JBossWS SVN: r18415 - spi/tags/jbossws-spi-2.3.0.CR1.
by jbossws-commits@lists.jboss.org
Author: jim.ma
Date: 2014-02-24 08:09:45 -0500 (Mon, 24 Feb 2014)
New Revision: 18415
Modified:
spi/tags/jbossws-spi-2.3.0.CR1/pom.xml
Log:
Update the tag version
Modified: spi/tags/jbossws-spi-2.3.0.CR1/pom.xml
===================================================================
--- spi/tags/jbossws-spi-2.3.0.CR1/pom.xml 2014-02-24 13:06:04 UTC (rev 18414)
+++ spi/tags/jbossws-spi-2.3.0.CR1/pom.xml 2014-02-24 13:09:45 UTC (rev 18415)
@@ -7,7 +7,7 @@
<packaging>jar</packaging>
<description>JBossWS SPI</description>
- <version>2.3.0-SNAPSHOT</version>
+ <version>2.3.0.CR1</version>
<!-- Parent -->
<parent>
10 years, 7 months
JBossWS SVN: r18414 - spi/tags.
by jbossws-commits@lists.jboss.org
Author: jim.ma
Date: 2014-02-24 08:06:04 -0500 (Mon, 24 Feb 2014)
New Revision: 18414
Added:
spi/tags/jbossws-spi-2.3.0.CR1/
Log:
Tag jbossws-spi-2.3.0.CR1
10 years, 7 months
JBossWS SVN: r18413 - spi/tags.
by jbossws-commits@lists.jboss.org
Author: jim.ma
Date: 2014-02-24 08:05:14 -0500 (Mon, 24 Feb 2014)
New Revision: 18413
Removed:
spi/tags/jbossws-spi-2.3.0.Beta5/
Log:
Remove the wrong tag
10 years, 7 months
JBossWS SVN: r18412 - spi/tags.
by jbossws-commits@lists.jboss.org
Author: jim.ma
Date: 2014-02-24 08:02:13 -0500 (Mon, 24 Feb 2014)
New Revision: 18412
Added:
spi/tags/jbossws-spi-2.3.0.Beta5/
Log:
Tag jbossws-spi-2.3.0.Beta5
10 years, 7 months
JBossWS SVN: r18411 - in stack/cxf/trunk: modules and 41 other directories.
by jbossws-commits@lists.jboss.org
Author: jim.ma
Date: 2014-02-24 07:56:33 -0500 (Mon, 24 Feb 2014)
New Revision: 18411
Added:
stack/cxf/trunk/modules/jaspi/
stack/cxf/trunk/modules/jaspi/pom.xml
stack/cxf/trunk/modules/jaspi/src/
stack/cxf/trunk/modules/jaspi/src/main/
stack/cxf/trunk/modules/jaspi/src/main/java/
stack/cxf/trunk/modules/jaspi/src/main/java/org/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/
stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java
stack/cxf/trunk/modules/jaspi/src/main/resources/
stack/cxf/trunk/modules/jaspi/src/main/resources/META-INF/
stack/cxf/trunk/modules/jaspi/src/main/resources/META-INF/services/
stack/cxf/trunk/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/
Modified:
stack/cxf/trunk/
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/Loggers.java
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java
stack/cxf/trunk/modules/dist/pom.xml
stack/cxf/trunk/modules/dist/src/main/scripts/assembly-deploy-artifacts.xml
stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-client/main/module.xml
stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-server/main/module.xml
stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/jaxws-client/main/module.xml
stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingPolicyInterceptor.java
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreator.java
stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/Helper.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceEndpointImpl.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceIface.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceImpl.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/UsernamePasswordCallback.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/config/jaspi-config-client.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/META-INF/jaxws-client-config.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF/jaxws-endpoint-config.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF/web.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF/wsdl/SecurityService.wsdl
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF/wsdl/SecurityService_schema1.xsd
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF2/jboss-webservices.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF2/web.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF2/wsdl/SecurityService.wsdl
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaspi/WEB-INF2/wsdl/SecurityService_schema1.xsd
stack/cxf/trunk/modules/testsuite/pom.xml
stack/cxf/trunk/modules/testsuite/test-utils/src/main/java/org/jboss/wsf/test/JBossWSTestHelper.java
stack/cxf/trunk/pom.xml
Log:
[JBWS-3767]:Jaspic soap profile implementation
Property changes on: stack/cxf/trunk
___________________________________________________________________
Modified: svn:mergeinfo
- /stack/cxf/branches/asoldano:14032-14050,14068
/stack/cxf/branches/ropalka:16301-16305,16966-17008
/stack/cxf/branches/ropalka_JBWS-3550:16747-16757
+ /stack/cxf/branches/asoldano:14032-14050,14068
/stack/cxf/branches/jaspi:18054-18409
/stack/cxf/branches/ropalka:16301-16305,16966-17008
/stack/cxf/branches/ropalka_JBWS-3550:16747-16757
Modified: stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/Loggers.java
===================================================================
--- stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/Loggers.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/Loggers.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -224,4 +224,8 @@
@LogMessage(level = WARN)
@Message(id = 24100, value = "Could not delete wsdl directory %s")
void couldNotDeleteWsdlDirectory(String filename);
+
+ @LogMessage(level = INFO)
+ @Message(id = 24102, value = "jaspi authentication isn't enabled, can not find jaspi modules and classes")
+ void cannotFindJaspiClasses();
}
Modified: stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java
===================================================================
--- stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -29,7 +29,12 @@
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.jaxws.DispatchImpl;
import org.jboss.ws.common.configuration.ConfigHelper;
+import org.jboss.wsf.spi.SPIProvider;
+import org.jboss.wsf.spi.WSFException;
+import org.jboss.wsf.spi.classloading.ClassLoaderProvider;
import org.jboss.wsf.spi.metadata.config.ClientConfig;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
+import org.jboss.wsf.stack.cxf.Loggers;
/**
* CXF extension of common ClientConfigurer
@@ -57,6 +62,21 @@
savePropList(cxfClient, props);
}
setConfigProperties(cxfClient, props);
+
+ //config jaspi
+ try
+ {
+ JASPIAuthenticationProvider japsiProvider = SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class,
+ ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
+ if (japsiProvider != null)
+ {
+ japsiProvider.enableClientAuthentication(cxfClient, props);
+ }
+ }
+ catch (WSFException e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotFindJaspiClasses();
+ }
}
public void setConfigProperties(Client client, Map<String, String> properties) {
Modified: stack/cxf/trunk/modules/dist/pom.xml
===================================================================
--- stack/cxf/trunk/modules/dist/pom.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/dist/pom.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -24,6 +24,12 @@
<dependency>
<groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf-jaspi</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.ws.cxf</groupId>
<artifactId>jbossws-cxf-transports-httpserver</artifactId>
<version>${project.version}</version>
</dependency>
Modified: stack/cxf/trunk/modules/dist/src/main/scripts/assembly-deploy-artifacts.xml
===================================================================
--- stack/cxf/trunk/modules/dist/src/main/scripts/assembly-deploy-artifacts.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/dist/src/main/scripts/assembly-deploy-artifacts.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -30,6 +30,7 @@
<unpack>false</unpack>
<includes>
<include>org.jboss.ws.cxf:jbossws-cxf-client:jar</include>
+ <include>org.jboss.ws.cxf:jbossws-cxf-jaspi:jar</include>
<include>org.jboss.ws.cxf:jbossws-cxf-factories:jar</include>
<include>org.jboss.ws.cxf:jbossws-cxf-server:jar</include>
<include>org.jboss.ws.cxf:jbossws-cxf-transports-httpserver:jar</include>
Added: stack/cxf/trunk/modules/jaspi/pom.xml
===================================================================
--- stack/cxf/trunk/modules/jaspi/pom.xml (rev 0)
+++ stack/cxf/trunk/modules/jaspi/pom.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,113 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <name>JBoss Web Services - Stack CXF JASPI</name>
+ <artifactId>jbossws-cxf-jaspi</artifactId>
+ <packaging>jar</packaging>
+
+ <!-- Parent -->
+ <parent>
+ <groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf</artifactId>
+ <version>4.3.0-SNAPSHOT</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+
+ <!-- Dependencies -->
+ <dependencies>
+ <dependency>
+ <groupId>org.jboss.ws</groupId>
+ <artifactId>jbossws-spi</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.spec.javax.servlet</groupId>
+ <artifactId>jboss-servlet-api_3.0_spec</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-frontend-jaxws</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-security</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.picketbox</groupId>
+ <artifactId>picketbox</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.spec.javax.security.auth.message</groupId>
+ <artifactId>jboss-jaspi-api_1.1_spec</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging-processor</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <profiles>
+ <!--
+ Name: enforce
+ Descr: Enforce artifact dependencies
+ -->
+ <profile>
+ <id>enforce</id>
+ <activation>
+ <property>
+ <name>!skip-enforce</name>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-enforcer-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>ban-bad-dependencies</id>
+ <goals>
+ <goal>enforce</goal>
+ </goals>
+ <configuration>
+ <rules>
+ <bannedDependencies>
+ <searchTransitive>true</searchTransitive>
+ <excludes>
+ <exclude>org.apache.cxf:cxf-rt-bindings-corba</exclude>
+ <exclude>org.apache.cxf:cxf-rt-javascript</exclude>
+ <exclude>org.apache.geronimo.specs</exclude>
+ <exclude>org.codehaus.jra:jra</exclude>
+ <exclude>org.slf4j:slf4j-jdk14</exclude>
+ </excludes>
+ </bannedDependencies>
+ </rules>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+
+</project>
Property changes on: stack/cxf/trunk/modules/jaspi/pom.xml
___________________________________________________________________
Added: svn:mime-type
+ text/xml
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,227 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi;
+
+import java.util.Map;
+import java.util.Properties;
+
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.jaxws22.EndpointImpl;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.login.AuthenticationInfo;
+import org.jboss.security.auth.login.BaseAuthenticationInfo;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.wsf.spi.deployment.Deployment;
+import org.jboss.wsf.spi.deployment.Endpoint;
+import org.jboss.wsf.spi.metadata.webservices.JBossWebservicesMetaData;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
+import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientAuthenticator;
+import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientInInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientOutInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider;
