Author: sergeyb
Date: 2010-06-17 09:05:59 -0400 (Thu, 17 Jun 2010)
New Revision: 12495
Added:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallback.java
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallbackHandler.java
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/nonce/
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/nonce/NonceStore.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/MemoryNonceStore.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceIface.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceImpl.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernameDigestTestCase.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernamePasswordCallback.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMe.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMeResponse.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHello.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHelloResponse.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-service.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-web.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-cxf.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-roles.properties
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-users.properties
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/login-config.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/web.xml
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService.wsdl
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService_schema1.xsd
Modified:
stack/cxf/trunk/modules/server/pom.xml
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java
stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml
stack/cxf/trunk/pom.xml
Log:
[JBWS-3028] Initial support for digests
Modified: stack/cxf/trunk/modules/server/pom.xml
===================================================================
--- stack/cxf/trunk/modules/server/pom.xml 2010-06-17 09:48:31 UTC (rev 12494)
+++ stack/cxf/trunk/modules/server/pom.xml 2010-06-17 13:05:59 UTC (rev 12495)
@@ -204,6 +204,14 @@
<groupId>org.jboss.security</groupId>
<artifactId>jboss-security-spi</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jbosssx</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss</groupId>
+ <artifactId>jbossxb</artifactId>
+ </dependency>
<!-- transitve dependencies -->
<dependency>
Modified:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java
===================================================================
---
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2010-06-17
09:48:31 UTC (rev 12494)
+++
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -21,22 +21,34 @@
*/
package org.jboss.wsf.stack.cxf.security.authentication;
+import java.io.IOException;
import java.security.Principal;
+import java.util.Calendar;
import java.util.Collections;
import java.util.Map;
import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.phase.PhaseInterceptorChain;
import org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.handler.RequestData;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
+import org.jboss.security.auth.callback.CallbackHandlerPolicyContextHandler;
import org.jboss.wsf.spi.SPIProvider;
import org.jboss.wsf.spi.SPIProviderResolver;
import org.jboss.wsf.spi.invocation.SecurityAdaptor;
import org.jboss.wsf.spi.invocation.SecurityAdaptorFactory;
+import
org.jboss.wsf.stack.cxf.security.authentication.callback.UsernameTokenCallbackHandler;
+import org.jboss.wsf.stack.cxf.security.nonce.NonceStore;
+import org.jboss.xb.binding.SimpleTypeBindings;
/**
* Interceptor which authenticates a current principal and populates Subject
@@ -47,11 +59,14 @@
public class SubjectCreatingInterceptor extends
AbstractUsernameTokenAuthenticatingInterceptor
{
private static final Logger log = Logger.getLogger(SubjectCreatingInterceptor.class);
-
- private AuthenticationManagerLoader aml = null;
+ private static final int TIMESTAMP_FRESHNESS_THRESHOLD = 300;
+
+ private AuthenticationManagerLoader aml;
private boolean propagateContext;
private SecurityAdaptorFactory secAdaptorFactory;
-
+ private int timestampThreshold = TIMESTAMP_FRESHNESS_THRESHOLD;
+ private NonceStore nonceStore;
+ private boolean decodeNonce = true;
public SubjectCreatingInterceptor()
{
@@ -76,9 +91,42 @@
}
+ // TODO : this code has to go to the super class,
AbstractUsernameTokenAuthenticatingInterceptor
+ // has a bug to do with handling digests
@Override
+ protected CallbackHandler getCallback(RequestData reqData, int doAction)
+ throws WSSecurityException {
+
+ if ((doAction & WSConstants.UT) != 0 && reqData.getPwType() !=
WSConstants.PASSWORD_TEXT) {
+ return new CallbackHandler()
+ {
+ @Override
+ public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
+ {
+ // dummy handler
+ }
+ };
+ } else {
+ return super.getCallback(reqData, doAction);
+ }
+ }
+
+ @Override
public Subject createSubject(String name, String password, boolean isDigest, String
nonce, String created)
{
+ if (isDigest)
+ {
+ verifyUsernameToken(nonce, created);
+ // It is not possible at the moment to figure out if the digest has been created
+ // using the original nonce bytes or the bytes of the (Base64)-encoded nonce, some
+ // legacy clients might use the (Base64)-encoded nonce bytes when creating a digest;
+ // lets default to true and assume the nonce has been Base-64 encoded, given that
+ // WSS4J client Base64-decodes the nonce before creating the digest
+
+ CallbackHandler handler = new UsernameTokenCallbackHandler(nonce, created,
decodeNonce);
+ CallbackHandlerPolicyContextHandler.setCallbackHandler(handler);
+ }
+
// authenticate and populate Subject
AuthenticationManager am = aml.getManager();
@@ -89,11 +137,21 @@
if (TRACE)
log.trace("About to authenticate, using security domain '" +
am.getSecurityDomain() + "'");
- if (am.isValid(principal, password, subject) == false)
+ try
{
- String msg = "Authentication failed, principal=" +
principal.getName();
- log.error(msg);
- throw new SecurityException(msg);
+ if (am.isValid(principal, password, subject) == false)
+ {
+ String msg = "Authentication failed, principal=" +
principal.getName();
+ log.error(msg);
+ throw new SecurityException(msg);
+ }
+ }
+ finally
+ {
+ if (isDigest)
+ {
+ // how do we remove the handler from the thread local storage ?
