January 2009 - jbossws-commits - Jboss List Archives

JBossWS SVN: r8978 - in stack/cxf/trunk: modules/management and 5 other directories.

by jbossws-commits＠lists.jboss.org

Author: richard.opalka(a)jboss.com Date: 2009-01-07 09:01:44 -0500 (Wed, 07 Jan 2009) New Revision: 8978 Modified: stack/cxf/trunk/modules/management/pom.xml stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml stack/cxf/trunk/modules/server/pom.xml stack/cxf/trunk/modules/testsuite/pom.xml stack/cxf/trunk/modules/testsuite/test-excludes-jboss422.txt stack/cxf/trunk/modules/testsuite/test-excludes-jboss423.txt stack/cxf/trunk/modules/testsuite/test-excludes-jboss424.txt stack/cxf/trunk/modules/testsuite/test-excludes-jboss500.txt stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt stack/cxf/trunk/pom.xml stack/cxf/trunk/src/main/distro/build-deploy.xml stack/cxf/trunk/src/main/scripts/assembly-deploy-artifacts.xml Log: [JBWS-1683] enabling jaxr samples Modified: stack/cxf/trunk/modules/management/pom.xml =================================================================== --- stack/cxf/trunk/modules/management/pom.xml 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/management/pom.xml 2009-01-07 14:01:44 UTC (rev 8978) @@ -64,7 +64,7 @@ </dependency>  <dependency> - <groupId>jboss.jaxr</groupId> + <groupId>org.jboss.jaxr</groupId> <artifactId>juddi-service</artifactId> <scope>runtime</scope> <type>sar</type> Modified: stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml =================================================================== --- stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml 2009-01-07 14:01:44 UTC (rev 8978) @@ -274,6 +274,29 @@ </macrodef>  +  +  + + <macrodef name="macro-deploy-juddi-sar"> + <attribute name="thirdpartydir"/> + <attribute name="targetdir"/> + <sequential> + <mkdir dir="@{targetdir}"/> + <unzip dest="@{targetdir}"> + <fileset dir="@{thirdpartydir}"> + <include name="**/juddi-service.sar"/> + </fileset> + </unzip> + <copy todir="@{targetdir}" flatten="true" overwrite="true"> + <fileset dir="@{thirdpartydir}"> + <include name="**/juddi.jar"/> + <include name="**/scout.jar"/> + </fileset> + </copy> + </sequential> + </macrodef> + +    @@ -435,6 +458,7 @@ <macro-deploy-jbossws-lib42 targetdir="${installserver}/../../lib" thirdpartydir="${thirdpartydir}"/> <macro-deploy-jbossws-server-lib42 targetdir="${installserver}/lib" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/> <macro-deploy-jbossws-cxf42-sar targetdir="${installserver}/deploy/jbossws.sar" artifactsdir="${artifactsdir}" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/> + <macro-deploy-juddi-sar targetdir="${installserver}/deploy/juddi-service.sar" thirdpartydir="${thirdpartydir}"/> </target> <target name="deploy-jbossws-cxf50" depends="check-parameters,deploy-jbossws-endorsed"> @@ -444,6 +468,7 @@ <macro-deploy-jbossws-server-lib50 targetdir="${installserver}/../../common/lib" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/>  <macro-deploy-jbossws-cxf50-sar targetdir="${installserver}/deploy/jbossws.sar" artifactsdir="${artifactsdir}" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/> <macro-deploy-jbossws-deployers50 targetdir="${installserver}/deployers/jbossws.deployer/" artifactsdir="${artifactsdir}" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/> + <macro-deploy-juddi-sar targetdir="${installserver}/deploy/juddi-service.sar" thirdpartydir="${thirdpartydir}"/> </target> <target name="deploy-jbossws-cxf51" depends="check-parameters,deploy-jbossws-endorsed"> @@ -453,6 +478,7 @@ <macro-deploy-jbossws-server-lib51 targetdir="${installserver}/../../common/lib" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/>  <macro-deploy-jbossws-cxf51-sar targetdir="${installserver}/deploy/jbossws.sar" artifactsdir="${artifactsdir}" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/> <macro-deploy-jbossws-deployers51 targetdir="${installserver}/deployers/jbossws.deployer/" artifactsdir="${artifactsdir}" thirdpartydir="${thirdpartydir}" jbossid="${jbossid}"/> + <macro-deploy-juddi-sar