+import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConstants;
+import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverInInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverOutInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.log.Loggers;
+
+/**
+ * Class to enable the jaspi authentication interceptors in cxf bus , endpoint or client
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class DefaultJASPIAuthenticationProvider implements JASPIAuthenticationProvider
+{
+ public DefaultJASPIAuthenticationProvider()
+ {
+ }
+
+ public boolean enableClientAuthentication(Object target, Map<String, String> properties)
+ {
+ if (!(target instanceof Client)) {
+ Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
+ return false;
+ }
+ Client client = (Client)target;
+ String securityDomain = properties.get(JaspiClientAuthenticator.JASPI_SECURITY_DOMAIN);
+ if (securityDomain == null)
+ {
+ return false;
+ }
+ ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
+ if (appPolicy == null)
+ {
+ Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
+ return false;
+ }
+ BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
+ if (bai == null || bai instanceof AuthenticationInfo)
+ {
+ Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
+ return false;
+ }
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+
+ String contextRoot = client.getEndpoint().getEndpointInfo().getName().toString();
+ String appId = "localhost " + contextRoot;
+ AuthConfigFactory factory = AuthConfigFactory.getFactory();
+
+ Properties props = new Properties();
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(props, factory);
+ provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
+ JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
+ try
+ {
+ ClientAuthConfig clientConfig = provider.getClientAuthConfig("soap", appId, callbackHandler);
+ JaspiClientAuthenticator clientAuthenticator = new JaspiClientAuthenticator(clientConfig, securityDomain, jai);
+ client.getInInterceptors().add(new JaspiClientInInterceptor(clientAuthenticator));
+ client.getOutInterceptors().add(new JaspiClientOutInterceptor(clientAuthenticator));
+ }
+ catch (Exception e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
+ }
+
+ return false;
+
+ }
+
+ public boolean enableServerAuthentication(Deployment dep, JBossWebservicesMetaData wsmd)
+ {
+ String securityDomain = null;
+ if (wsmd != null)
+ {
+ securityDomain = wsmd.getProperty(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
+ }
+ if (securityDomain == null)
+ {
+ return false;
+ }
+ ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
+ if (appPolicy == null)
+ {
+ Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
+ return false;
+ }
+ BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
+ if (bai == null || bai instanceof AuthenticationInfo)
+ {
+ Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
+ return false;
+ }
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+
+ String contextRoot = dep.getService().getContextRoot();
+ String appId = "localhost " + contextRoot;
+ AuthConfigFactory factory = AuthConfigFactory.getFactory();
+ Properties properties = new Properties();
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
+ provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
+
+ JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
+ try
+ {
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId,
+ callbackHandler);
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jai);
+ Bus bus = dep.getAttachment(Bus.class);
+ serverContextProperties.put(Bus.class, bus);
+ String authContextID = dep.getSimpleName();
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
+ JaspiServerAuthenticator serverAuthenticator = new JaspiServerAuthenticator(sctx);
+ bus.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
+ bus.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
+ return true;
+ }
+ catch (Exception e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
+ }
+ return false;
+ }
+
+ public boolean enableServerAuthentication(Object target, Endpoint endpoint)
+ {
+ if (!(target instanceof EndpointImpl)) {
+ Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
+ return false;
+ }
+ EndpointImpl endpointImpl = (EndpointImpl)target;
+ String securityDomain = (String) endpointImpl.getProperties().get(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
+ if (securityDomain == null)
+ {
+ return false;
+ }
+ ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
+ if (appPolicy == null)
+ {
+ Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
+ return false;
+ }
+ BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
+ if (bai == null || bai instanceof AuthenticationInfo)
+ {
+ Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
+ return false;
+ }
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+ String contextRoot = endpoint.getService().getContextRoot();
+ String appId = "localhost " + contextRoot;
+ AuthConfigFactory factory = AuthConfigFactory.getFactory();
+ Properties properties = new Properties();
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
+ provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
+
+ JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
+ JaspiServerAuthenticator serverAuthenticator = null;
+ try
+ {
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId,
+ callbackHandler);
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jai);
+ serverContextProperties.put(javax.xml.ws.Endpoint.class, endpointImpl);
+ String authContextID = endpointImpl.getBeanName();
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
+ serverAuthenticator = new JaspiServerAuthenticator(sctx);
+ endpointImpl.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
+ endpointImpl.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
+ return true;
+
+ }
+ catch (Exception e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
+ }
+ return false;
+ }
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,157 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi;
+
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ServerAuthContext;
+import javax.xml.namespace.QName;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.Soap12;
+import org.apache.cxf.binding.soap.SoapBinding;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.interceptor.InterceptorChain;
+import org.apache.cxf.interceptor.OutgoingChainInterceptor;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+
+/**
+ * Authenticator for server side , it is used to authenticate cxf SoapMessage with japsi ServerAuthContext
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiServerAuthenticator
+{
+ public static final String JASPI_SECURITY_DOMAIN = "jaspi.security.domain";
+
+ private final ServerAuthContext sctx;
+
+ public JaspiServerAuthenticator(ServerAuthContext sctx)
+ {
+ this.sctx = sctx;
+ }
+
+ public void validateRequest(SoapMessage message)
+ {
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(soapMessage, null);
+ AuthStatus authStatus;
+ try
+ {
+ authStatus = sctx.validateRequest(messageInfo, null, null);
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(), Soap12.getInstance().getReceiver());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi AuthException"));
+ }
+ }
+ Message response = null;
+ if (messageInfo.getResponseMessage() != null && !message.getExchange().isOneWay())
+ {
+
+ Endpoint e = message.getExchange().get(Endpoint.class);
+
+ response = new MessageImpl();
+ response.setExchange(message.getExchange());
+ response = e.getBinding().createMessage(response);
+ message.getExchange().setOutMessage(response);
+ response.setContent(SOAPMessage.class, messageInfo.getResponseMessage());
+ if (AuthStatus.SEND_CONTINUE == authStatus)
+ {
+ response.put(Message.RESPONSE_CODE, Integer.valueOf(303));
+ }
+ if (AuthStatus.SEND_FAILURE == authStatus)
+ {
+ response.put(Message.RESPONSE_CODE, Integer.valueOf(500));
+ }
+
+ message.getInterceptorChain().abort();
+ InterceptorChain chain = OutgoingChainInterceptor.getOutInterceptorChain(message.getExchange());
+ response.setInterceptorChain(chain);
+ chain.doInterceptStartingAfter(response, SoapPreProtocolOutInterceptor.class.getName());
+
+ }
+
+ }
+
+ public void secureResponse(SoapMessage message)
+ {
+ SOAPMessage request = message.getExchange().getInMessage().get(SOAPMessage.class);
+ SOAPMessage response = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(request, response);
+ AuthStatus authStatus = null;
+ try
+ {
+ authStatus = sctx.secureResponse(messageInfo, null);
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(), Soap12.getInstance().getReceiver());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi AuthException"));
+ }
+ }
+ if (messageInfo.getResponseMessage() != null && !message.getExchange().isOneWay())
+ {
+ if (AuthStatus.SEND_CONTINUE == authStatus)
+ {
+ message.put(Message.RESPONSE_CODE, Integer.valueOf(303));
+ }
+ if (AuthStatus.SEND_FAILURE == authStatus)
+ {
+ message.put(Message.RESPONSE_CODE, Integer.valueOf(500));
+ }
+ }
+
+ }
+
+ private boolean isSOAP12(Message message)
+ {
+ if (message.getExchange().getBinding() instanceof SoapBinding)
+ {
+ SoapBinding binding = (SoapBinding) message.getExchange().getBinding();
+ if (binding.getSoapVersion() == Soap12.getInstance())
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,124 @@
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+import java.util.Properties;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.xml.namespace.QName;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.Soap12;
+import org.apache.cxf.binding.soap.SoapBinding;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.message.Message;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.message.GenericMessageInfo;
+
+/**
+ * Authenticator for client side , it is used to obtain ClientAuthContext and authenticate cxf SoapMessage
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiClientAuthenticator
+{
+ public static final String JASPI_SECURITY_DOMAIN = "jaspi.security.domain";
+
+ private final ClientAuthConfig clientConfig;
+
+ private final String securityDomain;
+
+ private final JASPIAuthenticationInfo jpi;
+
+ public JaspiClientAuthenticator(ClientAuthConfig clientConfig, String securityDomain, JASPIAuthenticationInfo jpi)
+ {
+
+ this.clientConfig = clientConfig;
+ this.securityDomain = securityDomain;
+ this.jpi = jpi;
+ }
+
+ public void secureRequest(SoapMessage message)
+ {
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(soapMessage, null);
+ String authContextID = clientConfig.getAuthContextID(messageInfo);
+
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jpi);
+ Subject clientSubject = new Subject();
+ @SuppressWarnings("unused")
+ AuthStatus authStatus = null;
+ try
+ {
+ ClientAuthContext cctx = clientConfig.getAuthContext(authContextID, clientSubject, serverContextProperties);
+ authStatus = cctx.secureRequest(messageInfo, clientSubject);
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(), Soap12.getInstance().getSender());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi AuthException"));
