.RequestData;
-import org.apache.ws.security.handler.WSHandlerConstants;
-import org.apache.ws.security.util.WSSecurityUtil;
-import org.w3c.dom.Document;
-/**
- * This is a copy of WSS4JOutInterceptor and public WSS4JOutInterceptorInternal
- * We need to refactor the WSS4JOutInterceptor and directly use it
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
- *
- */
-public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor {
-
- /**
- * Property name for a map of action IDs ({@link Integer}) to action
- * class names. Values can be either {@link Class}) or Objects
-- * implementing {@link Action}.
- */
- public static final String WSS4J_ACTION_MAP = "wss4j.action.map";
-
- private static final Logger LOG = LogUtils
- .getL7dLogger(WSS4JOutInterceptor.class);
-
- private static final Logger TIME_LOG = LogUtils
- .getL7dLogger(WSS4JOutInterceptor.class,
- null,
- WSS4JOutInterceptor.class.getName() + "-Time");
-
- private WSS4JOutInterceptorInternal ending;
- private SAAJOutInterceptor saajOut = new SAAJOutInterceptor();
- private boolean mtomEnabled;
-
-
-
- public WSS4JOutInterceptor() {
- super();
- setPhase(Phase.PRE_PROTOCOL);
- getAfter().add(SAAJOutInterceptor.class.getName());
-
- ending = createEndingInterceptor();
- }
-
- public WSS4JOutInterceptor(Map<String, Object> props) {
- this();
- setProperties(props);
- }
-
- public boolean isAllowMTOM() {
- return mtomEnabled;
- }
- /**
- * Enable or disable mtom with WS-Security. By default MTOM is disabled as
- * attachments would not get encrypted or be part of the signature.
- * @param mtomEnabled
- */
- public void setAllowMTOM(boolean allowMTOM) {
- this.mtomEnabled = allowMTOM;
- }
-
-
- @Override
- public Object getProperty(Object msgContext, String key) {
- // use the superclass first
- Object result = super.getProperty(msgContext, key);
-
- // handle the special case of the RECV_RESULTS
- if (result == null
- && WSHandlerConstants.RECV_RESULTS.equals(key)
- && !this.isRequestor((SoapMessage)msgContext)) {
- result = ((SoapMessage)msgContext).getExchange().getInMessage().get(key);
- }
- return result;
- }
-
- public void handleMessage(SoapMessage mc) throws Fault {
- //must turn off mtom when using WS-Sec so binary is inlined so it can
- //be properly signed/encrypted/etc...
- if (!mtomEnabled) {
- mc.put(org.apache.cxf.message.Message.MTOM_ENABLED, false);
- }
-
- if (mc.getContent(SOAPMessage.class) == null) {
- saajOut.handleMessage(mc);
- }
-
- mc.getInterceptorChain().add(ending);
- }
- public void handleFault(SoapMessage message) {
- saajOut.handleFault(message);
- }
-
- public final WSS4JOutInterceptorInternal createEndingInterceptor() {
- return new WSS4JOutInterceptorInternal();
- }
-
- public class WSS4JOutInterceptorInternal
- implements PhaseInterceptor<SoapMessage> {
- public WSS4JOutInterceptorInternal() {
- super();
- }
-
- public void handleMessage(SoapMessage mc) throws Fault {
-
- boolean doDebug = LOG.isLoggable(Level.FINE);
- boolean doTimeDebug = TIME_LOG.isLoggable(Level.FINE);
-
- long t0 = 0;
- long t1 = 0;
- long t2 = 0;
-
- if (doTimeDebug) {
- t0 = System.currentTimeMillis();
- }
-
- if (doDebug) {
- LOG.fine("WSS4JOutInterceptor: enter handleMessage()");
- }
- /**
- * There is nothing to send...Usually happens when the provider
- * needs to send a HTTP 202 message (with no content)
- */
- if (mc == null) {
- return;
- }
- SoapVersion version = mc.getVersion();
- RequestData reqData = new RequestData();
- translateProperties(mc);
-
- reqData.setMsgContext(mc);
-
- /*
- * The overall try, just to have a finally at the end to perform some
- * housekeeping.