targetdir="${installserver}/deploy/juddi-service.sar" thirdpartydir="${thirdpartydir}"/> </target> <target name="deploy-jbossws-endorsed" if="HAVE_JDK_1.6"> @@ -499,6 +525,9 @@  <delete dir="@{targetdir}"/> +  + <delete dir="@{targetdir}/../juddi-service.sar"/> + </sequential> </macrodef> @@ -535,6 +564,9 @@  <delete dir="@{targetdir}"/> +  + <delete dir="@{targetdir}/../juddi-service.sar"/> + </sequential> </macrodef> @@ -571,6 +603,9 @@  <delete dir="@{targetdir}"/> +  + <delete dir="@{targetdir}/../juddi-service.sar"/> + </sequential> </macrodef> Modified: stack/cxf/trunk/modules/server/pom.xml =================================================================== --- stack/cxf/trunk/modules/server/pom.xml 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/server/pom.xml 2009-01-07 14:01:44 UTC (rev 8978) @@ -130,7 +130,7 @@ <artifactId>jaxb-api</artifactId> </dependency> <dependency> - <groupId>jboss.jaxr</groupId> + <groupId>org.jboss.jaxr</groupId> <artifactId>juddi-service</artifactId> <type>sar</type> </dependency> Modified: stack/cxf/trunk/modules/testsuite/pom.xml =================================================================== --- stack/cxf/trunk/modules/testsuite/pom.xml 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/testsuite/pom.xml 2009-01-07 14:01:44 UTC (rev 8978) @@ -62,6 +62,34 @@ <version>3.8.1</version> <scope>test</scope> </dependency> +  + <dependency> + <groupId>apache-scout</groupId> + <artifactId>scout</artifactId> + <version>${apache.scout.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>juddi</groupId> + <artifactId>juddi</artifactId> + <version>${juddi.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.jboss.jaxr</groupId> + <artifactId>juddi-saaj</artifactId> + <version>${jboss.jaxr.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + <version>1.2.14</version> + </dependency> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </dependency> </dependencies>  Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss422.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss422.txt 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss422.txt 2009-01-07 14:01:44 UTC (rev 8978) @@ -65,9 +65,6 @@ # [CXF-1624] XmlSchemaException: Schema name conflict in collection org/jboss/test/ws/jaxws/samples/logicalhandler/LogicalHandlerJAXBTestCase.* -# [JBWS-1683] Fix JAXR samples for CXF -org/jboss/test/ws/jaxws/samples/jaxr/** - # [JBWS-1774] Provide tools implementation for CXF org/jboss/test/ws/jaxws/complex/** org/jboss/test/ws/jaxws/holder/** Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss423.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss423.txt 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss423.txt 2009-01-07 14:01:44 UTC (rev 8978) @@ -65,9 +65,6 @@ # [CXF-1624] XmlSchemaException: Schema name conflict in collection org/jboss/test/ws/jaxws/samples/logicalhandler/LogicalHandlerJAXBTestCase.* -# [JBWS-1683] Fix JAXR samples for CXF -org/jboss/test/ws/jaxws/samples/jaxr/** - # [JBWS-1774] Provide tools implementation for CXF org/jboss/test/ws/jaxws/complex/** org/jboss/test/ws/jaxws/holder/** Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss424.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss424.txt 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss424.txt 2009-01-07 14:01:44 UTC (rev 8978) @@ -65,9 +65,6 @@ # [CXF-1624] XmlSchemaException: Schema name conflict in collection org/jboss/test/ws/jaxws/samples/logicalhandler/LogicalHandlerJAXBTestCase.* -# [JBWS-1683] Fix JAXR samples for CXF -org/jboss/test/ws/jaxws/samples/jaxr/** - # [JBWS-1774] Provide tools implementation for CXF org/jboss/test/ws/jaxws/complex/** org/jboss/test/ws/jaxws/holder/** Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss500.