+ }
+ }
+ //TODO:look at how to handle AuthStatus
+
+ }
+
+ public void validateResponse(SoapMessage message)
+ {
+ SOAPMessage request = message.getExchange().getInMessage().get(SOAPMessage.class);
+ SOAPMessage response = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(request, response);
+ String authContextID = clientConfig.getAuthContextID(messageInfo);
+
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jpi);
+ Subject clientSubject = new Subject();
+ @SuppressWarnings("unused")
+ AuthStatus authStatus = null;
+ try
+ {
+ ClientAuthContext sctx = clientConfig.getAuthContext(authContextID, clientSubject, serverContextProperties);
+ authStatus = sctx.validateResponse(messageInfo, new Subject(), new Subject());
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(), Soap12.getInstance().getSender());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi AuthException"));
+ }
+ }
+ //TODO:handle AuthStatus
+
+ }
+
+ private boolean isSOAP12(Message message)
+ {
+ if (message.getExchange().getBinding() instanceof SoapBinding)
+ {
+ SoapBinding binding = (SoapBinding) message.getExchange().getBinding();
+ if (binding.getSoapVersion() == Soap12.getInstance())
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.phase.Phase;
+
+/**
+ * CXF in interceptor to validateResponse cxf SoapMessage with JaspiClientAuthentcator
+ * @See org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientAuthentcator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiClientInInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiClientAuthenticator authManager;
+
+ public JaspiClientInInterceptor(JaspiClientAuthenticator authManager)
+ {
+ super(Phase.POST_PROTOCOL_ENDING);
+ addAfter(SAAJOutInterceptor.SAAJOutEndingInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ SAAJOutInterceptor saajout = new SAAJOutInterceptor();
+ saajout.handleMessage(message);
+ }
+ authManager.validateResponse(message);
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,101 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.SAAJPreInInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.phase.Phase;
+
+/**
+ * CXF out interceptor to secureRequest cxf SoapMessage with JaspiClientAuthentcator
+ * @See org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientAuthentcator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiClientOutInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiClientAuthenticator authManager;
+
+ public JaspiClientOutInterceptor(JaspiClientAuthenticator authManager)
+ {
+ super(Phase.PRE_PROTOCOL);
+ addAfter(SAAJInInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ SAAJInInterceptor saajIn = new SAAJInInterceptor();
+ saajIn.handleMessage(message);
+ }
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ if (soapMessage == null)
+ {
+ return;
+ }
+
+ SOAPMessage copyMessage = null;
+ try
+ {
+ MessageFactory messageFactory = SAAJPreInInterceptor.INSTANCE.getFactory(message);
+ ByteArrayOutputStream bout = new ByteArrayOutputStream();
+ soapMessage.writeTo(bout);
+ copyMessage = messageFactory.createMessage(soapMessage.getMimeHeaders(),
+ new ByteArrayInputStream(bout.toByteArray()));
+ }
+ catch (SOAPException e)
+ {
+ throw new Fault(e);
+ }
+ catch (IOException e)
+ {
+ throw new Fault(e);
+ }
+ if (copyMessage != null)
+ {
+ message.put(SOAPMessage.class, copyMessage);
+ }
+ try
+ {
+ authManager.secureRequest(message);
+ }
+ finally
+ {
+ message.put(SOAPMessage.class, soapMessage);
+ }
+
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,107 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+/**
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
+ {
+
+ public SecurityContext run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ });
+ }
+
+ static Class<?> loadClass(final ClassLoader cl, final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ if (cl == null)
+ {
+ return loadClass(name);
+ }
+ try
+ {
+ return cl.loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ return loadClass(name);
+ }
+ }
+ });
+ }
+
+ static Class<?> loadClass(final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ try
+ {
+ return getClass().getClassLoader().loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ try
+ {
+ return getContextClassLoader().loadClass(name);
+ }
+ catch (Exception e)
+ {
+ throw new PrivilegedActionException(e);
+ }
+ }
+ }
+ });
+ }
+}
\ No newline at end of file
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,118 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client.module;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.module.ClientAuthModule;
+import javax.xml.soap.SOAPMessage;
+
+import org.jboss.security.SimplePrincipal;
+
+/**
+ * SOAPClientAuthModule
+ * TODO: Investigate what we can do with this module
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class SOAPClientAuthModule implements ClientAuthModule
+{
+ public static String log;
+
+ @SuppressWarnings("rawtypes")
+ private List<Class> supportedTypes = new ArrayList<Class>();
+
+ private SimplePrincipal principal = null;
+
+ private Object credential = null;
+
+ @SuppressWarnings("unused")
+ private MessagePolicy requestPolicy = null;
+
+ @SuppressWarnings("unused")
+ private MessagePolicy responsePolicy = null;
+
+ @SuppressWarnings("unused")
+ private CallbackHandler handler = null;
+
+ @SuppressWarnings(
+ {"rawtypes"})
+ private Map options = null;
+
+ public SOAPClientAuthModule()
+ {
+ this.supportedTypes.add(Object.class);
+ this.supportedTypes.add(SOAPMessage.class);
+ }
+
+ @SuppressWarnings("rawtypes")
+ public SOAPClientAuthModule(List<Class> supportedTypes)
+ {
+ this.supportedTypes = supportedTypes;
+ }
+
+ @SuppressWarnings("rawtypes")
+ public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, CallbackHandler handler,
+ Map options) throws AuthException
+ {
+ this.requestPolicy = requestPolicy;
+ this.responsePolicy = responsePolicy;
+ this.handler = handler;
+ this.options = options;
+ }
+
+ @SuppressWarnings(
+ {"unchecked"})
+ public AuthStatus secureRequest(MessageInfo messageInfo, Subject source) throws AuthException
+ {
+ log = "secureRequest";
+ SOAPMessage soapMessage = (SOAPMessage) messageInfo.getRequestMessage();
+ return AuthStatus.SUCCESS;
+ }
+
+ public AuthStatus validateResponse(MessageInfo messageInfo, Subject source, Subject recipient) throws AuthException
+ {
+ return AuthStatus.SUCCESS;
+ }
+
+ @SuppressWarnings("rawtypes")
+ public Class[] getSupportedMessageTypes()
+ {
+ Class[] clsarr = new Class[this.supportedTypes.size()];
+ supportedTypes.toArray(clsarr);
+ return clsarr;
+ }
+
+ public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
+ {
+ subject.getPrincipals().remove(principal);
+ subject.getPublicCredentials().remove(credential);
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,75 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+import java.util.Properties;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
+
+/**
+ * Factory class used to getJBossWSClientAuthConfig and JBossWSServerAuthConfig
+ * <p>I
+ * It is used to Obtain JBosswSClientAuthConfig and JBossWSServerAuthConfig
+ * @see org.jboss.wsf.stack.cxf.jaspi.config.JBosswSClientAuthConfig
+ * @see org.jboss.wsf.stack.cxf.jaspi.config.JBossWSServerAuthConfig
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JBossWSAuthConfigProvider implements AuthConfigProvider
+{
+ private final Properties contextProperties;
+
+ public JBossWSAuthConfigProvider(Properties props, AuthConfigFactory factory)
+ {
+ contextProperties = props;
+ if (factory != null)
+ {
+ factory.registerConfigProvider(this, "soap", null, "JBossWS AuthConfigProvider");
+ }
+
+ }
+
+ @Override
+ public ClientAuthConfig getClientAuthConfig(String layer, String appContext, CallbackHandler handler)
+ throws AuthException, SecurityException
+ {
+ return new JBossWSClientAuthConfig(layer, appContext, handler, contextProperties);
+ }
+
+ @Override
+ public ServerAuthConfig getServerAuthConfig(String layer, String appContext, CallbackHandler handler)
+ throws AuthException, SecurityException
+ {
+ return new JBossWSServerAuthConfig(layer, appContext, handler, contextProperties);
+ }
+
+ @Override
+ public void refresh()
+ {
+
+ }
+
+}
\ No newline at end of file
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,32 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+/**
+ * Define the jaspi authentication property name
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JBossWSAuthConstants
+{
+ public static final String SOAP_LAYER = "soap";
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,193 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+import java.lang.reflect.Constructor;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.security.auth.message.module.ClientAuthModule;
+import javax.xml.namespace.QName;
+import javax.xml.soap.MimeHeaders;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.soap.SOAPPart;
+
+import org.apache.cxf.common.util.StringUtils;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.message.config.JBossClientAuthConfig;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.plugins.ClassLoaderLocator;
+import org.jboss.security.plugins.ClassLoaderLocatorFactory;
+
+/**
+ * JBossWS ClientAuthConfig implementation to obtain ClientAuthContext
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JBossWSClientAuthConfig extends JBossClientAuthConfig
+{
+
+ @SuppressWarnings("rawtypes")
+ private final List modules = new ArrayList();
+
+ private CallbackHandler callbackHandler;
+
+ @SuppressWarnings("rawtypes")
+ public JBossWSClientAuthConfig(String layer, String appContext, CallbackHandler handler, Map properties)
+ {
+ super(layer, appContext, handler, properties);
+ callbackHandler = handler;
+ }
+
+ @SuppressWarnings(
+ {"rawtypes", "unchecked"})
+ public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject, Map properties)
+ throws AuthException
+ {
+ List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
+
+ Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
+
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) properties.get("jaspi-policy");
+ AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
+
+ ClassLoader moduleCL = null;
+ String jbossModule = jai.getJBossModuleName();
+ if (jbossModule != null && !jbossModule.isEmpty())
+ {
+ ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
+ if (locator != null)
+ moduleCL = locator.get(jbossModule);
+ }
+
+ for (AuthModuleEntry ame : amearr)
+ {
+
+ try
+ {
+ mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ClientAuthModule sam = this.createCAM(moduleCL, ame.getAuthModuleName());
+
+ Map options = new HashMap();
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ }
+ catch (Exception e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ }
+
+ JBossWSClientAuthContext clientAuthContext = new JBossWSClientAuthContext(modules, mapOptionsByName,
+ this.callbackHandler);
+ clientAuthContext.setControlFlags(controlFlags);
+ return clientAuthContext;
+ }
+
+ @SuppressWarnings(
+ {"unchecked", "rawtypes"})
+ private ClientAuthModule createCAM(ClassLoader moduleCL, String name) throws Exception