- */
- try {
- WSSConfig config = WSSConfig.getNewInstance();
- reqData.setWssConfig(config);
-
- /*
- * Setup any custom actions first by processing the input properties
- * and reconfiguring the WSSConfig with the user defined properties.
- */
- this.configureActions(mc, doDebug, version, config);
-
- /*
- * Get the action first.
- */
- List<Integer> actions = new ArrayList<Integer>();
- String action = getString(WSHandlerConstants.ACTION, mc);
- if (action == null) {
- throw new SoapFault(new Message("NO_ACTION", LOG), version
- .getReceiver());
- }
-
- int doAction = WSSecurityUtil.decodeAction(action, actions, config);
- if (doAction == WSConstants.NO_SECURITY && actions.isEmpty()) {
- return;
- }
-
- /*
- * For every action we need a username, so get this now. The
- * username defined in the deployment descriptor takes precedence.
- */
- reqData.setUsername((String) getOption(WSHandlerConstants.USER));
- if (reqData.getUsername() == null
- || reqData.getUsername().equals("")) {
- String username = (String) getProperty(reqData.getMsgContext(),
- WSHandlerConstants.USER);
- if (username != null) {
- reqData.setUsername(username);
- }
- }
-
- /*
- * Now we perform some set-up for UsernameToken and Signature
- * functions. No need to do it for encryption only. Check if
- * username is available and then get a passowrd.
- */
- if ((doAction & (WSConstants.SIGN | WSConstants.UT |
WSConstants.UT_SIGN)) != 0
- && (reqData.getUsername() == null
- || reqData.getUsername().equals(""))) {
- /*
- * We need a username - if none throw an SoapFault. For
- * encryption there is a specific parameter to get a username.
- */
- throw new SoapFault(new Message("NO_USERNAME", LOG),
version
- .getReceiver());
- }
- if (doDebug) {
- LOG.fine("Action: " + doAction);
- LOG.fine("Actor: " + reqData.getActor());
- }
- /*
- * Now get the SOAP part from the request message and convert it
- * into a Document. This forces CXF to serialize the SOAP request
- * into FORM_STRING. This string is converted into a document.
- * During the FORM_STRING serialization CXF performs multi-ref of
- * complex data types (if requested), generates and inserts
- * references for attachements and so on. The resulting Document
- * MUST be the complete and final SOAP request as CXF would send it
- * over the wire. Therefore this must shall be the last (or only)
- * handler in a chain. Now we can perform our security operations on
- * this request.
- */
-
- SOAPMessage saaj = mc.getContent(SOAPMessage.class);
-
- if (saaj == null) {
- LOG.warning("SAAJOutHandler must be enabled for
WS-Security!");
- throw new SoapFault(new Message("NO_SAAJ_DOC", LOG),
version
- .getReceiver());
- }
-
- Document doc = saaj.getSOAPPart();
-
- if (doTimeDebug) {
- t1 = System.currentTimeMillis();
- }
-
- doSenderAction(doAction, doc, reqData, actions, Boolean.TRUE
- .equals(getProperty(mc,
org.apache.cxf.message.Message.REQUESTOR_ROLE)));
-
- if (doTimeDebug) {
- t2 = System.currentTimeMillis();
- TIME_LOG.fine("Send request: total= " + (t2 - t0)
- + " request preparation= " + (t1 - t0)
- + " request processing= " + (t2 - t1)
- + "\n");
- }
-
- if (doDebug) {
- LOG.fine("WSS4JOutInterceptor: exit handleMessage()");
- }
- } catch (WSSecurityException e) {
- throw new SoapFault(new Message("SECURITY_FAILED", LOG), e,
version
- .getSender());
- } finally {
- reqData.clear();
- reqData = null;
- }
- }
-
- public Set<String> getAfter() {
- return Collections.emptySet();
- }
-
- public Set<String> getBefore() {
- return Collections.emptySet();
- }
-
- public String getId() {
- return WSS4JOutInterceptorInternal.class.getName();
- }
-
- public String getPhase() {
- return Phase.POST_PROTOCOL;
- }
-
- public void handleFault(SoapMessage message) {
- //nothing
- }
-
- private void configureActions(SoapMessage mc, boolean doDebug,
- SoapVersion version, WSSConfig config) {
-
- final Map<Integer, Object> actionMap = CastUtils.cast(
- (Map<?, ?>)getProperty(mc, WSS4J_ACTION_MAP));
- if (actionMap != null) {
- for (Map.Entry<Integer, Object> entry : actionMap.entrySet()) {
- Class<?> removedAction = null;
-
- // Be defensive here since the cast above is slightly risky
- // with the handler config options not being strongly typed.