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss500.txt 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss500.txt 2009-01-07 14:01:44 UTC (rev 8978) @@ -72,9 +72,6 @@ # [JBWS-1178] Multiple virtual host and soap:address problem org/jboss/test/ws/jaxws/jbws1178/** -# [JBWS-1683] Fix JAXR samples for CXF -org/jboss/test/ws/jaxws/samples/jaxr/** - # [JBWS-1774] Provide tools implementation for CXF org/jboss/test/ws/jaxws/complex/** org/jboss/test/ws/jaxws/holder/** Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt 2009-01-07 14:01:44 UTC (rev 8978) @@ -72,9 +72,6 @@ # [JBWS-1178] Multiple virtual host and soap:address problem org/jboss/test/ws/jaxws/jbws1178/** -# [JBWS-1683] Fix JAXR samples for CXF -org/jboss/test/ws/jaxws/samples/jaxr/** - # [JBWS-1774] Provide tools implementation for CXF org/jboss/test/ws/jaxws/complex/** org/jboss/test/ws/jaxws/holder/** Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt 2009-01-07 14:01:44 UTC (rev 8978) @@ -72,9 +72,6 @@ # [JBWS-1178] Multiple virtual host and soap:address problem org/jboss/test/ws/jaxws/jbws1178/** -# [JBWS-1683] Fix JAXR samples for CXF -org/jboss/test/ws/jaxws/samples/jaxr/** - # [JBWS-1774] Provide tools implementation for CXF org/jboss/test/ws/jaxws/complex/** org/jboss/test/ws/jaxws/holder/** Modified: stack/cxf/trunk/pom.xml =================================================================== --- stack/cxf/trunk/pom.xml 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/pom.xml 2009-01-07 14:01:44 UTC (rev 8978) @@ -64,7 +64,10 @@ <jaxb.impl.version>2.1.6</jaxb.impl.version> <jaxrpc.api.version>1.1</jaxrpc.api.version> <jaxws.api.version>2.1-1</jaxws.api.version> - <juddi.service.version>1.2.0.GA</juddi.service.version> + <juddi.version>0.9RC4</juddi.version> + <jboss.jaxr.version>1.2.1.GA</jboss.jaxr.version> + <apache.scout.version>0.7rc2</apache.scout.version> + <commons.logging.version>1.1.1</commons.logging.version> <log4j.version>1.2.14</log4j.version> <saaj.api.version>1.3</saaj.api.version> <xmlsec.version>1.3.0</xmlsec.version> @@ -315,11 +318,26 @@ <version>${jaxb.impl.version}</version> </dependency> <dependency> - <groupId>jboss.jaxr</groupId> + <groupId>org.jboss.jaxr</groupId> <artifactId>juddi-service</artifactId> - <version>${juddi.service.version}</version> + <version>${jboss.jaxr.version}</version> <type>sar</type> </dependency> + <dependency> + <groupId>apache-scout</groupId> + <artifactId>scout</artifactId> + <version>${apache.scout.version}</version> + </dependency> + <dependency> + <groupId>juddi</groupId> + <artifactId>juddi</artifactId> + <version>${juddi.version}</version> + </dependency> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <version>${commons.logging.version}</version> + </dependency> </dependencies> </dependencyManagement> Modified: stack/cxf/trunk/src/main/distro/build-deploy.xml =================================================================== --- stack/cxf/trunk/src/main/distro/build-deploy.xml 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/src/main/distro/build-deploy.xml 2009-01-07 14:01:44 UTC (rev 8978) @@ -195,7 +195,7 @@ <macrodef name="macro-create-deploy-conf"> <attribute name="deploystructure"/> <sequential> - <fileset id="jbossws.deploy.fileset" dir="@{deploystructure}" excludes="**/jbossws.sar/**"/> + <fileset id="jbossws.deploy.fileset" dir="@{deploystructure}" excludes="**/jbossws.sar/**,**/juddi-service.sar/**"/> <property name="jbossws.deploy.fileset" refid="jbossws.deploy.fileset"/> <property name="jbossws.sar.dir" value="@{deploystructure}/server/${jboss.server.instance}/deploy/jbossws.sar"/> <echo file="${jbossws.sar.dir}/jbossws-deploy.conf" message="${jbossws.deploy.fileset}"/> Modified: stack/cxf/trunk/src/main/scripts/assembly-deploy-artifacts.xml =================================================================== --- stack/cxf/trunk/src/main/scripts/assembly-deploy-artifacts.xml 2009-01-07 11:25:21 UTC (rev 8977) +++ stack/cxf/trunk/src/main/scripts/assembly-deploy-artifacts.xml 2009-01-07 14:01:44 UTC (rev 8978) @@ -79,7 +79,9 @@ <include>org.jboss.ws:jbossws-jboss422:jar</include> <include>org.jboss.ws:jbossws-jboss423:jar</include> <include>org.jboss.ws:jbossws-jboss500:jar</include> - <include>jboss.jaxr:juddi-service:sar</include> + <include>org.jboss.jaxr:juddi-service:sar</include> + <include>apache-scout:scout:jar</include> + <include>juddi:juddi:jar</include> </includes> </dependencySet> <dependencySet>