+ {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[0]);
+ return (ClientAuthModule) ctr.newInstance(new Object[0]);
+ }
+
+ @SuppressWarnings(
+ {"rawtypes"})
+ public List getClientAuthModules()
+ {
+ return modules;
+ }
+
+ @SuppressWarnings("rawtypes")
+ public String getAuthContextID(MessageInfo messageInfo)
+ {
+ SOAPMessage request = (SOAPMessage) messageInfo.getRequestMessage();
+ if (request == null)
+ {
+ return null;
+ }
+ String authContext = null;
+ MimeHeaders headers = request.getMimeHeaders();
+ if (headers != null)
+ {
+ String[] soapActions = headers.getHeader("SOAPAction");
+ if (soapActions != null && soapActions.length > 0)
+ {
+ authContext = soapActions[0];
+ if (!StringUtils.isEmpty(authContext))
+ {
+ return authContext;
+ }
+ }
+ }
+
+ SOAPPart soapMessage = request.getSOAPPart();
+ if (soapMessage != null)
+ {
+ try
+ {
+ SOAPEnvelope envelope = soapMessage.getEnvelope();
+ if (envelope != null)
+ {
+ SOAPBody body = envelope.getBody();
+ if (body != null)
+ {
+
+ Iterator it = body.getChildElements();
+ while (it.hasNext())
+ {
+ Object o = it.next();
+ if (o instanceof SOAPElement)
+ {
+ QName name = ((SOAPElement) o).getElementQName();
+ return name.getLocalPart();
+
+ }
+ }
+ }
+ }
+ }
+ catch (SOAPException se)
+ {
+ //ignore;
+ }
+ }
+
+ return null;
+ }
+
+}
\ No newline at end of file
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,110 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.security.auth.message.module.ClientAuthModule;
+
+import org.jboss.security.config.ControlFlag;
+
+/**
+ * JBossWS ClientAuthContext implementation to {@link #secureRequest(MessageInfo, Subject)}
+ * <p>and {@link #validateResponse(MessageInfo, Subject, Subject)}
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JBossWSClientAuthContext implements ClientAuthContext
+{
+ private final List<ClientAuthModule> modules;
+
+ @SuppressWarnings("rawtypes")
+ private final Map<String, Map> moduleOptionsByName;
+
+ protected List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
+
+ @SuppressWarnings("rawtypes")
+ public JBossWSClientAuthContext(List<ClientAuthModule> modules, Map<String, Map> moduleNameToOptions,
+ CallbackHandler cbh) throws AuthException
+ {
+ this.modules = modules;
+ this.moduleOptionsByName = moduleNameToOptions;
+ for (ClientAuthModule cam : modules)
+ {
+ cam.initialize(null, null, cbh, moduleOptionsByName.get(cam.getClass().getName()));
+ }
+ }
+
+ @Override
+ public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
+ {
+ for (ClientAuthModule cam : modules)
+ {
+ cam.cleanSubject(messageInfo, subject);
+ }
+
+ }
+
+ public void setControlFlags(List<ControlFlag> controlFlags)
+ {
+ this.controlFlags = controlFlags;
+ }
+
+ @Override
+ public AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject) throws AuthException
+ {
+ AuthStatus status = null;
+ for (ClientAuthModule sam : modules)
+ {
+ status = sam.secureRequest(messageInfo, clientSubject);
+ if (status == AuthStatus.FAILURE)
+ {
+ break;
+ }
+ }
+ return status;
+ }
+
+ @Override
+ public AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)
+ throws AuthException
+ {
+ AuthStatus status = null;
+ for (ClientAuthModule sam : modules)
+ {
+ status = sam.secureRequest(messageInfo, clientSubject);
+ if (status == AuthStatus.FAILURE)
+ {
+ break;
+ }
+ }
+ return status;
+ }
+
+}
\ No newline at end of file
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,227 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+import java.lang.reflect.Constructor;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ServerAuthContext;
+import javax.security.auth.message.module.ServerAuthModule;
+import javax.xml.namespace.QName;
+import javax.xml.soap.MimeHeaders;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.soap.SOAPPart;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.common.util.StringUtils;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.message.config.JBossServerAuthConfig;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.plugins.ClassLoaderLocator;
+import org.jboss.security.plugins.ClassLoaderLocatorFactory;
+
+/**
+ * JBossWS ServerAuthConfig implentation to obtain JBossWSServerAuthContext
+ * @see org.jboss.wsf.stack.cxf.jaspi.config.JBossWSServerAuthContext
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JBossWSServerAuthConfig extends JBossServerAuthConfig
+{
+ private final CallbackHandler callbackHandler = new JBossCallbackHandler();
+
+ @SuppressWarnings("rawtypes")
+ private final List modules = new ArrayList();
+
+ @SuppressWarnings("rawtypes")
+ public JBossWSServerAuthConfig(String layer, String appContext, CallbackHandler handler, Map properties)
+ {
+ super(layer, appContext, handler, properties);
+ }
+
+ @SuppressWarnings(
+ {"rawtypes", "unchecked"})
+ public ServerAuthContext getAuthContext(String authContextID, Subject serviceSubject, Map properties)
+ throws AuthException
+ {
+ List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
+
+ Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) properties.get("jaspi-policy");
+ AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
+
+ ClassLoader moduleCL = null;
+ String jbossModule = jai.getJBossModuleName();
+ if (jbossModule != null && !jbossModule.isEmpty())
+ {
+ ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
+ if (locator != null)
+ moduleCL = locator.get(jbossModule);
+ }
+
+ for (AuthModuleEntry ame : amearr)
+ {
+ if (ame.getLoginModuleStackHolderName() != null)
+ {
+ try
+ {
+ mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName(),
+ ame.getLoginModuleStackHolderName());
+
+ Map options = new HashMap();
+ Bus bus = (Bus) properties.get(Bus.class);
+ options.put(Bus.class, bus);
+ javax.xml.ws.Endpoint endpoint = (javax.xml.ws.Endpoint) properties.get(javax.xml.ws.Endpoint.class);
+ options.put(javax.xml.ws.Endpoint.class, endpoint);
+
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ }
+ catch (Exception e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ }
+ else
+ {
+ try
+ {
+ mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName());
+
+ Map options = new HashMap();
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ }
+ catch (Exception e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ }
+ }
+
+ JBossWSServerAuthContext serverAuthContext = new JBossWSServerAuthContext(modules, mapOptionsByName,
+ this.callbackHandler);
+ serverAuthContext.setControlFlags(controlFlags);
+ return serverAuthContext;
+ }
+
+ @SuppressWarnings("rawtypes")
+ public String getAuthContextID(MessageInfo messageInfo)
+ {
+ SOAPMessage request = (SOAPMessage) messageInfo.getRequestMessage();
+ if (request == null)
+ {
+ return null;
+ }
+ String authContext = null;
+ MimeHeaders headers = request.getMimeHeaders();
+ if (headers != null)
+ {
+ String[] soapActions = headers.getHeader("SOAPAction");
+ if (soapActions != null && soapActions.length > 0)
+ {
+ authContext = soapActions[0];
+ if (!StringUtils.isEmpty(authContext))
+ {
+ return authContext;
+ }
+ }
+ }
+
+ SOAPPart soapMessage = request.getSOAPPart();
+ if (soapMessage != null)
+ {
+ try
+ {
+ SOAPEnvelope envelope = soapMessage.getEnvelope();
+ if (envelope != null)
+ {
+ SOAPBody body = envelope.getBody();
+ if (body != null)
+ {
+
+ Iterator it = body.getChildElements();
+ while (it.hasNext())
+ {
+ Object o = it.next();
+ if (o instanceof SOAPElement)
+ {
+ QName name = ((SOAPElement) o).getElementQName();
+ return name.getLocalPart();
+
+ }
+ }
+ }
+ }
+ }
+ catch (SOAPException se)
+ {
+ //ignore;
+ }
+ }
+
+ return null;
+ }
+
+ public boolean isProtected()
+ {
+ throw new UnsupportedOperationException();
+ }
+
+ @SuppressWarnings(
+ {"unchecked", "rawtypes"})
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name) throws Exception
+ {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[0]);
+ return (ServerAuthModule) ctr.newInstance(new Object[0]);
+ }
+
+ @SuppressWarnings(
+ {"unchecked", "rawtypes"})
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name, String lmshName) throws Exception
+ {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[]
+ {String.class});
+ return (ServerAuthModule) ctr.newInstance(new Object[]
+ {lmshName});
+ }
+
+}
\ No newline at end of file
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+
+/**
+ * JBossWS ServerAuthContext implementation
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.module.ServerAuthModule;
+
+import org.jboss.security.auth.message.config.JBossServerAuthContext;
+
+@SuppressWarnings({"rawtypes"})
+public class JBossWSServerAuthContext extends JBossServerAuthContext
+{
+
+ public JBossWSServerAuthContext(List<ServerAuthModule> modules, Map<String, Map> moduleNameToOptions,
+ CallbackHandler cbh) throws AuthException
+ {
+ super(modules, moduleNameToOptions, cbh);
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,106 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.config;
+/**
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
+ {
+
+ public SecurityContext run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ });
+ }
+
+ static Class<?> loadClass(final ClassLoader cl, final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ if (cl == null)
+ {
+ return loadClass(name);
+ }
+ try
+ {
+ return cl.loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ return loadClass(name);
+ }
+ }
+ });
+ }
+
+ static Class<?> loadClass(final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ try
+ {
+ return getClass().getClassLoader().loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ try
+ {
+ return getContextClassLoader().loadClass(name);
+ }
+ catch (Exception e)
+ {
+ throw new PrivilegedActionException(e);
+ }
+ }
+ }
+ });
+ }
+}
\ No newline at end of file
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,99 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.interceptor;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.SAAJPreInInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.phase.Phase;
+import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
+/**
+ * CXF in interceptor to validateRequest cxf SoapMessage with JaspiServerAuthenticator
+ * @see org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiSeverInInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiServerAuthenticator authManager;
+
+ public JaspiSeverInInterceptor(JaspiServerAuthenticator authManager)
+ {
+ super(Phase.PRE_PROTOCOL);
+ addAfter(SAAJInInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ SAAJInInterceptor saajIn = new SAAJInInterceptor();
+ saajIn.handleMessage(message);
+ }
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ if (soapMessage == null)
+ {
+ return;
+ }
+
+ SOAPMessage copyMessage = null;
+ try
+ {
+ MessageFactory messageFactory = SAAJPreInInterceptor.INSTANCE.getFactory(message);
+ ByteArrayOutputStream bout = new ByteArrayOutputStream();
+ soapMessage.writeTo(bout);
+ copyMessage = messageFactory.createMessage(soapMessage.getMimeHeaders(), new ByteArrayInputStream(bout.toByteArray()));
+ }
+ catch (SOAPException e)
+ {
+ throw new Fault(e);
+ }
+ catch (IOException e)
+ {
+ throw new Fault(e);
+ }
+ if (copyMessage != null) {