- try {
- if (entry.getValue() instanceof Class<?>) {
- removedAction = config.setAction(
- entry.getKey().intValue(),
- (Class<?>)entry.getValue());
- } else if (entry.getValue() instanceof Action) {
- removedAction = config.setAction(
- entry.getKey().intValue(),
- (Action)entry.getValue());
- } else {
- throw new SoapFault(new Message("BAD_ACTION", LOG),
version
- .getReceiver());
- }
- } catch (ClassCastException e) {
- throw new SoapFault(new Message("BAD_ACTION", LOG),
version
- .getReceiver());
- }
-
- if (doDebug) {
- if (removedAction != null) {
- LOG.fine("Replaced Action: " +
removedAction.getName()
- + " with Action: " + entry.getValue()
- + " for ID: " + entry.getKey());
- } else {
- LOG.fine("Added Action: " + entry.getValue()
- + " with ID: " + entry.getKey());
- }
- }
- }
- }
- }
-
- public Collection<PhaseInterceptor<? extends
org.apache.cxf.message.Message>>
- getAdditionalInterceptors() {
- return null;
- }
- }
-}
Added: stack/cxf/branches/jaspi/modules/jaspi/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/modules/jaspi/pom.xml (rev 0)
+++ stack/cxf/branches/jaspi/modules/jaspi/pom.xml 2014-01-03 12:38:10 UTC (rev 18223)
@@ -0,0 +1,92 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <name>JBoss Web Services - Stack CXF JASPI</name>
+ <artifactId>jbossws-cxf-jaspi</artifactId>
+ <packaging>jar</packaging>
+
+ <!-- Parent -->
+ <parent>
+ <groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf</artifactId>
+ <version>4.3.0-SNAPSHOT</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+
+ <!-- Dependencies -->
+ <dependencies>
+
+ <dependency>
+ <groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf-jaspi</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-frontend-jaxws</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.picketbox</groupId>
+ <artifactId>picketbox</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.spec.javax.security.auth.message</groupId>
+ <artifactId>jboss-jaspi-api_1.1_spec</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <profiles>
+ <!--
+ Name: enforce
+ Descr: Enforce artifact dependencies
+ -->
+ <profile>
+ <id>enforce</id>
+ <activation>
+ <property>
+ <name>!skip-enforce</name>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-enforcer-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>ban-bad-dependencies</id>
+ <goals>
+ <goal>enforce</goal>
+ </goals>
+ <configuration>
+ <rules>
+ <bannedDependencies>
+ <searchTransitive>true</searchTransitive>
+ <excludes>
+
<exclude>org.apache.cxf:cxf-rt-bindings-corba</exclude>
+ <exclude>org.apache.cxf:cxf-rt-javascript</exclude>
+ <exclude>org.apache.geronimo.specs</exclude>
+ <exclude>org.codehaus.jra:jra</exclude>
+ <exclude>org.slf4j:slf4j-jdk14</exclude>
+ </excludes>
+ </bannedDependencies>
+ </rules>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+
+</project>
Property changes on: stack/cxf/branches/jaspi/modules/jaspi/pom.xml
___________________________________________________________________
Added: svn:mime-type
+ text/xml
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,68 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+import java.util.Properties;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
+
+/**
+ * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ */
+public class JBossWSAuthConfigProvider implements AuthConfigProvider
+{
+ private Properties contextProperties;
+
+ public JBossWSAuthConfigProvider(Properties props, AuthConfigFactory factory)
+ {
+ contextProperties = props;
+ if (factory != null)
+ {
+ factory.registerConfigProvider(this, "soap", null, "JBossWS
AuthConfigProvider");
+ }
+
+ }
+
+ @Override
+ public ClientAuthConfig getClientAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException, SecurityException
+ {
+ return new JBossWSClientAuthConfig(layer, appContext, handler, contextProperties);
+ }
+
+ @Override
+ public ServerAuthConfig getServerAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException, SecurityException
+ {
+ return new JBossWSServerAuthConfig(layer, appContext, handler, contextProperties);
+ }
+
+ @Override
+ public void refresh()
+ {
+
+ }
+
+}
\ No newline at end of file