15 years, 3 months

1
0
0 / 0

JBossWS SVN: r8977 - in stack/native/branches/jbossws-native-2.0.1.SP2_CP: src/main/java/org/jboss/ws/core/server and 2 other directories.

by jbossws-commits＠lists.jboss.org

Author: mageshbk(a)jboss.com Date: 2009-01-07 06:25:21 -0500 (Wed, 07 Jan 2009) New Revision: 8977 Added: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/server/WSDLRequestHandler.java Log: [JBPAPP-1548] JBossWS - WSDL access url with resource suffix allows any arbitrary xml file to be viewed Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml =================================================================== --- stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml 2009-01-07 09:06:02 UTC (rev 8976) +++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml 2009-01-07 11:25:21 UTC (rev 8977) @@ -568,8 +568,16 @@ <webinf dir="${tests.output.dir}/resources/jaxws/jbws2319/WEB-INF"> <include name="jboss-web.xml"/> </webinf> - </war> + </war> +  + <jar destfile="${tests.output.dir}/libs/jaxws-jbws2437.jar"> + <fileset dir="${tests.output.dir}/classes"> + <include name="org/jboss/test/ws/jaxws/jbws2437/*.class"/> + <exclude name="org/jboss/test/ws/jaxws/jbws2437/*TestCase.class"/> + </fileset> + </jar> +  <war warfile="${tests.output.dir}/libs/jaxws-namespace.war" webxml="${tests.output.dir}/resources/jaxws/namespace/WEB-INF/web.xml"> <classes dir="${tests.output.dir}/classes"> Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/server/WSDLRequestHandler.java =================================================================== --- stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/server/WSDLRequestHandler.java 2009-01-07 09:06:02 UTC (rev 8976) +++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/server/WSDLRequestHandler.java 2009-01-07 11:25:21 UTC (rev 8977) @@ -30,8 +30,11 @@ import org.jboss.logging.Logger; import org.jboss.ws.metadata.umdm.EndpointMetaData; +import org.jboss.wsf.common.DOMUtils; +import org.jboss.wsf.spi.SPIProvider; +import org.jboss.wsf.spi.SPIProviderResolver; import org.jboss.wsf.spi.management.ServerConfig; -import org.jboss.wsf.common.DOMUtils; +import org.jboss.wsf.spi.management.ServerConfigFactory; import org.w3c.dom.Attr; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -88,11 +91,31 @@ // get some imported resource else { - String impResourcePath = new File(wsdlLocation.getPath()).getParent() + File.separatorChar + resPath; + File wsdlLocFile = new File(wsdlLocation.getPath()); + String impResourcePath = wsdlLocFile.getParent() + File.separatorChar + resPath; File impResourceFile = new File(impResourcePath); + String wsdlPublishLoc = epMetaData.getServiceMetaData().getWsdlPublishLocation(); - Element wsdlElement = DOMUtils.parse(impResourceFile.toURL().openStream()); - wsdlDoc = wsdlElement.getOwnerDocument(); + log.debug("Importing resource file: " + impResourceFile.getCanonicalPath()); + + String wsdlLocFilePath = wsdlLocFile.getParentFile().getCanonicalPath(); + SPIProvider spiProvider = SPIProviderResolver.getInstance().getProvider(); + ServerConfig serverConfig = spiProvider.getSPI(ServerConfigFactory.class).getServerConfig(); + String wsdlDataLoc = serverConfig.getServerDataDir().getCanonicalPath() + File.separatorChar + "wsdl"; + + //allow wsdl file's parent or server's data/wsdl or overriden wsdl publish directories only + if (impResourceFile.getCanonicalPath().indexOf(wsdlLocFilePath) >= 0 + || impResourceFile.getCanonicalPath().indexOf(wsdlDataLoc) >= 0 + || (wsdlPublishLoc != null + && impResourceFile.getCanonicalPath().indexOf(new File(new URL(wsdlPublishLoc).getPath()).getCanonicalPath()) >= 0)) + { + Element wsdlElement = DOMUtils.parse(impResourceFile.toURL().openStream()); + wsdlDoc = wsdlElement.getOwnerDocument(); + } + else + { + throw new IOException("Access to this resource is not allowed"); + } } modifyAddressReferences(reqURL, wsdlHost, resPath, wsdlDoc.getDocumentElement()); Added: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java =================================================================== --- stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java (rev 0) +++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java 2009-01-07 11:25:21 UTC (rev 8977) @@ -0,0 +1,31 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.jbws2437; + +import javax.jws.WebService; + +@WebService(name = "Hello", serviceName = "HelloService", targetNamespace = "http://org.jboss.ws/jaxws/jbws2437") +public interface Hello +{ + + public String echo(String in0); +} Property changes on: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Added: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java =================================================================== --- stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java (rev 0) +++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java 2009-01-07 11:25:21 UTC (rev 8977) @@ -0,0 +1,47 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.jbws2437; + +import javax.ejb.Stateless; +import javax.jws.WebMethod; +import javax.jws.WebParam; +import javax.jws.WebService; +import javax.jws.soap.SOAPBinding; + +import org.jboss.logging.Logger; +import org.jboss.wsf.spi.annotation.WebContext; + +@Stateless +@WebService(name = "Hello", serviceName = "HelloService", targetNamespace = "http://org.jboss.ws/jaxws/jbws2437") +@SOAPBinding(style = SOAPBinding.Style.RPC) +@WebContext(contextRoot="jaxws-jbws2437", urlPattern="/*") +public class HelloJavaBean implements Hello +{ + private Logger log = Logger.getLogger(HelloJavaBean.class); + + @WebMethod + public String echo(@WebParam(name = "user") String in0) + { + log.info(in0); + return in0; + } +} Property changes on: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Added: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java =================================================================== --- stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java (rev 0) +++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java 2009-01-07 11:25:21 UTC (rev 8977) @@ -0,0 +1,69 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.jbws2437; + +import java.io.InputStream; +import java.net.HttpURLConnection; +import java.net.URL; + +import junit.framework.Test; + +import org.jboss.wsf.test.JBossWSTest; +import org.jboss.wsf.test.JBossWSTestSetup; + + +/** + * Disallow access to directories other than "data/wsdl" + * + * http://jira.jboss.org/jira/browse/JBWS-2437 + * + * @author mageshbk(a)jboss.com + * @since 04-Jan-2009 + */ +public class JBWS2437TestCase extends JBossWSTest +{ + public final String WSDL_LOCATION = "http://" + getServerHost() + ":8080/jaxws-jbws2437?wsdl"; + public final String WSDL_RESOURCE = "&resource=../../ejb-deployer.xml"; + + public static Test suite() throws Exception + { + return new JBossWSTestSetup(JBWS2437TestCase.class, "jaxws-jbws2437.jar"); + } + + public void testWSDLAccess() throws Exception + { + HttpURLConnection connection = (HttpURLConnection)new URL(WSDL_LOCATION).openConnection(); + InputStream in = connection.getInputStream(); + int fileSize = in.available(); + in.close(); + assertTrue("WSDL cannot be accessed", fileSize > 0); + } + + public void testOtherFileAccess() throws Exception + { + HttpURLConnection connection = (HttpURLConnection)new URL(WSDL_LOCATION + WSDL_RESOURCE).openConnection(); + InputStream in = connection.getInputStream(); + int fileSize = in.available(); + in.close(); + assertTrue("Unrestricted access to xml files found", fileSize == 0); + } +} Property changes on: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF

15 years, 4 months

1
0
0 / 0

So good it's unbelievable

by jbossws-commits＠lists.jboss.org

15 years, 4 months

1
0
0 / 0

JBossWS SVN: r8976 - in legacy/branches/jbossws-1.2.1.GA_CP: jbossws-tests/ant-import and 2 other directories.

by jbossws-commits＠lists.jboss.org

Author: mageshbk(a)jboss.com Date: 2009-01-07 04:06:02 -0500 (Wed, 07 Jan 2009) New Revision: 8976 Added: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/ legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java Modified: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-core/src/java/org/jboss/ws/core/server/WSDLRequestHandler.java legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/ant-import/build-jars-jaxws.xml Log: [JBPAPP-1548] JBossWS - WSDL access url with resource suffix allows any arbitrary xml file to be viewed Modified: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-core/src/java/org/jboss/ws/core/server/WSDLRequestHandler.java =================================================================== --- legacy/branches/jbossws-1.2.1.GA_CP/jbossws-core/src/java/org/jboss/ws/core/server/WSDLRequestHandler.java 2009-01-06 22:39:26 UTC (rev 8975) +++ legacy/branches/jbossws-1.2.1.GA_CP/jbossws-core/src/java/org/jboss/ws/core/server/WSDLRequestHandler.java 2009-01-07 09:06:02 UTC (rev 8976) @@ -71,10 +71,12 @@ public Document getDocumentForPath(URL reqURL, String wsdlHost, String resPath) throws IOException { Document wsdlDoc; - + // The WSDLFilePublisher should set the location to an URL URL wsdlLocation = epMetaData.getServiceMetaData().getWsdlLocation(); - + if (wsdlLocation == null) + throw new IllegalStateException("Cannot obtain wsdl location"); + // get the root wsdl if (resPath == null) { @@ -85,11 +87,30 @@ // get some imported resource else { - String impResourcePath = new File(wsdlLocation.getPath()).getParent() + File.separatorChar + resPath; + File wsdlLocFile = new File(wsdlLocation.getPath()); + String impResourcePath = wsdlLocFile.getParent() + File.separatorChar + resPath; File impResourceFile = new File(impResourcePath); + String wsdlPublishLoc = epMetaData.getServiceMetaData().getWsdlPublishLocation(); - Element wsdlElement = DOMUtils.parse(impResourceFile.toURL().openStream()); - wsdlDoc = wsdlElement.getOwnerDocument(); + log.debug("Importing resource file: " + impResourceFile.getCanonicalPath()); + + String wsdlLocFilePath = wsdlLocFile.getParentFile().getCanonicalPath(); + ServerConfig serverConfig = ServerConfigFactory.getInstance().getServerConfig(); + String wsdlDataLoc = serverConfig.getServerDataDir().getCanonicalPath() + File.separatorChar + "wsdl"; + + //allow wsdl file's parent or server's data/wsdl or overriden wsdl publish directories only + if (impResourceFile.getCanonicalPath().indexOf(wsdlLocFilePath) >= 0 + || impResourceFile.getCanonicalPath().indexOf(wsdlDataLoc) >= 0 + || (wsdlPublishLoc != null + && impResourceFile.getCanonicalPath().indexOf(new File(new URL(wsdlPublishLoc).getPath()).getCanonicalPath()) >= 0)) + { + Element wsdlElement = DOMUtils.parse(impResourceFile.toURL().openStream()); + wsdlDoc = wsdlElement.getOwnerDocument(); + } + else + { + throw new IOException("Access to this resource is not allowed"); + } } modifyAddressReferences(reqURL, wsdlHost, resPath, wsdlDoc.getDocumentElement()); Modified: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/ant-import/build-jars-jaxws.xml =================================================================== --- legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/ant-import/build-jars-jaxws.xml 2009-01-06 22:39:26 UTC (rev 8975) +++ legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/ant-import/build-jars-jaxws.xml 2009-01-07 09:06:02 UTC (rev 8976) @@ -266,6 +266,14 @@ </metainf> </jar> +  + <jar destfile="${tests.output.dir}/libs/jaxws-jbws2437.jar"> + <fileset dir="${tests.output.dir}/classes"> + <include name="org/jboss/test/ws/jaxws/jbws2437/*.class"/> + <exclude name="org/jboss/test/ws/jaxws/jbws2437/*TestCase.class"/> + </fileset> + </jar> +  <war warfile="${tests.output.dir}/libs/jaxws-metadata.war" webxml="${tests.output.dir}/resources/jaxws/metadata/WEB-INF/web.xml"> <classes dir="${tests.output.dir}/classes"> Added: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java =================================================================== --- legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java (rev 0) +++ legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java 2009-01-07 09:06:02 UTC (rev 8976) @@ -0,0 +1,31 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.jbws2437; + +import javax.jws.WebService; + +@WebService(name = "Hello", serviceName = "HelloService", targetNamespace = "http://org.jboss.ws/jaxws/jbws2437") +public interface Hello +{ + + public String echo(String in0); +} Property changes on: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/Hello.