+ message.put(SOAPMessage.class, copyMessage);
+ }
+ try
+ {
+ authManager.validateRequest(message);
+ }
+ finally
+ {
+ message.put(SOAPMessage.class, soapMessage);
+ }
+
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.interceptor;
+
+import java.util.ListIterator;
+
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.Interceptor;
+import org.apache.cxf.interceptor.StaxOutInterceptor;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.Phase;
+import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
+
+/**
+ * CXF out interceptor to secureResponse cxf SoapMessage with JaspiServerAuthenticator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiSeverOutInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiServerAuthenticator authManager;
+ private static final SAAJOutInterceptor SAAJ_OUT = new SAAJOutInterceptor();
+
+ public JaspiSeverOutInterceptor(JaspiServerAuthenticator authManager)
+ {
+ super(Phase.PRE_STREAM);
+ addAfter(StaxOutInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (!chainAlreadyContainsSAAJ(message))
+ {
+ SAAJ_OUT.handleMessage(message);
+ }
+ message.getInterceptorChain().add(new JaspiServerOutEndingInterceptor());
+
+ }
+
+ private static boolean chainAlreadyContainsSAAJ(SoapMessage message)
+ {
+ ListIterator<Interceptor<? extends Message>> listIterator = message.getInterceptorChain().getIterator();
+ while (listIterator.hasNext())
+ {
+ if (listIterator.next() instanceof SAAJOutInterceptor)
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public class JaspiServerOutEndingInterceptor extends AbstractSoapInterceptor
+ {
+ public JaspiServerOutEndingInterceptor()
+ {
+ super(Phase.WRITE_ENDING);
+ addAfter(SoapOutInterceptor.SoapOutEndingInterceptor.class.getName());
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ return;
+ }
+ authManager.secureResponse(message);
+ }
+ }
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,32 @@
+package org.jboss.wsf.stack.cxf.jaspi.interceptor;
+
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.plugins.JBossAuthenticationManager;
+
+/*
+ * CXF interceptor to set jaspi JBossAuthenticationManager in message
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiSubjectCreatingInitInterceptor extends AbstractPhaseInterceptor<Message>
+{
+ private final JBossAuthenticationManager authenticationManger;
+
+ public JaspiSubjectCreatingInitInterceptor(String securityDomain) {
+ super(Phase.PRE_INVOKE);
+ this.addBefore("org.jboss.wsf.stack.cxf.security.authentication.JaspiSubjectCreatingInterceptor");
+ authenticationManger = new JBossAuthenticationManager(securityDomain, new JBossCallbackHandler());
+ }
+
+
+ @Override
+ public void handleMessage(Message message) throws Fault
+ {
+ message.put(JBossAuthenticationManager.class, authenticationManger);
+ }
+
+
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.log;
+
+import static org.jboss.logging.Logger.Level.WARN;
+
+import org.jboss.logging.BasicLogger;
+import org.jboss.logging.Cause;
+import org.jboss.logging.LogMessage;
+import org.jboss.logging.Message;
+import org.jboss.logging.MessageLogger;
+
+/**
+ * JBossWS-CXF log messages
+ *
+ * @author alessio.soldano(a)jboss.com
+ */
+@SuppressWarnings("deprecation")
+@MessageLogger(projectCode = "JBWS")
+public interface Loggers extends BasicLogger
+{
+ Loggers ROOT_LOGGER = org.jboss.logging.Logger.getMessageLogger(Loggers.class, "org.jboss.ws.cxf");
+ Loggers DEPLOYMENT_LOGGER = org.jboss.logging.Logger.getMessageLogger(Loggers.class, "org.jboss.ws.cxf.deployment");
+
+ @LogMessage(level = WARN)
+ @Message(id = 24201, value = "No application policy found for security domain '%s'")
+ void noApplicationPolicy(String securityDomain);
+
+ @LogMessage(level = WARN)
+ @Message(id = 24202, value = "No JASPIAuthenticationInfo found for security domain '%s'")
+ void noJaspiApplicationPolicy(String securityDomain);
+
+ @LogMessage(level = WARN)
+ @Message(id = 24203, value = "Can not create Jaspi ServerAuthContext for security domain '%s'")
+ void cannotCreateServerAuthContext(String securityDomain, @Cause Throwable cause);
+
+ @LogMessage(level = WARN)
+ @Message(id = 24204, value = "Can not enable Jaspi authentication for '%s' instance")
+ void cannotEnableJASPIAuthentication(String classname);
+}
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,118 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.module;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.MessagePolicy;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.interceptor.InterceptorProvider;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.jboss.security.auth.container.modules.AbstractServerAuthModule;
+import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSubjectCreatingInitInterceptor;
+
+
+/**
+ * This ServerAuthModule class adds JaspiSubjectCreatingInitInterceptor to authenticate principal and populates Subject
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class UsernameTokenServerAuthModule extends AbstractServerAuthModule
+{
+ private final String securityDomainName;
+
+ @SuppressWarnings("rawtypes")
+ public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, CallbackHandler handler, Map options) throws AuthException
+ {
+ super.initialize(requestPolicy, responsePolicy, handler, options);
+ final javax.xml.ws.Endpoint endpoint = (javax.xml.ws.Endpoint)options.get(javax.xml.ws.Endpoint.class);
+ InterceptorProvider ip = null;
+ if (endpoint == null && options.get(Bus.class) != null)
+ {
+ final Bus bus = (Bus)options.get(Bus.class);
+ bus.setProperty(SecurityConstants.VALIDATE_TOKEN, false);
+ ip = (InterceptorProvider)bus;
+ }
+ if (endpoint != null) {
+ endpoint.getProperties().put(SecurityConstants.VALIDATE_TOKEN, false);
+ ip = (InterceptorProvider)endpoint;
+ }
+ if (ip != null)
+ {
+ JaspiSubjectCreatingInitInterceptor jaspiInterceptor = new JaspiSubjectCreatingInitInterceptor(securityDomainName);
+ ip.getInInterceptors().add(jaspiInterceptor);
+ }
+
+ }
+
+ public UsernameTokenServerAuthModule()
+ {
+ supportedTypes.add(Object.class);
+ supportedTypes.add(SOAPMessage.class);
+ securityDomainName = null;
+ }
+
+ public UsernameTokenServerAuthModule(String lmshName)
+ {
+ supportedTypes.add(Object.class);
+ this.supportedTypes.add(SOAPMessage.class);
+ securityDomainName = lmshName;
+ }
+
+ @Override
+ public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException
+ {
+ return AuthStatus.SUCCESS;
+ }
+
+ public AuthStatus secureResponse(MessageInfo messageInfo, Subject arg1) throws AuthException
+ {
+ return AuthStatus.SUCCESS;
+ }
+
+ protected String getSecurityDomainName()
+ {
+ if (this.securityDomainName != null)
+ return securityDomainName;
+
+ // Check if it is passed in the options
+ String domainName = (String)options.get("javax.security.auth.login.LoginContext");
+ if (domainName == null)
+ {
+ domainName = getClass().getName();
+ }
+ return domainName;
+ }
+
+ @Override
+ protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
+ {
+ return true;
+ }
+
+}
\ No newline at end of file
Property changes on: stack/cxf/trunk/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: stack/cxf/trunk/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider
===================================================================
--- stack/cxf/trunk/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider (rev 0)
+++ stack/cxf/trunk/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1 @@
+org.jboss.wsf.stack.cxf.jaspi.DefaultJASPIAuthenticationProvider
Modified: stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-client/main/module.xml
===================================================================
--- stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-client/main/module.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-client/main/module.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -47,5 +47,8 @@
<module name="org.jboss.ws.cxf.jbossws-cxf-transports-undertow" export="true" services="export" />
<module name="org.jboss.ws.cxf.jbossws-cxf-transports-udp" export="true" services="export" />
<module name="org.jboss.jaxbintros" export="true"/>
+ <module name="javax.security.auth.message.api" export="true"/>
+ <module name="org.picketbox" export="true"/>
+ <module name="org.apache.ws.security" export="true"/>
</dependencies>
</module>
Modified: stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-server/main/module.xml
===================================================================
--- stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-server/main/module.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/cxf/jbossws-cxf-server/main/module.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -34,6 +34,7 @@
<dependencies>
<module name="javax.api" />
+ <module name="javax.security.auth.message.api"/>
<module name="javax.servlet.api" />
<module name="javax.jws.api" />
<module name="javax.wsdl4j.api" />
Modified: stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/jaxws-client/main/module.xml
===================================================================
--- stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/jaxws-client/main/module.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/resources/src/main/resources/modules/wildfly800/org/jboss/ws/jaxws-client/main/module.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -36,6 +36,7 @@
<module name="javax.api" />
<module name="javax.servlet.api" />
<module name="javax.xml.bind.api" />
+ <module name="javax.security.auth.message.api"/>
<module name="com.sun.xml.bind" services="import"/>
<module name="javax.xml.ws.api" />
<module name="org.jboss.ws.api" />
@@ -65,6 +66,7 @@
<module name="org.apache.neethi" />
<module name="org.apache.ws.security" />
<module name="org.jboss.logging" />
+ <module name="org.picketbox"/>
<module name="org.springframework.spring" optional="true">
<imports>
<include path="META-INF"/>
Modified: stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml
===================================================================
--- stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/resources/src/main/resources/resources/jbossws-deploy-macros.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -38,6 +38,7 @@
<copy todir="@{targetdir}/org/jboss/ws/jaxws-client/main" flatten="false" overwrite="true">
<fileset dir="@{thirdpartydir}/lib">
<include name="**/jbossws-cxf-client.jar"/>
+ <include name="**/jbossws-cxf-jaspi.jar"/>
</fileset>
</copy>
<copy todir="@{targetdir}/org/jboss/ws/jaxws-undertow-httpspi/main" flatten="false" overwrite="true">
Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java
===================================================================
--- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -50,11 +50,16 @@
import org.apache.cxf.ws.policy.selector.MaximalAlternativeSelector;
import org.jboss.ws.api.annotation.PolicySets;
import org.jboss.ws.api.binding.BindingCustomization;
+import org.jboss.wsf.spi.SPIProvider;
+import org.jboss.wsf.spi.WSFException;
+import org.jboss.wsf.spi.classloading.ClassLoaderProvider;
import org.jboss.wsf.spi.deployment.AnnotationsInfo;
import org.jboss.wsf.spi.deployment.Deployment;