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,31 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+/**
+ * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ */
+public class JBossWSAuthConstants
+{
+ public static final String SOAP_LAYER = "soap";
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,186 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+import java.lang.reflect.Constructor;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.security.auth.message.module.ClientAuthModule;
+import javax.xml.namespace.QName;
+import javax.xml.soap.MimeHeaders;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.soap.SOAPPart;
+
+import org.apache.cxf.common.util.StringUtils;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.message.config.JBossClientAuthConfig;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.plugins.ClassLoaderLocator;
+import org.jboss.security.plugins.ClassLoaderLocatorFactory;
+
+/**
+ * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ */
+public class JBossWSClientAuthConfig extends JBossClientAuthConfig
+{
+
+ @SuppressWarnings("rawtypes")
+ private List modules = new ArrayList();
+ private CallbackHandler callbackHandler;
+
+ @SuppressWarnings("rawtypes")
+ public JBossWSClientAuthConfig(String layer, String appContext, CallbackHandler
handler, Map properties)
+ {
+ super(layer, appContext, handler, properties);
+ }
+
+ @SuppressWarnings({ "rawtypes", "unchecked" })
+ public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject,
Map properties) throws AuthException
+ {
+ List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
+
+ Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
+
+ JASPIAuthenticationInfo jai =
(JASPIAuthenticationInfo)properties.get("jaspi-policy");
+ AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
+
+ ClassLoader moduleCL = null;
+ String jbossModule = jai.getJBossModuleName();
+ if (jbossModule != null && !jbossModule.isEmpty())
+ {
+ ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
+ if (locator != null)
+ moduleCL = locator.get(jbossModule);
+ }
+
+ for (AuthModuleEntry ame : amearr)
+ {
+
+ try
+ {
+ mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ClientAuthModule sam = this.createCAM(moduleCL, ame.getAuthModuleName());
+
+ Map options = new HashMap();
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ }
+ catch (Exception e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ }
+
+ JBossWSClientAuthContext clientAuthContext = new JBossWSClientAuthContext(modules,
mapOptionsByName, this.callbackHandler);
+ clientAuthContext.setControlFlags(controlFlags);
+ return clientAuthContext;
+ }
+
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ private ClientAuthModule createCAM(ClassLoader moduleCL, String name) throws
Exception
+ {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[0]);
+ return (ClientAuthModule)ctr.newInstance(new Object[0]);
+ }
+
+ @SuppressWarnings({ "rawtypes" })
+ public List getClientAuthModules()
+ {
+ return modules;
+ }
+
+
+ @SuppressWarnings("rawtypes")
+ public String getAuthContextID(MessageInfo messageInfo)
+ {
+ SOAPMessage request = (SOAPMessage)messageInfo.getRequestMessage();
+ if (request == null)
+ {
+ return null;
+ }
+ String authContext = null;
+ MimeHeaders headers = request.getMimeHeaders();
+ if (headers != null)
+ {
+ String[] soapActions = headers.getHeader("SOAPAction");
+ if (soapActions != null && soapActions.length > 0)
+ {
+ authContext = soapActions[0];
+ if (!StringUtils.isEmpty(authContext))
+ {
+ return authContext;
+ }
+ }
+ }
+
+ SOAPPart soapMessage = request.getSOAPPart();
+ if (soapMessage != null)
+ {
+ try
+ {
+ SOAPEnvelope envelope = soapMessage.getEnvelope();
+ if (envelope != null)
+ {
+ SOAPBody body = envelope.getBody();
+ if (body != null)
+ {
+
+ Iterator it = body.getChildElements();
+ while (it.hasNext())
+ {
+ Object o = it.next();
+ if (o instanceof SOAPElement)
+ {
+ QName name = ((SOAPElement)o).getElementQName();
+ return name.getLocalPart();
+
+ }
+ }
+ }
+ }
+ }
+ catch (SOAPException se)
+ {
+ //ignore;
+ }
+ }
+
+ return null;
+ }
+
+}
\ No newline at end of file
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,100 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.security.auth.message.module.ClientAuthModule;
