[jbossws-commits] JBossWS SVN: r12449 - in stack/cxf/trunk/modules: server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication and 7 other directories.

Author: sergeyb Date: 2010-06-09 07:00:55 -0400 (Wed, 09 Jun 2010) New Revision: 12449 Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpoint.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpointImpl.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMe.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMeResponse.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHello.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHelloResponse.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/UsernamePasswordCallback.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/WsseEjbTestCase.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsseEJB/ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsseEJB/META-INF/ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsseEJB/META-INF/jbossws-cxf.xml Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/AbstractInvoker.java stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt Log: [JBWS-3028] Adding EJB endpoint authorization test Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/AbstractInvoker.java =================================================================== --- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/AbstractInvoker.java 2010-06-08 16:21:02 UTC (rev 12448) +++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/AbstractInvoker.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -71,6 +71,7 @@ import org.apache.cxf.service.Service; import org.apache.cxf.service.invoker.Invoker; import org.apache.cxf.service.model.BindingOperationInfo; +import org.jboss.security.SecurityContext; import org.jboss.wsf.spi.deployment.Endpoint; import org.jboss.wsf.spi.invocation.EndpointAssociation; import org.jboss.wsf.spi.invocation.Invocation; @@ -112,6 +113,13 @@ { //clear the WebServiceContextImpl's ThreadLocal variable WebServiceContextImpl.clear(); + // clear SecurityContext in case it has been propagated + SecurityContext sc = exchange.getInMessage().getContent(SecurityContext.class); + if (sc != null) + { + sc.setSubjectInfo(null); + } + } return new MessageContentsList(retObj); Modified: stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java =================================================================== --- stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2010-06-08 16:21:02 UTC (rev 12448) +++ stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -27,10 +27,13 @@ import javax.security.auth.Subject; +import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.common.security.SimplePrincipal; +import org.apache.cxf.phase.PhaseInterceptorChain; import org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor; import org.jboss.logging.Logger; import org.jboss.security.AuthenticationManager; +import org.jboss.security.SecurityContext; import org.picketbox.config.PicketBoxConfiguration; import org.picketbox.exceptions.ConfigurationStreamNullException; import org.picketbox.factories.SecurityFactory; @@ -46,8 +49,8 @@ private static final Logger log = Logger.getLogger(SubjectCreatingInterceptor.class); private static final String DEFAULT_SECURITY_DOMAIN_NAME = "JBossWS"; - private AuthenticationManagerLoader aml = null; private String securityDomainName = DEFAULT_SECURITY_DOMAIN_NAME; + private boolean propagateContext; public SubjectCreatingInterceptor() { @@ -57,34 +60,23 @@ public SubjectCreatingInterceptor(Map<String, Object> properties) { super(properties); - try - { - aml = AuthenticationManagerLoader.class.newInstance(); - } - catch (Exception ex) - { - String msg = "AuthenticationManager can not be loaded"; - log.error(msg); - throw new SecurityException(msg); - } } @Override public Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) { - - AuthenticationManager am = aml.getManager(securityDomainName); - - // verify timestamp and nonce if digest - //if (isDigest) - //{ - //verifyUsernameToken(nonce, created); - // CallbackHandler cb = new UsernameTokenCallbackHandler(nonce, created); - // CallbackHandlerPolicyContextHandler.setCaallbackHandler(cb); - //} + //if (isDigest) + //{ + //verifyUsernameToken(nonce, created); + // CallbackHandler cb = new UsernameTokenCallbackHandler(nonce, created); + // CallbackHandlerPolicyContextHandler.setCaallbackHandler(cb); + //} + + SecurityContext securityContext = getSecurityContext(); // authenticate and populate Subject - + AuthenticationManager am = securityContext.getAuthenticationManager(); + Principal principal = new SimplePrincipal(name); Subject subject = new Subject(); @@ -102,9 +94,41 @@ if (TRACE) log.trace("Authenticated, principal=" + name); + if (propagateContext) + { + securityContext.getUtil().createSubjectInfo(principal, password, subject); + PhaseInterceptorChain.getCurrentMessage().setContent(SecurityContext.class, securityContext); + if (TRACE) + log.trace("Security Context has been propagated"); + } return subject; } + @Override + public void handleFault(SoapMessage message) { + SecurityContext securityContext = message.getContent(SecurityContext.class); + if (securityContext != null) { + securityContext.setSubjectInfo(null); + } + } + + private SecurityContext getSecurityContext() { + SecurityFactory.prepare(); + + try + { + return SecurityFactory.establishSecurityContext(securityDomainName); + } + catch (Exception ex) { + throw new SecurityException("Unable to establish Security Context for domain " + + securityDomainName, ex); + } + finally + { + SecurityFactory.release(); + } + } + /** * Loads a custom configuration file, can be used to add the configuration * for new domains or override the default ones configured by JBoss AS @@ -146,6 +170,11 @@ securityDomainName = domainName; } + public void setPropagateContext(boolean propagateContext) { + this.propagateContext = propagateContext; + } + + /** TODO: JBWS-3028 Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml 2010-06-08 16:21:02 UTC (rev 12448) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml 2010-06-09 11:00:55 UTC (rev 12449) @@ -201,7 +201,23 @@ <include name="wsdl/*"/> </webinf> </war> + + <!-- jaxws-samples-wsseEJB --> + <jar destfile="${tests.output.dir}/test-libs/jaxws-samples-wsseEJB.jar"> + <fileset dir="${tests.output.dir}/test-classes"> + <include name="org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpointImpl.class"/> + <include name="org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpoint.class"/> + <include name="org/jboss/test/ws/jaxws/samples/wsseEJB/SayHello*.class"/> + <include name="org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMe*.class"/> + <include name="org/jboss/test/ws/jaxws/samples/wsseEJB/UsernamePasswordCallback.class"/> + </fileset> + <metainf dir="${tests.output.dir}/test-resources/jaxws/samples/wsseEJB/META-INF"> + <include name="jbossws-cxf.xml"/> + </metainf> + + </jar> + <!-- jaxws-samples-wssePolicy-sign --> <war warfile="${tests.output.dir}/test-libs/jaxws-samples-wssePolicy-sign.war" Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpoint.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpoint.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpoint.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,38 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import javax.jws.WebMethod; +import javax.jws.WebParam; +import javax.jws.WebResult; +import javax.jws.WebService; + +@WebService(name = "EjbEndpoint", targetNamespace = "http://org.jboss.ws/wsseEJB") +public interface EjbEndpoint +{ + + @WebMethod + public String sayHello(); + + @WebMethod + public String greetMe(); +} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpoint.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpointImpl.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpointImpl.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpointImpl.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,61 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import javax.annotation.security.RolesAllowed; +import javax.ejb.Stateless; +import javax.jws.WebMethod; +import javax.jws.WebService; + +import org.jboss.ejb3.annotation.SecurityDomain; +import org.jboss.logging.Logger; + + +@Stateless(name = "EjbEndpoint") +@WebService +( + name = "EjbEndpoint", + serviceName = "EjbEndpointService", + targetNamespace = "http://org.jboss.ws/wsseEJB" +) +@SecurityDomain("JBossWS") +public class EjbEndpointImpl +{ + // Provide logging + private static Logger log = Logger.getLogger(EjbEndpointImpl.class); + + @WebMethod + @RolesAllowed("friend") + public String sayHello() + { + log.info("Saying hello"); + return "hello"; + } + + @WebMethod + @RolesAllowed("snoopies") + public String greetMe() + { + log.info("Greeting"); + return "greetings"; + } +} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/EjbEndpointImpl.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMe.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMe.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMe.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,32 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2010, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + +@XmlRootElement(name = "greetMe", namespace = "http://www.jboss.ws/wsseEJB") +(a)XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "greetMe", namespace = "http://www.jboss.ws/wsseEJB") +public class GreetMe {} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMe.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMeResponse.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMeResponse.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMeResponse.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,49 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2010, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + +@XmlRootElement(name = "greetMeResponse", namespace = "http://www.jboss.ws/wsseEJB") +(a)XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "greetMeResponse", namespace = "http://www.jboss.ws/wsseEJB") +public class GreetMeResponse +{ + + @XmlElement(name = "return", namespace = "") + private String _return; + + public String getReturn() + { + return this._return; + } + + public void setReturn(String _return) + { + this._return = _return; + } + +} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/GreetMeResponse.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHello.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHello.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHello.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,32 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + +@XmlRootElement(name = "sayHello", namespace = "http://www.jboss.ws/wsseEJB") +(a)XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "sayHello", namespace = "http://www.jboss.ws/wsseEJB") +public class SayHello {} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHello.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHelloResponse.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHelloResponse.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHelloResponse.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,49 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + +@XmlRootElement(name = "sayHelloResponse", namespace = "http://www.jboss.ws/wsseEJB") +(a)XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "sayHelloResponse", namespace = "http://www.jboss.ws/wsseEJB") +public class SayHelloResponse +{ + + @XmlElement(name = "return", namespace = "") + private String _return; + + public String getReturn() + { + return this._return; + } + + public void setReturn(String _return) + { + this._return = _return; + } + +} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/SayHelloResponse.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/UsernamePasswordCallback.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/UsernamePasswordCallback.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/UsernamePasswordCallback.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,43 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import java.io.IOException; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.UnsupportedCallbackException; +import org.apache.ws.security.WSPasswordCallback; + +public class UsernamePasswordCallback implements CallbackHandler +{ + public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException + { + WSPasswordCallback pc = (WSPasswordCallback)callbacks[0]; + if ("kermit".equals(pc.getIdentifier())) + pc.setPassword("thefrog"); + else if ("theKermit".equals(pc.getIdentifier())) + pc.setPassword("thefrog2"); + else + pc.setPassword("wrong password"); + } +} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/UsernamePasswordCallback.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/WsseEjbTestCase.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/WsseEjbTestCase.java (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/WsseEjbTestCase.java 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,108 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2006, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.ws.jaxws.samples.wsseEJB; + +import java.net.URL; +import java.util.Map; +import java.util.HashMap; + +import javax.xml.namespace.QName; +import javax.xml.ws.BindingProvider; +import javax.xml.ws.Service; +import javax.xml.ws.WebServiceException; + +import junit.framework.Test; + +import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor; +import org.apache.cxf.endpoint.Client; +import org.apache.cxf.endpoint.Endpoint; +import org.apache.cxf.frontend.ClientProxy; +import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor; + +import org.jboss.wsf.test.JBossWSTest; +import org.jboss.wsf.test.JBossWSTestSetup; + +/** + * Secure EJB endpoint test + * + * + * @author sberyozk(a)jredhat.com + */ +public class WsseEjbTestCase extends JBossWSTest +{ + public final String TARGET_ENDPOINT_ADDRESS = "http://" + getServerHost() + ":8080/jaxws-samples-wsseEJB/EjbEndpoint"; + + public static Test