import org.jboss.wsf.spi.deployment.Endpoint;
import org.jboss.wsf.spi.deployment.UnifiedVirtualFile;
import org.jboss.wsf.spi.metadata.webservices.JBossWebservicesMetaData;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
+import org.jboss.wsf.stack.cxf.Loggers;
import org.jboss.wsf.stack.cxf.client.Constants;
import org.jboss.wsf.stack.cxf.deployment.WSDLFilePublisher;
import org.jboss.wsf.stack.cxf.extensions.policy.PolicySetsAnnotationListener;
@@ -63,6 +68,7 @@
import org.jboss.wsf.stack.cxf.interceptor.HandlerAuthInterceptor;
import org.jboss.wsf.stack.cxf.interceptor.NsCtxSelectorStoreInterceptor;
import org.jboss.wsf.stack.cxf.management.InstrumentationManagerExtImpl;
+import org.jboss.wsf.stack.cxf.security.authentication.AutenticationMgrSubjectCreatingInterceptor;
import org.jboss.wsf.stack.cxf.transport.JBossWSDestinationRegistryImpl;
/**
@@ -113,6 +119,24 @@
Map<String, String> props = (wsmd == null) ? null : wsmd.getProperties();
setInterceptors(bus, props);
+ dep.addAttachment(Bus.class, bus);
+
+ try
+ {
+ final JASPIAuthenticationProvider jaspiProvider = SPIProvider.getInstance().getSPI(
+ JASPIAuthenticationProvider.class,
+ ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
+
+ if (jaspiProvider != null && jaspiProvider.enableServerAuthentication(dep, wsmd))
+ {
+ bus.getInInterceptors().add(new AutenticationMgrSubjectCreatingInterceptor());
+ }
+ }
+ catch (WSFException e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotFindJaspiClasses();
+ }
+
setResourceResolver(bus, resolver);
if (bus.getExtension(PolicyEngine.class) != null)
@@ -281,6 +305,8 @@
return selector;
}
+
+
private static AutomaticWorkQueue createWorkQueue(String name, Map<String, String> props) {
int mqs = parseInt(props.get(Constants.CXF_QUEUE_MAX_QUEUE_SIZE_PROP), 256);
int initialThreads = parseInt(props.get(Constants.CXF_QUEUE_INITIAL_THREADS_PROP), 0);
Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java
===================================================================
--- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -28,16 +28,22 @@
import org.apache.cxf.frontend.ServerFactoryBean;
import org.jboss.ws.api.annotation.EndpointConfig;
import org.jboss.ws.common.management.AbstractServerConfig;
+import org.jboss.wsf.spi.SPIProvider;
+import org.jboss.wsf.spi.WSFException;
+import org.jboss.wsf.spi.classloading.ClassLoaderProvider;
import org.jboss.wsf.spi.deployment.Endpoint;
import org.jboss.wsf.spi.deployment.UnifiedVirtualFile;
import org.jboss.wsf.spi.management.ServerConfig;
import org.jboss.wsf.spi.metadata.config.ConfigMetaDataParser;
import org.jboss.wsf.spi.metadata.config.ConfigRoot;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
import org.jboss.wsf.stack.cxf.JBossWSInvoker;
+import org.jboss.wsf.stack.cxf.Loggers;
import org.jboss.wsf.stack.cxf.Messages;
import org.jboss.wsf.stack.cxf.client.configuration.BeanCustomizer;
import org.jboss.wsf.stack.cxf.deployment.EndpointImpl;
import org.jboss.wsf.stack.cxf.deployment.WSDLFilePublisher;
+import org.jboss.wsf.stack.cxf.security.authentication.AutenticationMgrSubjectCreatingInterceptor;
/**
*
@@ -150,13 +156,26 @@
{
UnifiedVirtualFile vf = deploymentRoot.findChild(configFile);
ConfigRoot config = ConfigMetaDataParser.parse(vf.toURL());
- endpoint.setEndpointConfig(config.getEndpointConfigByName(configName));
+ endpoint.setEndpointConfig(config.getEndpointConfigByName(configName));
}
catch (IOException e)
{
throw Messages.MESSAGES.couldNotReadConfigFile(configFile);
}
}
+ try
+ {
+ final JASPIAuthenticationProvider jaspiProvider = SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class,
+ ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
+ if (jaspiProvider != null && jaspiProvider.enableServerAuthentication(endpoint, depEndpoints.get(0)))
+ {
+ endpoint.getInInterceptors().add(new AutenticationMgrSubjectCreatingInterceptor());
+ }
+ }
+ catch (WSFException e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotFindJaspiClasses();
+ }
}
}
@@ -191,5 +210,7 @@
{
this.epConfigFile = epConfigFile;
}
+
+
}
Copied: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java (from rev 18409, stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java)
===================================================================
--- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java (rev 0)
+++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -0,0 +1,73 @@
+package org.jboss.wsf.stack.cxf.security.authentication;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.apache.cxf.common.security.SecurityToken;
+import org.apache.cxf.common.security.TokenType;
+import org.apache.cxf.common.security.UsernameToken;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.security.SecurityContext;
+import org.apache.ws.security.WSUsernameTokenPrincipal;
+import org.jboss.security.plugins.JBossAuthenticationManager;
+import org.jboss.wsf.stack.cxf.Loggers;
+import org.jboss.wsf.stack.cxf.Messages;
+
+/*
+ * Interceptor to authenticate principal with provided jaspi JBossAuthenticationManager
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class AutenticationMgrSubjectCreatingInterceptor extends SubjectCreatingPolicyInterceptor
+{
+
+ public AutenticationMgrSubjectCreatingInterceptor() {
+ super();
+ }
+
+
+ @Override
+ public void handleMessage(Message message) throws Fault
+ {
+ JBossAuthenticationManager authenticationManger = message.get(JBossAuthenticationManager.class);
+ if (authenticationManger == null) {
+ return;
+ }
+ SecurityContext context = message.get(SecurityContext.class);
+ if (context == null || context.getUserPrincipal() == null)
+ {
+ Loggers.SECURITY_LOGGER.userPrincipalNotAvailableOnCurrentMessage();
+ return;
+ }
+
+ SecurityToken token = message.get(SecurityToken.class);
+ Subject subject = null;
+ if (token != null)
+ {
+ //Try authenticating using SecurityToken info
+ if (token.getTokenType() != TokenType.UsernameToken)
+ {
+ throw Messages.MESSAGES.unsupportedTokenType(token.getTokenType());
+ }
+ UsernameToken ut = (UsernameToken) token;
+ subject = helper.createSubject(authenticationManger, ut.getName(), ut.getPassword(), ut.isHashed(), ut.getNonce(), ut.getCreatedTime());
+
+ }
+ else
+ {
+ //Try authenticating using WSS4J internal info (previously set into SecurityContext by WSS4JInInterceptor)
+ Principal p = context.getUserPrincipal();
+ if (!(p instanceof WSUsernameTokenPrincipal)) {
+ throw Messages.MESSAGES.couldNotGetSubjectInfo();
+ }
+ WSUsernameTokenPrincipal up = (WSUsernameTokenPrincipal) p;
+ subject = helper.createSubject(authenticationManger, up.getName(), up.getPassword(), up.isPasswordDigest(), up.getNonce(), up.getCreatedTime());
+ }
+
+ Principal principal = getPrincipal(context.getUserPrincipal(), subject);
+ message.put(SecurityContext.class, createSecurityContext(principal, subject));
+ }
+
+
+}
Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java
===================================================================
--- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -60,12 +60,12 @@
*/
public class SubjectCreatingInterceptor extends WSS4JInInterceptor
{
+ protected SubjectCreator helper = new SubjectCreator();
+
private static final Logger LOG = LogUtils.getL7dLogger(SubjectCreatingInterceptor.class);
private ThreadLocal<SecurityDomainContext> sdc = new ThreadLocal<SecurityDomainContext>();
-
- private SubjectCreator helper = new SubjectCreator();
-
+
private boolean supportDigestPasswords;
public SubjectCreatingInterceptor()
Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingPolicyInterceptor.java
===================================================================
--- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingPolicyInterceptor.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingPolicyInterceptor.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -51,7 +51,7 @@
*/
public class SubjectCreatingPolicyInterceptor extends AbstractPhaseInterceptor<Message>
{
- private SubjectCreator helper = new SubjectCreator();
+ protected SubjectCreator helper = new SubjectCreator();
public SubjectCreatingPolicyInterceptor()
{
@@ -99,7 +99,7 @@
message.put(SecurityContext.class, createSecurityContext(principal, subject));
}
- private Subject createSubject(SecurityDomainContext sdc, String name, String password, boolean isDigest, String nonce, String creationTime)
+ protected Subject createSubject(SecurityDomainContext sdc, String name, String password, boolean isDigest, String nonce, String creationTime)
{
Subject subject = null;
try
Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreator.java
===================================================================
--- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreator.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreator.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -35,6 +35,7 @@
import org.apache.cxf.common.security.SimplePrincipal;
import org.jboss.security.auth.callback.CallbackHandlerPolicyContextHandler;
+import org.jboss.security.plugins.JBossAuthenticationManager;
import org.jboss.ws.common.utils.DelegateClassLoader;
import org.jboss.wsf.spi.classloading.ClassLoaderProvider;
import org.jboss.wsf.spi.security.SecurityDomainContext;
@@ -124,8 +125,67 @@
}
return subject;
}
+ //TODO:refactor this
+ public Subject createSubject(JBossAuthenticationManager manager, String name, String password, boolean isDigest, String nonce, String created)
+ {
+ if (isDigest)
+ {
+ verifyUsernameToken(nonce, created);
+ // It is not possible at the moment to figure out if the digest has been created
+ // using the original nonce bytes or the bytes of the (Base64)-encoded nonce, some
+ // legacy clients might use the (Base64)-encoded nonce bytes when creating a digest;
+ // lets default to true and assume the nonce has been Base-64 encoded, given that
+ // WSS4J client Base64-decodes the nonce before creating the digest
- private void verifyUsernameToken(String nonce, String created)
+ CallbackHandler handler = new UsernameTokenCallbackHandler(nonce, created, decodeNonce);
+ CallbackHandlerPolicyContextHandler.setCallbackHandler(handler);
+ }
+
+ // authenticate and populate Subject
+
+
+ Principal principal = new SimplePrincipal(name);
+ Subject subject = new Subject();
+
+ boolean TRACE = SECURITY_LOGGER.isTraceEnabled();
+ if (TRACE)
+ SECURITY_LOGGER.aboutToAuthenticate(manager.getSecurityDomain());
+
+ try
+ {
+ ClassLoader tccl = SecurityActions.getContextClassLoader();
+ //allow PicketBox to see jbossws modules' classes
+ SecurityActions.setContextClassLoader(createDelegateClassLoader(ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader(), tccl));
+ try
+ {
+ if (manager.isValid(principal, password, subject) == false)
+ {
+ throw MESSAGES.authenticationFailed(principal.getName());
+ }
+ }
+ finally
+ {
+ SecurityActions.setContextClassLoader(tccl);
+ }
+ }
+ finally
+ {
+ if (isDigest)
+ {
+ // does not remove the TL entry completely but limits the potential
+ // growth to a number of available threads in a container
+ CallbackHandlerPolicyContextHandler.setCallbackHandler(null);
+ }
+ }
+
+ if (TRACE)
+ SECURITY_LOGGER.authenticated(name);
+