+
+import org.jboss.security.config.ControlFlag;
+
+/**
+ * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ */
+public class JBossWSClientAuthContext implements ClientAuthContext {
+ private List<ClientAuthModule> modules = new
ArrayList<ClientAuthModule>();
+ @SuppressWarnings("rawtypes")
+ private Map<String, Map> moduleOptionsByName = new HashMap<String,
Map>();
+ protected List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
+
+ @SuppressWarnings("rawtypes")
+ public JBossWSClientAuthContext(List<ClientAuthModule> modules,
+ Map<String, Map> moduleNameToOptions, CallbackHandler cbh)
+ throws AuthException {
+ this.modules = modules;
+ this.moduleOptionsByName = moduleNameToOptions;
+ for (ClientAuthModule cam : modules) {
+ cam.initialize(null, null, cbh,
+ moduleOptionsByName.get(cam.getClass().getName()));
+ }
+ }
+
+ @Override
+ public void cleanSubject(MessageInfo messageInfo, Subject subject)
+ throws AuthException {
+ for (ClientAuthModule cam : modules) {
+ cam.cleanSubject(messageInfo, subject);
+ }
+
+ }
+
+ public void setControlFlags(List<ControlFlag> controlFlags) {
+ this.controlFlags = controlFlags;
+ }
+
+ @Override
+ public AuthStatus secureRequest(MessageInfo messageInfo,
+ Subject clientSubject) throws AuthException {
+ AuthStatus status = null;
+ for (ClientAuthModule sam : modules) {
+ status = sam.secureRequest(messageInfo, clientSubject);
+ if (status == AuthStatus.FAILURE) {
+ break;
+ }
+ }
+ return status;
+ }
+
+ @Override
+ public AuthStatus validateResponse(MessageInfo messageInfo,
+ Subject clientSubject, Subject serviceSubject) throws AuthException {
+ AuthStatus status = null;
+ for (ClientAuthModule sam : modules) {
+ status = sam.secureRequest(messageInfo, clientSubject);
+ if (status == AuthStatus.FAILURE) {
+ break;
+ }
+ }
+ return status;
+ }
+
+}
\ No newline at end of file
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,213 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+import java.lang.reflect.Constructor;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ServerAuthContext;
+import javax.security.auth.message.module.ServerAuthModule;
+import javax.xml.namespace.QName;
+import javax.xml.soap.MimeHeaders;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.soap.SOAPPart;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.common.util.StringUtils;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.message.config.JBossServerAuthConfig;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.plugins.ClassLoaderLocator;
+import org.jboss.security.plugins.ClassLoaderLocatorFactory;
+/**
+ * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ */
+public class JBossWSServerAuthConfig extends JBossServerAuthConfig {
+ private CallbackHandler callbackHandler = new JBossCallbackHandler();
+ @SuppressWarnings("rawtypes")
+ private List modules = new ArrayList();
+
+ @SuppressWarnings("rawtypes")
+ public JBossWSServerAuthConfig(String layer, String appContext,
+ CallbackHandler handler, Map properties) {
+ super(layer, appContext, handler, properties);
+ }
+
+ @SuppressWarnings({ "rawtypes", "unchecked" })
+ public ServerAuthContext getAuthContext(String authContextID, Subject serviceSubject,
Map properties) throws AuthException
+ {
+ List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
+
+ Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
+ JASPIAuthenticationInfo jai =
(JASPIAuthenticationInfo)properties.get("jaspi-policy");
+ AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
+
+ ClassLoader moduleCL = null;
+ String jbossModule = jai.getJBossModuleName();
+ if (jbossModule != null && !jbossModule.isEmpty())
+ {
+ ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
+ if (locator != null)
+ moduleCL = locator.get(jbossModule);
+ }
+
+ for (AuthModuleEntry ame : amearr)
+ {
+ if (ame.getLoginModuleStackHolderName() != null)
+ {
+ try
+ {
+ mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName(),
ame.getLoginModuleStackHolderName());
+
+ Map options = new HashMap();
+ Bus bus = (Bus)properties.get(Bus.class);
+ options.put(Bus.class, bus);
+ javax.xml.ws.Endpoint endpoint =