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Added: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java =================================================================== --- legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java (rev 0) +++ legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java 2009-01-07 09:06:02 UTC (rev 8976) @@ -0,0 +1,47 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.jbws2437; + +import javax.ejb.Stateless; +import javax.jws.WebMethod; +import javax.jws.WebParam; +import javax.jws.WebService; +import javax.jws.soap.SOAPBinding; + +import org.jboss.logging.Logger; +import org.jboss.ws.annotation.WebContext; + +@Stateless +@WebService(name = "Hello", serviceName = "HelloService", targetNamespace = "http://org.jboss.ws/jaxws/jbws2437") +@SOAPBinding(style = SOAPBinding.Style.RPC) +@WebContext(contextRoot="jaxws-jbws2437", urlPattern="/*") +public class HelloJavaBean implements Hello +{ + private Logger log = Logger.getLogger(HelloJavaBean.class); + + @WebMethod + public String echo(@WebParam(name = "user") String in0) + { + log.info(in0); + return in0; + } +} Property changes on: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/HelloJavaBean.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Added: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java =================================================================== --- legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java (rev 0) +++ legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java 2009-01-07 09:06:02 UTC (rev 8976) @@ -0,0 +1,83 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.jbws2437; + +import java.io.InputStream; +import java.net.HttpURLConnection; +import java.net.URL; + +import junit.framework.Test; + +import org.jboss.test.ws.JBossWSTest; +import org.jboss.test.ws.JBossWSTestSetup; + + +/** + * Disallow access to directories other than "data/wsdl" + * + * http://jira.jboss.org/jira/browse/JBWS-2437 + * + * @author mageshbk(a)jboss.com + * @since 04-Jan-2009 + */ +public class JBWS2437TestCase extends JBossWSTest +{ + public final String WSDL_LOCATION = "http://" + getServerHost() + ":8080/jaxws-jbws2437?wsdl"; + public final String WSDL_RESOURCE = "&resource=../../ejb-deployer.xml"; + + public static Test suite() throws Exception + { + return JBossWSTestSetup.newTestSetup(JBWS2437TestCase.class, "jaxws-jbws2437.jar"); + } + + public void testWSDLAccess() throws Exception + { + HttpURLConnection connection = (HttpURLConnection)new URL(WSDL_LOCATION).openConnection(); + InputStream in = connection.getInputStream(); + int fileSize = in.available(); + in.close(); + assertTrue("WSDL cannot be accessed", fileSize > 0); + } + + public void testOtherFileAccess() throws Exception + { + HttpURLConnection connection = (HttpURLConnection)new URL(WSDL_LOCATION + WSDL_RESOURCE).openConnection(); + if (connection.getResponseCode() == HttpURLConnection.HTTP_INTERNAL_ERROR) + { + InputStream in = connection.getErrorStream(); + int fileSize = in.available(); + byte[] output = new byte[fileSize]; + in.read(output,0,fileSize); + String outputStr = new String(output); + in.close(); + //if server throws a 500 error + assertTrue("Unrestricted access to xml files found", outputStr.indexOf("Access to this resource is not allowed") >=0 ); + } + else + { + InputStream in = connection.getInputStream(); + int fileSize = in.available(); + in.close(); + assertTrue("Unrestricted access to xml files found", fileSize == 0); + } + } +} Property changes on: legacy/branches/jbossws-1.2.1.GA_CP/jbossws-tests/src/java/org/jboss/test/ws/jaxws/jbws2437/JBWS2437TestCase.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF

15 years, 4 months

1
0
0 / 0

JBossWS SVN: r8975 - stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/tools/wsdl.