+ return subject;
+ }
+
+
+ protected void verifyUsernameToken(String nonce, String created)
{
if (created != null)
{
Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml
===================================================================
--- stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -468,7 +468,6 @@
</metainf>
</jar>
-
<!-- jaxws-samples-wsse-policy-trust-actas -->
<war
warfile="${tests.output.dir}/test-libs/jaxws-samples-wsse-policy-trust-actas.war"
@@ -542,7 +541,6 @@
value="org.jboss.ws.cxf.jbossws-cxf-client, org.apache.cxf.impl"/>
</manifest>
</war>
-
<!-- jaxws-samples-wsse-policy-trustPicketLink-sts -->
<war
warfile="${tests.output.dir}/test-libs/jaxws-samples-wsse-policy-trustPicketLink-sts.war"
@@ -629,7 +627,62 @@
<attribute name="Dependencies" value="org.jboss.ws.cxf.jbossws-cxf-client,org.apache.cxf.impl"/> <!-- cxf impl required due to custom interceptor in deployment -->
</manifest>
</war>
+
+ <!-- jaxws-samples-wsse-policy-username-jaspi -->
+ <war
+ warfile="${tests.output.dir}/test-libs/jaxws-samples-wsse-policy-username-endpoint-jaspi.war"
+ webxml="${tests.output.dir}/test-resources/jaxws/samples/wsse/policy/jaspi/WEB-INF/web.xml">
+ <classes dir="${tests.output.dir}/test-classes">
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceIface.class"/>
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceEndpointImpl.class"/>
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaxws/*.class"/>
+ </classes>
+ <webinf dir="${tests.output.dir}/test-resources/jaxws/samples/wsse/policy/jaspi/WEB-INF">
+ <include name="jaxws-*.xml"/>
+ <include name="wsdl/*"/>
+ </webinf>
+ <manifest>
+ <attribute name="Dependencies" value="org.jboss.ws.cxf.jbossws-cxf-client,org.apache.cxf.impl"/> <!-- cxf impl required due to custom interceptor in deployment -->
+ </manifest>
+ </war>
+ <!-- jaxws-samples-wsse-policy-username-jaspi-jbossws -->
+ <war
+ warfile="${tests.output.dir}/test-libs/jaxws-samples-wsse-policy-username-jbws-jaspi.war"
+ webxml="${tests.output.dir}/test-resources/jaxws/samples/wsse/policy/jaspi/WEB-INF2/web.xml">
+ <classes dir="${tests.output.dir}/test-classes">
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceIface.class"/>
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceImpl.class"/>
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaxws/*.class"/>
+ </classes>
+ <webinf dir="${tests.output.dir}/test-resources/jaxws/samples/wsse/policy/jaspi/WEB-INF2">
+ <include name="jboss-*.xml"/>
+ <include name="wsdl/*"/>
+ </webinf>
+ <manifest>
+ <attribute name="Dependencies" value="org.jboss.ws.cxf.jbossws-cxf-client,org.apache.cxf.impl"/> <!-- cxf impl required due to custom interceptor in deployment -->
+ </manifest>
+ </war>
+
+ <!-- jaxws-samples-wsse-policy-username-jaspi-client -->
+ <war
+ warfile="${tests.output.dir}/test-libs/jaxws-samples-wsse-policy-username-jaspi-client.war" needxmlfile="false">
+ <classes dir="${tests.output.dir}/test-classes">
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/Helper.class"/>
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/ServiceIface.class"/>
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/UsernamePasswordCallback.class"/>
+ <include name="org/jboss/test/ws/jaxws/samples/wsse/policy/jaxws/*.class"/>
+ <include name="org/jboss/wsf/test/TestServlet.class"/>
+ <include name="org/jboss/wsf/test/ClientHelper.class"/>
+ </classes>
+ <classes dir="${tests.output.dir}/test-resources/jaxws/samples/wsse/policy/jaspi">
+ <include name="META-INF/jaxws-client-config.xml"/>
+ </classes>
+ <manifest>
+ <attribute name="Dependencies" value="org.jboss.ws.cxf.jbossws-cxf-client,org.apache.cxf.impl"/> <!-- cxf impl required due to custom interceptor in deployment -->
+ </manifest>
+ </war>
+
<!-- jaxws-samples-wsse-policy-username-jaas-digest -->
<war
warfile="${tests.output.dir}/test-libs/jaxws-samples-wsse-policy-username-jaas-digest.war"
Modified: stack/cxf/trunk/modules/testsuite/pom.xml
===================================================================
--- stack/cxf/trunk/modules/testsuite/pom.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/testsuite/pom.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -73,6 +73,11 @@
</dependency>
<dependency>
<groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf-jaspi</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.ws.cxf</groupId>
<artifactId>jbossws-cxf-factories</artifactId>
<version>${project.version}</version>
</dependency>
@@ -870,6 +875,7 @@
<!-- Manually setup KDC before run this test-->
<exclude>org/jboss/test/ws/jaxws/samples/wsse/kerberos/*TestCase*</exclude>
+
</excludes>
</configuration>
</plugin>
Modified: stack/cxf/trunk/modules/testsuite/test-utils/src/main/java/org/jboss/wsf/test/JBossWSTestHelper.java
===================================================================
--- stack/cxf/trunk/modules/testsuite/test-utils/src/main/java/org/jboss/wsf/test/JBossWSTestHelper.java 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/modules/testsuite/test-utils/src/main/java/org/jboss/wsf/test/JBossWSTestHelper.java 2014-02-24 12:56:33 UTC (rev 18411)
@@ -389,6 +389,13 @@
getDeployer().addSecurityDomain(name, authenticationOptions);
}
+ public static void addJaspiSecurityDomain(String name, String loginModuleStackName, Map<String, String> loginModuleOptions, String authModuleName,
+ Map<String, String> authModuleOptions) throws Exception
+ {
+ getDeployer().addJaspiSecurityDomain(name, loginModuleStackName, loginModuleOptions, authModuleName, authModuleOptions);
+ }
+
+
public static void removeSecurityDomain(String name) throws Exception
{
getDeployer().removeSecurityDomain(name);
Modified: stack/cxf/trunk/pom.xml
===================================================================
--- stack/cxf/trunk/pom.xml 2014-02-24 09:51:06 UTC (rev 18410)
+++ stack/cxf/trunk/pom.xml 2014-02-24 12:56:33 UTC (rev 18411)
@@ -50,6 +50,7 @@
<!-- Modules -->
<modules>
+ <!--module>modules/jaspi</module-->
<module>modules/server</module>
<module>modules/client</module>
<module>modules/endorsed</module>
@@ -108,6 +109,7 @@
<wstx.version>4.2.0</wstx.version>
<spring.version>3.0.7.RELEASE</spring.version>
<shrinkwrap.version>1.1.3</shrinkwrap.version>
+ <jaspi.api.version>1.0.0.Alpha1</jaspi.api.version>
</properties>
@@ -1156,6 +1158,11 @@
<artifactId>jboss-servlet-api_3.0_spec</artifactId>
<version>${servlet.api.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.jboss.spec.javax.security.auth.message</groupId>
+ <artifactId>jboss-jaspi-api_1.1_spec</artifactId>
+ <version>${jaspi.api.version}</version>
+ </dependency>
<!-- jboss provided -->
<dependency>
10 years, 7 months
JBossWS SVN: r18410 - stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/udp.
by jbossws-commits@lists.jboss.org
Author: psakar
Date: 2014-02-24 04:51:06 -0500 (Mon, 24 Feb 2014)
New Revision: 18410
Modified:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/udp/UDPEndpointAPITestCase.java
Log:
[JBWS-3721] Fixing testcase - improve readability
Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/udp/UDPEndpointAPITestCase.java
===================================================================
--- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/udp/UDPEndpointAPITestCase.java 2014-02-24 03:34:56 UTC (rev 18409)
+++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/udp/UDPEndpointAPITestCase.java 2014-02-24 09:51:06 UTC (rev 18410)
@@ -63,7 +63,7 @@
public void testClientSide() throws Exception
{
if (!isProperNetworkSetup()) {
- System.out.println("Skipping broadcast test: no non-loopback IPv4 interface available");
+ System.out.println("Skipping broadcast test: no non-loopback IPv4 interface available"); //IPv6 does not support broadcast, so some IPv4 nonloopback interface with broacast is required
return;
}
Bus bus = BusFactory.newInstance().createBus();
@@ -88,22 +88,15 @@
private boolean isProperNetworkSetup() throws Exception {
Enumeration<NetworkInterface> interfaces = NetworkInterface.getNetworkInterfaces();
- int count = 0;
while (interfaces.hasMoreElements())
{
NetworkInterface networkInterface = interfaces.nextElement();
- if (!networkInterface.isUp() || networkInterface.isLoopback() || !isBroadcastAddressAvailable(networkInterface))
+ if (networkInterface.isUp() && !networkInterface.isLoopback() && isBroadcastAddressAvailable(networkInterface))
{
- continue;
+ return true;
}
- count++;
}
- if (count == 0)
- {
- //no non-loopbacks, cannot do broadcasts
- return false;
- }
- return true;
+ return false;
}
private boolean isBroadcastAddressAvailable(NetworkInterface networkInterface) {
10 years, 7 months
JBossWS SVN: r18409 - in spi/trunk/src/main/java/org/jboss/wsf/spi: security and 1 other directory.
by jbossws-commits@lists.jboss.org
Author: jim.ma
Date: 2014-02-23 22:34:56 -0500 (Sun, 23 Feb 2014)
New Revision: 18409
Added:
spi/trunk/src/main/java/org/jboss/wsf/spi/security/JASPIAuthenticationProvider.java
Modified:
spi/trunk/src/main/java/org/jboss/wsf/spi/deployer/Deployer.java
Log:
[JBWS-3767]:Add apis for jaspi soap profile
Modified: spi/trunk/src/main/java/org/jboss/wsf/spi/deployer/Deployer.java
===================================================================
--- spi/trunk/src/main/java/org/jboss/wsf/spi/deployer/Deployer.java 2014-02-22 01:49:07 UTC (rev 18408)
+++ spi/trunk/src/main/java/org/jboss/wsf/spi/deployer/Deployer.java 2014-02-24 03:34:56 UTC (rev 18409)
@@ -51,6 +51,11 @@
*/
void addSecurityDomain(String name, Map<String,String> authenticationOptions) throws Exception;
+
+ public void addJaspiSecurityDomain(String name, String loginModuleStackName, Map<String, String> loginModuleOptions,
+ String authModuleName, Map<String, String> authModuleOptions) throws Exception;
+
+
/**
* Removes a security domain
*
Added: spi/trunk/src/main/java/org/jboss/wsf/spi/security/JASPIAuthenticationProvider.java
===================================================================
--- spi/trunk/src/main/java/org/jboss/wsf/spi/security/JASPIAuthenticationProvider.java (rev 0)
+++ spi/trunk/src/main/java/org/jboss/wsf/spi/security/JASPIAuthenticationProvider.java 2014-02-24 03:34:56 UTC (rev 18409)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2014, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.spi.security;
+
+import java.util.Map;
+
+import org.jboss.wsf.spi.deployment.Deployment;
+import org.jboss.wsf.spi.deployment.Endpoint;
+import org.jboss.wsf.spi.metadata.webservices.JBossWebservicesMetaData;
+
+/**
+ * Interface to enable jaspi authentication on server/client side
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public interface JASPIAuthenticationProvider
+{
+ boolean enableClientAuthentication(Object target, Map<String, String> properties);
+ boolean enableServerAuthentication(Deployment dep, JBossWebservicesMetaData wsmd);
+ public boolean enableServerAuthentication(Object target, Endpoint endpoint);
+
+}
Property changes on: spi/trunk/src/main/java/org/jboss/wsf/spi/security/JASPIAuthenticationProvider.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
10 years, 7 months
JBossWS SVN: r18408 - stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1172.