(javax.xml.ws.Endpoint)properties.get(javax.xml.ws.Endpoint.class);
+ options.put(javax.xml.ws.Endpoint.class, endpoint);
+
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ }
+ catch (Exception e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ }
+ else
+ {
+ try
+ {
+ mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName());
+
+ Map options = new HashMap();
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ }
+ catch (Exception e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ }
+ }
+
+ JBossWSServerAuthContext serverAuthContext = new JBossWSServerAuthContext(modules,
mapOptionsByName, this.callbackHandler);
+ serverAuthContext.setControlFlags(controlFlags);
+ return serverAuthContext;
+ }
+
+ @SuppressWarnings("rawtypes")
+ public String getAuthContextID(MessageInfo messageInfo)
+ {
+ SOAPMessage request = (SOAPMessage)messageInfo.getRequestMessage();
+ if (request == null)
+ {
+ return null;
+ }
+ String authContext = null;
+ MimeHeaders headers = request.getMimeHeaders();
+ if (headers != null)
+ {
+ String[] soapActions = headers.getHeader("SOAPAction");
+ if (soapActions != null && soapActions.length > 0)
+ {
+ authContext = soapActions[0];
+ if (!StringUtils.isEmpty(authContext))
+ {
+ return authContext;
+ }
+ }
+ }
+
+ SOAPPart soapMessage = request.getSOAPPart();
+ if (soapMessage != null)
+ {
+ try
+ {
+ SOAPEnvelope envelope = soapMessage.getEnvelope();
+ if (envelope != null)
+ {
+ SOAPBody body = envelope.getBody();
+ if (body != null)
+ {
+
+ Iterator it = body.getChildElements();
+ while (it.hasNext())
+ {
+ Object o = it.next();
+ if (o instanceof SOAPElement)
+ {
+ QName name = ((SOAPElement)o).getElementQName();
+ return name.getLocalPart();
+
+ }
+ }
+ }
+ }
+ }
+ catch (SOAPException se)
+ {
+ //ignore;
+ }
+ }
+
+ return null;
+ }
+
+ public boolean isProtected() {
+ throw new UnsupportedOperationException();
+ }
+
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name)
+ throws Exception {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[0]);
+ return (ServerAuthModule) ctr.newInstance(new Object[0]);
+ }
+
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name,
+ String lmshName) throws Exception {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[] { String.class });
+ return (ServerAuthModule) ctr.newInstance(new Object[] { lmshName });
+ }
+
+}
\ No newline at end of file
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+/**
+ * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ */
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.module.ServerAuthModule;
+
+import org.jboss.security.auth.message.config.JBossServerAuthContext;
+@SuppressWarnings({"rawtypes" })
+public class JBossWSServerAuthContext extends JBossServerAuthContext {
+
+ public JBossWSServerAuthContext(List<ServerAuthModule> modules,
+ Map<String, Map> moduleNameToOptions, CallbackHandler cbh)
+ throws AuthException {
+ super(modules, moduleNameToOptions, cbh);
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,106 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+/**
+ * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ */
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
+ {
+
+ public SecurityContext run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ });
+ }
+
+ static Class<?> loadClass(final ClassLoader cl, final String name) throws
PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ if (cl == null)
+ {
+ return loadClass(name);
+ }
+ try
+ {
+ return cl.loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ return loadClass(name);
+ }
+ }
+ });
+ }
+
+ static Class<?> loadClass(final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ try
+ {
+ return getClass().getClassLoader().loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ try
+ {
+ return getContextClassLoader().loadClass(name);
+ }
+ catch (Exception e)
+ {
+ throw new PrivilegedActionException(e);
+ }
+ }
+ }
+ });
+ }
+}
\ No newline at end of file
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Modified: stack/cxf/branches/jaspi/modules/server/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/modules/server/pom.xml 2014-01-02 14:47:49 UTC (rev 18222)