suite() + { + return new JBossWSTestSetup(WsseEjbTestCase.class, "jaxws-samples-wsseEJB.jar"); + } + + private EjbEndpoint getPort() throws Exception + { + URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS + "?wsdl"); + QName serviceName = new QName("http://org.jboss.ws/wsseEJB", "EjbEndpointService"); + EjbEndpoint port = Service.create(wsdlURL, serviceName).getPort(EjbEndpoint.class); + return port; + } + + + public void testHello() throws Exception + { + EjbEndpoint proxy = getPort(); + setupWsse(proxy, "kermit"); + String retObj = proxy.sayHello(); + assertEquals("hello", retObj); + } + + public void testGreetMeUnauthorized() throws Exception + { + EjbEndpoint proxy = getPort(); + setupWsse(proxy, "kermit"); + try + { + proxy.greetMe(); + fail("Unauthorized exception is expected"); + } + catch (Exception ex) + { + assertEquals("Caller unauthorized", ex.getMessage()); + } + + + + } + + private void setupWsse(EjbEndpoint proxy, String username) + { + Client client = ClientProxy.getClient(proxy); + Endpoint cxfEndpoint = client.getEndpoint(); + + Map<String, Object> outProps = new HashMap<String, Object>(); + outProps.put("action", "UsernameToken"); + outProps.put("user", username); + outProps.put("passwordType", "PasswordText"); + outProps.put("passwordCallbackClass", "org.jboss.test.ws.jaxws.samples.wsseEJB.UsernamePasswordCallback"); + WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); //request + cxfEndpoint.getOutInterceptors().add(wssOut); + cxfEndpoint.getOutInterceptors().add(new SAAJOutInterceptor()); + } +} Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseEJB/WsseEjbTestCase.java ___________________________________________________________________ Name: svn:keywords + Rev Date Name: svn:eol-style + native Added: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsseEJB/META-INF/jbossws-cxf.xml =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsseEJB/META-INF/jbossws-cxf.xml (rev 0) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsseEJB/META-INF/jbossws-cxf.xml 2010-06-09 11:00:55 UTC (rev 12449) @@ -0,0 +1,46 @@ +<beans + xmlns='http://www.springframework.org/schema/beans' + xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' + xmlns:beans='http://www.springframework.org/schema/beans' + xmlns:jaxws='http://cxf.apache.org/jaxws' + xmlns:util='http://www.springframework.org/schema/util' + xsi:schemaLocation='http://cxf.apache.org/core + http://cxf.apache.org/schemas/core.xsd + http://www.springframework.org/schema/util + http://www.springframework.org/schema/util/spring-util-2.0.xsd + http://www.springframework.org/schema/beans + http://www.springframework.org/schema/beans/spring-beans-2.0.xsd + http://cxf.apache.org/jaxws + http://cxf.apache.org/schemas/jaxws.xsd'> + + <bean id="SecurityContextIn" class="org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="UsernameToken"/> + </map> + </constructor-arg> + + <property name="propagateContext" value="true"/> + + </bean> + + <jaxws:endpoint + id='EjbEndpointImpl' + address='http://@jboss.bind.address@:8080/jaxws-samples-wsseEJB/EjbEndpoint' + implementor='org.jboss.test.ws.jaxws.samples.wsseEJB.EjbEndpointImpl'> + <jaxws:invoker> + <bean class='org.jboss.wsf.stack.cxf.InvokerEJB3'/> + </jaxws:invoker> + + <jaxws:inInterceptors> + + <ref bean="SecurityContextIn"/> + <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> + + </jaxws:inInterceptors> + + </jaxws:endpoint> + + + +</beans> Property changes on: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsseEJB/META-INF/jbossws-cxf.xml ___________________________________________________________________ Name: svn:mime-type + text/xml Name: svn:keywords + Rev Date Name: svn:eol-style + native Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt 2010-06-08 16:21:02 UTC (rev 12448) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss501.txt 2010-06-09 11:00:55 UTC (rev 12449) @@ -59,3 +59,4 @@ # [JBWS-3028] Complete UsernameToken JAAS integration: PicketBox not available # on AS 5.x org/jboss/test/ws/jaxws/samples/wsse/UsernameAuthorizationTestCase.* +org/jboss/test/ws/jaxws/samples/wsseEJB/WsseEjbTestCase.* Modified: stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt =================================================================== --- stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt 2010-06-08 16:21:02 UTC (rev 12448) +++ stack/cxf/trunk/modules/testsuite/test-excludes-jboss510.txt 2010-06-09 11:00:55 UTC (rev 12449) @@ -59,4 +59,5 @@ # [JBWS-3028] Complete UsernameToken JAAS integration: PicketBox not available # on AS 5.x org/jboss/test/ws/jaxws/samples/wsse/UsernameAuthorizationTestCase.* +org/jboss/test/ws/jaxws/samples/wsseEJB/WsseEjbTestCase.*