by jbossws-commits@lists.jboss.org
Author: klape
Date: 2014-02-21 20:49:07 -0500 (Fri, 21 Feb 2014)
New Revision: 18408
Modified:
stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1172/JBWS1172TestCase.java
Log:
[JBPAPP-11003] Fixing schema validation test cases
Modified: stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1172/JBWS1172TestCase.java
===================================================================
--- stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1172/JBWS1172TestCase.java 2014-02-21 19:17:52 UTC (rev 18407)
+++ stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1172/JBWS1172TestCase.java 2014-02-22 01:49:07 UTC (rev 18408)
@@ -63,7 +63,7 @@
public void testSchemaValidationPositive() throws Exception
{
URL wsdlURL = getResourceURL("jaxws/jbws1172/WEB-INF/wsdl/TestService.wsdl");
- Map<String, byte[]> xsdStreams = new SchemaExtractor().getSchemas(wsdlURL);
+ Map<String, byte[]> xsdStreams = new SchemaExtractor(wsdlURL).getSchemasFromWsdl();
String inxml = "<tns:performTest xmlns:tns='http://www.my-company.it/ws/my-test'><Code>1000</Code></tns:performTest>";
new SchemaValidationHelper(xsdStreams).validateDocument(inxml);
}
@@ -71,7 +71,7 @@
public void testSchemaValidationNegative() throws Exception
{
URL wsdlURL = getResourceURL("jaxws/jbws1172/WEB-INF/wsdl/TestService.wsdl");
- Map<String, byte[]> xsdStreams = new SchemaExtractor().getSchemas(wsdlURL);
+ Map<String, byte[]> xsdStreams = new SchemaExtractor(wsdlURL).getSchemasFromWsdl();
String inxml = "<tns:performTest xmlns:tns='http://www.my-company.it/ws/my-test'><Code>2000</Code></tns:performTest>";
try
{
@@ -80,14 +80,14 @@
catch (SAXException ex)
{
String msg = ex.getMessage();
- assertTrue("Unexpectd message: " + msg, msg.indexOf("Value '2000' is not facet-valid with respect to maxInclusive '1000'") > 0);
+ assertTrue("Unexpected message: " + msg, msg.indexOf("Value '2000' is not facet-valid with respect to maxInclusive '1000'") > 0);
}
}
public void testEndpointWsdlValidation() throws Exception
{
URL wsdlURL = new URL("http://" + getServerHost() + ":8080/jaxws-jbws1172/noval?wsdl");
- Map<String, byte[]> xsdStreams = new SchemaExtractor().getSchemas(wsdlURL);
+ Map<String, byte[]> xsdStreams = new SchemaExtractor(wsdlURL).getSchemasFromWsdl();
String inxml = "<tns:performTest xmlns:tns='http://www.my-company.it/ws/my-test'><Code>1000</Code></tns:performTest>";
new SchemaValidationHelper(xsdStreams).validateDocument(inxml);
}
10 years, 8 months
JBossWS SVN: r18407 - in stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws: extensions/validation and 1 other directory.
by jbossws-commits@lists.jboss.org
Author: klape
Date: 2014-02-21 14:17:52 -0500 (Fri, 21 Feb 2014)
New Revision: 18407
Modified:
stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyElementDoc.java
stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java
Log:
[JBPAPP-11003] Schema resource handling now uses URLs rather than filenames so VFS can be utilized
Modified: stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyElementDoc.java
===================================================================
--- stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyElementDoc.java 2014-02-21 17:54:06 UTC (rev 18406)
+++ stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyElementDoc.java 2014-02-21 19:17:52 UTC (rev 18407)
@@ -98,14 +98,13 @@
private void validatePayload(Source source)
{
- SchemaExtractor schemaExtractor = new SchemaExtractor();
try
{
CommonMessageContext msgContext = MessageContextAssociation.peekMessageContext();
EndpointMetaData epMetaData = msgContext.getEndpointMetaData();
feature = epMetaData.getFeature(SchemaValidationFeature.class);
URL xsdURL = feature.getSchemaLocation() != null ? new URL(feature.getSchemaLocation()) : null;
- Map<String, byte[]> xsdStreams = new HashMap<String, byte[]>();
+ Map<String, byte[]> xsdStreams = null;
if (xsdURL == null)
{
URL wsdlURL = epMetaData.getServiceMetaData().getWsdlFileOrLocation();
@@ -115,21 +114,18 @@
}
else
{
- xsdStreams = schemaExtractor.getSchemas(wsdlURL);
+ SchemaExtractor schemaExtractor = new SchemaExtractor(wsdlURL);
+ xsdStreams = schemaExtractor.getSchemasFromWsdl();
}
}
- if (xsdURL != null)
+ else
{
- ErrorHandler errorHandler = feature.getErrorHandler();
- Element xmlDOM = DOMUtils.sourceToElement(source);
- new SchemaValidationHelper(xsdURL).setErrorHandler(errorHandler).validateDocument(xmlDOM);
+ SchemaExtractor schemaExtractor = new SchemaExtractor(xsdURL);
+ xsdStreams = schemaExtractor.getSchemas();
}
- else //xsdStreams != null
- {
- ErrorHandler errorHandler = feature.getErrorHandler();
- Element xmlDOM = DOMUtils.sourceToElement(source);
- new SchemaValidationHelper(xsdStreams).setErrorHandler(errorHandler).validateDocument(xmlDOM);
- }
+ ErrorHandler errorHandler = feature.getErrorHandler();
+ Element xmlDOM = DOMUtils.sourceToElement(source);
+ new SchemaValidationHelper(xsdStreams).setErrorHandler(errorHandler).validateDocument(xmlDOM);
}
catch (RuntimeException rte)
{
Modified: stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java
===================================================================
--- stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java 2014-02-21 17:54:06 UTC (rev 18406)
+++ stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java 2014-02-21 19:17:52 UTC (rev 18407)
@@ -23,10 +23,10 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
-import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.io.File;
import java.io.OutputStreamWriter;
import java.net.URL;
import java.util.ArrayList;
@@ -62,8 +62,10 @@
// provide logging
private static Logger log = Logger.getLogger(SchemaExtractor.class);
private static Transformer transformer = null;
- private String path;
- static {
+ private URL topLevelResource;
+
+ static
+ {
try
{
transformer = TransformerFactory.newInstance().newTransformer();
@@ -72,18 +74,31 @@
{
throw new RuntimeException(e);
}
+ }
+ public SchemaExtractor(URL wsdlURL)
+ {
+ this.topLevelResource = wsdlURL;
}
- public Map<String, byte[]> getSchemas(URL wsdlURL) throws IOException
+
+ public Map<String, byte[]> getSchemas() throws IOException
{
- Map<String, byte[]> streams = new HashMap<String, byte[]>();
- //Get the path to the WSDL
- String wsdlFile = wsdlURL.getFile();
- int lastSlash = wsdlFile.lastIndexOf(File.separator);
- path = wsdlFile.substring(0, lastSlash+1);
+ Map<String, byte[]> streams = new HashMap<String, byte[]>();
+ Element root = DOMUtils.parse(topLevelResource.openStream());
+ List<Element> list = new ArrayList<Element>();
+ list.add(root);
+ //no need to propagate any namespaces here
+ List<Attr> nsAttrs = new ArrayList<Attr>();
+ processSchemas(streams, list, nsAttrs);
+ return streams;
+ }
+ public Map<String, byte[]> getSchemasFromWsdl() throws IOException
+ {
+ Map<String, byte[]> streams = new HashMap<String, byte[]>();
+
// parse the wsdl
- Element root = DOMUtils.parse(wsdlURL.openStream());
+ Element root = DOMUtils.parse(topLevelResource.openStream());
List<Attr> nsAttrs = getNamespaceAttrs(root);
@@ -105,6 +120,14 @@
return null;
}
+ processSchemas(streams, schemaElements, nsAttrs);
+
+ return streams;
+ }
+
+ private void processSchemas(Map<String, byte[]> streams, List<Element> schemaElements, List<Attr> nsAttrs)
+ throws IOException
+ {
for (Element schemaElement : schemaElements)
{
@@ -124,8 +147,6 @@
+ schemaElement.getAttribute("targetNamespace"));
}
-
-
for (Attr nsAttr : nsAttrs)
{
@@ -147,8 +168,6 @@
String tns = newSchemeElement.getAttribute("targetNamespace");
streams.put(tns, outStream.toByteArray());
}
-
- return streams;
}
private List<Attr> getNamespaceAttrs(Element element)
@@ -191,7 +210,7 @@
try
{
- FileInputStream in = new FileInputStream( path + schemaLocation );
+ InputStream in = new URL( getUrlPath() + schemaLocation ).openStream();
outStream = new ByteArrayOutputStream();
int bt = 0;
@@ -212,8 +231,15 @@
}
catch(IOException ioe)
{
- log.warn("Error obtaining schema: " + path + schemaLocation);
+ log.warn("Error obtaining schema: " + getUrlPath() + schemaLocation);
}
}
}
+
+ private String getUrlPath()
+ {
+ String resStr = topLevelResource.toString();
+ int lastSlash = resStr.lastIndexOf("/");
+ return resStr.substring(0, lastSlash+1);
+ }
}
10 years, 8 months
JBossWS SVN: r18406 - in stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869: modules/core/src/main/java/org/jboss/ws/extensions/validation and 1 other directory.
by jbossws-commits@lists.jboss.org
Author: klape
Date: 2014-02-21 12:54:06 -0500 (Fri, 21 Feb 2014)
New Revision: 18406
Modified:
stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java
stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/pom.xml
Log:
[JBPAPP-10869] Schema extractor should allow filenames with non-alphabetic characters
Modified: stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java
===================================================================
--- stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java 2014-02-21 16:03:51 UTC (rev 18405)
+++ stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/modules/core/src/main/java/org/jboss/ws/extensions/validation/SchemaExtractor.java 2014-02-21 17:54:06 UTC (rev 18406)
@@ -23,6 +23,7 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
+import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -77,9 +78,9 @@
{
Map<String, byte[]> streams = new HashMap<String, byte[]>();
//Get the path to the WSDL
- Pattern p = Pattern.compile("[a-zA-Z]+\\.[a-zA-Z]+$");
- Matcher m = p.matcher(wsdlURL.getFile());
- path = m.replaceFirst("");
+ String wsdlFile = wsdlURL.getFile();
+ int lastSlash = wsdlFile.lastIndexOf(File.separator);
+ path = wsdlFile.substring(0, lastSlash+1);
// parse the wsdl
Element root = DOMUtils.parse(wsdlURL.openStream());
Modified: stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/pom.xml
===================================================================
--- stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/pom.xml 2014-02-21 16:03:51 UTC (rev 18405)
+++ stack/native/branches/jbossws-native-3.1.2.SP15-patch-01_JBPAPP-10869/pom.xml 2014-02-21 17:54:06 UTC (rev 18406)
@@ -74,7 +74,7 @@
<woodstox.version>3.2.9</woodstox.version>
<wsdl4j.version>1.6.2</wsdl4j.version>
<xmlsec.version>1.5.1</xmlsec.version>
- <xalan.version>2.7.1-patch-05</xalan.version>
+ <xalan.version>2.7.1-patch-04</xalan.version>
<xerces.version>2.9.1</xerces.version>
</properties>
10 years, 8 months