+++ stack/cxf/branches/jaspi/modules/server/pom.xml 2014-01-03 12:38:10 UTC (rev 18223)
@@ -20,6 +20,11 @@
<groupId>org.jboss.ws.cxf</groupId>
<artifactId>jbossws-cxf-client</artifactId>
<version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf-jaspi</artifactId>
+ <version>${project.version}</version>
</dependency>
<dependency>
Deleted:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -1,116 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2013, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.wsf.stack.cxf.jaspi.config;
-
-import java.lang.reflect.Constructor;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.config.ClientAuthContext;
-import javax.security.auth.message.module.ClientAuthModule;
-
-import org.jboss.security.auth.container.config.AuthModuleEntry;
-import org.jboss.security.auth.login.JASPIAuthenticationInfo;
-import org.jboss.security.auth.message.config.JBossClientAuthConfig;
-import org.jboss.security.config.ControlFlag;
-import org.jboss.security.plugins.ClassLoaderLocator;
-import org.jboss.security.plugins.ClassLoaderLocatorFactory;
-
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
- */
-public class JBossWSClientAuthConfig extends JBossClientAuthConfig
-{
-
- @SuppressWarnings("rawtypes")
- private List modules = new ArrayList();
- private CallbackHandler callbackHandler;
-
- @SuppressWarnings("rawtypes")
- public JBossWSClientAuthConfig(String layer, String appContext, CallbackHandler
handler, Map properties)
- {
- super(layer, appContext, handler, properties);
- }
-
- @SuppressWarnings({ "rawtypes", "unchecked" })
- public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject,
Map properties) throws AuthException
- {
- List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
-
- Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
-
- JASPIAuthenticationInfo jai =
(JASPIAuthenticationInfo)properties.get("jaspi-policy");
- AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
-
- ClassLoader moduleCL = null;
- String jbossModule = jai.getJBossModuleName();
- if (jbossModule != null && !jbossModule.isEmpty())
- {
- ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
- if (locator != null)
- moduleCL = locator.get(jbossModule);
- }
-
- for (AuthModuleEntry ame : amearr)
- {
-
- try
- {
- mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
- controlFlags.add(ame.getControlFlag());
- ClientAuthModule sam = this.createCAM(moduleCL, ame.getAuthModuleName());
-
- Map options = new HashMap();
- sam.initialize(null, null, callbackHandler, options);
- modules.add(sam);
- }
- catch (Exception e)
- {
- throw new AuthException(e.getLocalizedMessage());
- }
- }
-
- JBossWSClientAuthContext clientAuthContext = new JBossWSClientAuthContext(modules,
mapOptionsByName, this.callbackHandler);
- clientAuthContext.setControlFlags(controlFlags);
- return clientAuthContext;
- }
-
- @SuppressWarnings({ "unchecked", "rawtypes" })
- private ClientAuthModule createCAM(ClassLoader moduleCL, String name) throws
Exception
- {
- Class clazz = SecurityActions.loadClass(moduleCL, name);
- Constructor ctr = clazz.getConstructor(new Class[0]);
- return (ClientAuthModule)ctr.newInstance(new Object[0]);
- }
-
- @SuppressWarnings({ "rawtypes" })
- public List getClientAuthModules()
- {
- return modules;
- }
-
-}
\ No newline at end of file
Deleted:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -1,100 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2013, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.wsf.stack.cxf.jaspi.config;
-
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.ClientAuthContext;
-import javax.security.auth.message.module.ClientAuthModule;
-
-import org.jboss.security.config.ControlFlag;
-
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
- */
-public class JBossWSClientAuthContext implements ClientAuthContext {
- private List<ClientAuthModule> modules = new
ArrayList<ClientAuthModule>();
- @SuppressWarnings("rawtypes")
- private Map<String, Map> moduleOptionsByName = new HashMap<String,
Map>();
- protected List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
-
- @SuppressWarnings("rawtypes")
- public JBossWSClientAuthContext(List<ClientAuthModule> modules,