by jbossws-commits＠lists.jboss.org

Author: mmillson Date: 2009-01-06 17:39:26 -0500 (Tue, 06 Jan 2009) New Revision: 8975 Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java Log: Fix to enable JBossWSEntityResolver to resolve schemas locally when there is no internet access for [JBPAPP-1552]. Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java =================================================================== --- stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java 2009-01-06 21:54:28 UTC (rev 8974) +++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java 2009-01-06 22:39:26 UTC (rev 8975) @@ -75,6 +75,7 @@ import org.jboss.logging.Logger; import org.jboss.ws.Constants; import org.jboss.ws.core.soap.Style; +import org.jboss.ws.core.utils.JBossWSEntityResolver; import org.jboss.ws.core.utils.ResourceURL; import org.jboss.ws.metadata.wsdl.Extendable; import org.jboss.ws.metadata.wsdl.WSDLBinding; @@ -111,6 +112,7 @@ import org.w3c.dom.NamedNodeMap; import org.w3c.dom.Node; import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; /** * A helper that translates a WSDL-1.1 object graph into a WSDL-2.0 object graph. @@ -126,6 +128,7 @@ private static final Logger log = Logger.getLogger(WSDL11Reader.class); private WSDLDefinitions destWsdl; + private JBossWSEntityResolver entityResolver = new JBossWSEntityResolver(); // Maps wsdl message parts to their corresponding element names private Map<String, QName> messagePartToElementMap = new HashMap<String, QName>(); @@ -575,7 +578,23 @@ schemaLocationsMap.put(namespace, currLoc); // Recursively handle schema imports - Element importedSchema = DOMUtils.parse(currLoc.openStream()); + Element importedSchema = null; + String schema = currLoc.toString(); + if (entityResolver.getEntityMap().containsKey(schema)) + { + try + { + importedSchema = DOMUtils.parse(entityResolver.resolveEntity(schema, schema).getByteStream()); + } + catch (SAXException se) + { + log.error(se.getMessage(), se); + } + } + if (importedSchema == null) + { + importedSchema = DOMUtils.parse(currLoc.openStream()); + } handleSchemaImports(importedSchema, currLoc); } }

15 years, 4 months

1
0
0 / 0

JBossWS SVN: r8974 - stack/native/branches/jbossws-native-2.0.1.SP2_CP03_JBPAPP-1550/src/main/java/org/jboss/ws/tools/wsdl.

by jbossws-commits＠lists.jboss.org

Author: mmillson Date: 2009-01-06 16:54:28 -0500 (Tue, 06 Jan 2009) New Revision: 8974 Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP03_JBPAPP-1550/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java Log: Fix to enable JBossWSEntityResolver to resolve schemas locally when there is no internet access [JBPAPP-1550]. Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP03_JBPAPP-1550/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java =================================================================== --- stack/native/branches/jbossws-native-2.0.1.SP2_CP03_JBPAPP-1550/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java 2009-01-06 21:03:49 UTC (rev 8973) +++ stack/native/branches/jbossws-native-2.0.1.SP2_CP03_JBPAPP-1550/src/main/java/org/jboss/ws/tools/wsdl/WSDL11Reader.java 2009-01-06 21:54:28 UTC (rev 8974) @@ -75,6 +75,7 @@ import org.jboss.logging.Logger; import org.jboss.ws.Constants; import org.jboss.ws.core.soap.Style; +import org.jboss.ws.core.utils.JBossWSEntityResolver; import org.jboss.ws.core.utils.ResourceURL; import org.jboss.ws.metadata.wsdl.Extendable; import org.jboss.ws.metadata.wsdl.WSDLBinding; @@ -111,6 +112,7 @@ import org.w3c.dom.NamedNodeMap; import org.w3c.dom.Node; import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; /** * A helper that translates a WSDL-1.1 object graph into a WSDL-2.0 object graph. @@ -126,6 +128,7 @@ private static final Logger log = Logger.getLogger(WSDL11Reader.class); private WSDLDefinitions destWsdl; + private JBossWSEntityResolver entityResolver = new JBossWSEntityResolver(); // Maps wsdl message parts to their corresponding element names private Map<String, QName> messagePartToElementMap = new HashMap<String, QName>(); @@ -575,7 +578,23 @@ schemaLocationsMap.put(namespace, currLoc); // Recursively handle schema imports - Element importedSchema = DOMUtils.parse(currLoc.openStream()); + Element importedSchema = null; + String schema = currLoc.toString(); + if (entityResolver.getEntityMap().containsKey(schema)) + { + try + { + importedSchema = DOMUtils.parse(entityResolver.resolveEntity(schema, schema).getByteStream()); + } + catch (SAXException se) + { + log.error(se.getMessage(), se); + } + } + if (importedSchema == null) + { + importedSchema = DOMUtils.parse(currLoc.openStream()); + } handleSchemaImports(importedSchema, currLoc); } }

15 years, 4 months

1
0
0 / 0

Every guy is talking about this

by jbossws-commits＠lists.jboss.org

15 years, 4 months

1
0
0 / 0

JBossWS SVN: r8973 - stack/native/branches.

by jbossws-commits＠lists.jboss.org

Author: mmillson Date: 2009-01-06 16:03:49 -0500 (Tue, 06 Jan 2009) New Revision: 8973 Added: stack/native/branches/jbossws-native-2.0.1.SP2_CP03_JBPAPP-1550/ Log: Create JBPAPP-1550 patch branch from jbossws-native-2.0.1.SP2_CP03 tag Copied: stack/native/branches/jbossws-native-2.0.1.SP2_CP03_JBPAPP-1550 (from rev 8972, stack/native/tags/jbossws-native-2.0.1.SP2_CP03)