- Map<String, Map> moduleNameToOptions, CallbackHandler cbh)
- throws AuthException {
- this.modules = modules;
- this.moduleOptionsByName = moduleNameToOptions;
- for (ClientAuthModule cam : modules) {
- cam.initialize(null, null, cbh,
- moduleOptionsByName.get(cam.getClass().getName()));
- }
- }
-
- @Override
- public void cleanSubject(MessageInfo messageInfo, Subject subject)
- throws AuthException {
- for (ClientAuthModule cam : modules) {
- cam.cleanSubject(messageInfo, subject);
- }
-
- }
-
- public void setControlFlags(List<ControlFlag> controlFlags) {
- this.controlFlags = controlFlags;
- }
-
- @Override
- public AuthStatus secureRequest(MessageInfo messageInfo,
- Subject clientSubject) throws AuthException {
- AuthStatus status = null;
- for (ClientAuthModule sam : modules) {
- status = sam.secureRequest(messageInfo, clientSubject);
- if (status == AuthStatus.FAILURE) {
- break;
- }
- }
- return status;
- }
-
- @Override
- public AuthStatus validateResponse(MessageInfo messageInfo,
- Subject clientSubject, Subject serviceSubject) throws AuthException {
- AuthStatus status = null;
- for (ClientAuthModule sam : modules) {
- status = sam.secureRequest(messageInfo, clientSubject);
- if (status == AuthStatus.FAILURE) {
- break;
- }
- }
- return status;
- }
-
-}
\ No newline at end of file
Modified:
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java 2014-01-02
14:47:49 UTC (rev 18222)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java 2014-01-03
12:38:10 UTC (rev 18223)
@@ -25,6 +25,7 @@
import java.util.HashMap;
import java.util.Map;
+import javax.security.auth.login.Configuration;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
@@ -33,6 +34,7 @@
import junit.framework.Test;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
import org.jboss.wsf.test.JBossWSCXFTestSetup;
import org.jboss.wsf.test.JBossWSTest;
import org.jboss.wsf.test.JBossWSTestHelper;
@@ -75,7 +77,7 @@
};
return testSetup;
}
-
+
public void testAuthenticated() throws Exception
{
QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy",
"SecurityService");
@@ -103,6 +105,23 @@
//OK
}
}
+ public void testClientAuthModule() throws Exception
+ {
+ //load client side jaspi config
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+ Configuration.setConfiguration(xli);
+ URL configURL = Thread.currentThread().getContextClassLoader()
+
.getResource("org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/jaspi-config-client.xml");
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+
+ QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy",
"SecurityService");
+ URL wsdlURL = new URL(serviceURL + "?wsdl");
+ Service service = Service.create(wsdlURL, serviceName);
+ ServiceIface proxy = (ServiceIface)service.getPort(ServiceIface.class);
+ setupWsse(proxy, "kermit");
+ assertEquals("Secure Hello World!", proxy.sayHello());
+ }
private void setupWsse(ServiceIface proxy, String username)
{
Added:
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/jaspi-config-client.xml
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/jaspi-config-client.xml
(rev 0)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/jaspi-config-client.xml 2014-01-03
12:38:10 UTC (rev 18223)
@@ -0,0 +1,12 @@
+<?xml version='1.0'?>
+
+<policy
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0">
+ <application-policy name="jaspi-client">
+ <authentication-jaspi>
+ <auth-module
code="org.jboss.wsf.stack.cxf.client.jaspi.module.SOAPClientAuthModule">
+ </auth-module>
+ </authentication-jaspi>
+ </application-policy>
+</policy>
Property changes on:
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/jaspi-config-client.xml
___________________________________________________________________
Added: svn:mime-type
+ text/xml
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Modified: stack/cxf/branches/jaspi/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/pom.xml 2014-01-02 14:47:49 UTC (rev 18222)
+++ stack/cxf/branches/jaspi/pom.xml 2014-01-03 12:38:10 UTC (rev 18223)
@@ -50,6 +50,7 @@
<!-- Modules -->
<modules>
+ <module>modules/jaspi</module>
<module>modules/server</module>
<module>modules/client</module>
<module>modules/endorsed</module>