15 years, 4 months

1
0
0 / 0

My snake in her pink shaven..

by jbossws-commits＠lists.jboss.org

15 years, 4 months

1
0
0 / 0

JBossWS SVN: r8971 - stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation.

by jbossws-commits＠lists.jboss.org

Author: darran.lofthouse(a)jboss.com Date: 2009-01-06 10:29:01 -0500 (Tue, 06 Jan 2009) New Revision: 8971 Modified: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/AuthorizeOperation.java stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/ReceiveUsernameOperation.java Log: Authentication and authorization. Modified: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/AuthorizeOperation.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/AuthorizeOperation.java 2009-01-06 14:20:15 UTC (rev 8970) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/AuthorizeOperation.java 2009-01-06 15:29:01 UTC (rev 8971) @@ -21,15 +21,33 @@ */ package org.jboss.ws.extensions.security.operation; +import java.security.AccessController; +import java.security.Principal; +import java.security.PrivilegedAction; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + import javax.naming.Context; import javax.naming.InitialContext; import javax.naming.NamingException; +import javax.security.auth.Subject; +import javax.xml.soap.SOAPException; +import javax.xml.ws.soap.SOAPFaultException; import org.jboss.logging.Logger; import org.jboss.security.AuthenticationManager; import org.jboss.security.RealmMapping; +import org.jboss.security.SecurityContext; +import org.jboss.security.SecurityContextAssociation; +import org.jboss.security.SimplePrincipal; import org.jboss.ws.WSException; import org.jboss.ws.metadata.wsse.Authorize; +import org.jboss.ws.metadata.wsse.Role; +import org.jboss.wsf.spi.SPIProvider; +import org.jboss.wsf.spi.SPIProviderResolver; +import org.jboss.wsf.spi.invocation.SecurityAdaptor; +import org.jboss.wsf.spi.invocation.SecurityAdaptorFactory; /** * Operation to authenticate and check the authorisation of the @@ -49,6 +67,8 @@ private RealmMapping rm; + private SecurityAdaptorFactory secAdapterfactory; + public AuthorizeOperation(Authorize authorize) { this.authorize = authorize; @@ -65,17 +85,83 @@ throw new WSException("Unable to lookup AuthenticationManager", ne); } + SPIProvider spiProvider = SPIProviderResolver.getInstance().getProvider(); + secAdapterfactory = spiProvider.getSPI(SecurityAdaptorFactory.class); } public void process() { log.trace("About to check authorization, using security domain '" + am.getSecurityDomain() + "'"); // Step 1 - Authenticate using currently associated principals. + SecurityAdaptor securityAdaptor = secAdapterfactory.newSecurityAdapter(); + Principal principal = securityAdaptor.getPrincipal(); + Object credential = securityAdaptor.getCredential(); + Subject subject = new Subject(); + boolean authorized = am.isValid(principal, credential, subject); + + if (authorized == false) + { + throw new WSException("Authentication failed."); + } + + pushSubjectContext(principal, credential, subject); // Step 2 - If unchecked all ok so return. + if (authorize.isUnchecked()) + { + return; + } // Step 3 - If roles specified check user in role. + Set<Principal> expectedRoles = expectedRoles(); + System.out.println(subject.getPrincipals()); + if (rm.doesUserHaveRole(principal, expectedRoles) == false) + { + throw new WSException("User does not have required roles"); + } + } + private Set<Principal> expectedRoles() + { + List<Role> roles = authorize.getRoles(); + int rolesCount = (roles != null) ? roles.size() : 0; + log.info(rolesCount); + Set<Principal> expectedRoles = new HashSet<Principal>(rolesCount); + + if (roles != null) + { + for (Role current : roles) + { + expectedRoles.add(new SimplePrincipal(current.getName())); + } + } + + return expectedRoles; } + + static SecurityContext getSecurityContext() + { + return (SecurityContext)AccessController.doPrivileged(new PrivilegedAction(){ + public Object run() + { + return SecurityContextAssociation.getSecurityContext(); + } + }); + } + + static void pushSubjectContext(final Principal p, final Object cred, final Subject s) + { + AccessController.doPrivileged(new PrivilegedAction(){ + public Object run() + { + SecurityContext sc = getSecurityContext(); + if(sc == null) + throw new IllegalStateException("Security Context is null"); + sc.getUtil().createSubjectInfo(p, cred, s); + return null; + }} + ); + } + } Modified: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/ReceiveUsernameOperation.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/ReceiveUsernameOperation.java 2009-01-06 14:20:15 UTC (rev 8970) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/ReceiveUsernameOperation.java 2009-01-06 15:29:01 UTC (rev 8971) @@ -65,8 +65,6 @@ { UsernameToken user = (UsernameToken)token; SecurityAdaptor securityAdaptor = secAdapterfactory.newSecurityAdapter(); - Logger.getLogger(this.getClass()).info("Username: " + user.getUsername()); - Logger.getLogger(this.getClass()).info("Password: " + user.getPassword()); if (user.isDigest()) { verifyUsernameToken(user);

15 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jbossws-commits January 2009