+ }
}
if (TRACE)
@@ -113,40 +171,47 @@
return subject;
}
- @Override
- public void handleFault(SoapMessage message) {
- SecurityAdaptor adaptor = message.getContent(SecurityAdaptor.class);
- if (adaptor != null) {
- //TODO: release the propagated state
- }
- }
-
-
- public void setPropagateContext(boolean propagateContext) {
- this.propagateContext = propagateContext;
- }
-
-
- /** TODO: JBWS-3028
- private static final int TIMESTAMP_FRESHNESS_THRESHOLD = 300;
- private NonceStore nonceStore;
-
private void verifyUsernameToken(String nonce, String created)
{
if (created != null)
{
Calendar cal = SimpleTypeBindings.unmarshalDateTime(created);
Calendar ref = Calendar.getInstance();
- ref.add(Calendar.SECOND, -TIMESTAMP_FRESHNESS_THRESHOLD);
+ ref.add(Calendar.SECOND, -timestampThreshold);
if (ref.after(cal))
throw new SecurityException("Request rejected since a stale timestamp
has been provided: " + created);
}
- if (nonce != null)
+ if (nonce != null && nonceStore != null)
{
if (nonceStore.hasNonce(nonce))
throw new SecurityException("Request rejected since a message with the
same nonce has been recently received; nonce = " + nonce);
+ nonceStore.putNonce(nonce);
}
}
- */
+
+ public void setPropagateContext(boolean propagateContext) {
+ this.propagateContext = propagateContext;
+ }
+
+ public void setTimestampThreshold(int timestampThreshold) {
+ this.timestampThreshold = timestampThreshold;
+ }
+
+ @Override
+ public void handleFault(SoapMessage message) {
+ SecurityAdaptor adaptor = message.getContent(SecurityAdaptor.class);
+ if (adaptor != null) {
+ //TODO: release the propagated state
+ }
+ }
+
+ public void setNonceStore(NonceStore nonceStore) {
+ this.nonceStore = nonceStore;
+ }
+
+ public void setDecodeNonce(boolean decodeNonce) {
+ this.decodeNonce = decodeNonce;
+ }
+
}
Added:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallback.java
===================================================================
---
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallback.java
(rev 0)
+++
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallback.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,83 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.security.authentication.callback;
+
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+
+import org.jboss.crypto.digest.DigestCallback;
+import org.jboss.security.auth.callback.MapCallback;
+
+/**
+ * An implementation of DigestCallback that generates password
+ * digests according to the UsernameTokenProfile 1.0 specification.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public class UsernameTokenCallback implements DigestCallback
+{
+ static final String NONCE = "nonce";
+ static final String CREATED = "created";
+ static final String DECODE_NONCE = "decodeNonce";
+
+ private MapCallback info;
+
+ @SuppressWarnings("unchecked")
+ public void init(Map options)
+ {
+ // Ask for MapCallback to obtain the digest parameters
+ info = new MapCallback();
+ Callback[] callbacks = { info };
+ options.put("callbacks", callbacks);
+ }
+
+ public void preDigest(MessageDigest digest)
+ {
+ try
+ {
+ String nonce = (String)info.getInfo(NONCE);
+ if (nonce != null)
+ {
+ Boolean decodeNonce = (Boolean)info.getInfo(DECODE_NONCE);
+ byte[] nonceBytes = decodeNonce ? org.jboss.util.Base64.decode(nonce)
+ : nonce.getBytes("UTF-8");
+ digest.update(nonceBytes);
+ }
+ String created = (String)info.getInfo(CREATED);
+ if (created != null)
+ digest.update(created.getBytes("UTF-8"));
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new SecurityException(e);
+ }
+ }
+
+ public void postDigest(MessageDigest digest)
+ {
+ }
+}
Property changes on:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallback.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallbackHandler.java
===================================================================
---
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallbackHandler.java
(rev 0)
+++
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallbackHandler.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,80 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.security.authentication.callback;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.jboss.security.auth.callback.MapCallback;
+
+/**
+ * A callback handler to be used to pass parameters to the
+ * UsernameTokenCallback.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public class UsernameTokenCallbackHandler implements CallbackHandler
+{
+ private String nonce;
+ private String created;
+ private boolean decodeNonce;
+
+ public UsernameTokenCallbackHandler(String nonce, String created, boolean
decodeNonce)
+ {
+ this.created = created;
+ this.nonce = nonce;
+ this.decodeNonce = decodeNonce;
+ }
+
+ public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
+ {
+ boolean foundCallback = false;
+ Callback firstUnknown = null;
+ int count = callbacks != null ? callbacks.length : 0;
+ for(int n = 0; n < count; n ++)
+ {
+ Callback c = callbacks[n];
+ if( c instanceof MapCallback )
+ {
+ //set parameters to the MapCallback the UsernameTokenCallback
+ //created and set up in the init method
+ MapCallback mc = (MapCallback) c;
+ mc.setInfo(UsernameTokenCallback.NONCE, nonce);
+ mc.setInfo(UsernameTokenCallback.CREATED, created);
+ mc.setInfo(UsernameTokenCallback.DECODE_NONCE,
Boolean.valueOf(decodeNonce));
+ foundCallback = true;
+ }
+ else if( firstUnknown == null )
+ {
+ firstUnknown = c;
+ }
+ }
+ if( foundCallback == false )
+ throw new UnsupportedCallbackException(firstUnknown, "Unrecognized
Callback");
+ }
+
+}
Property changes on:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/callback/UsernameTokenCallbackHandler.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/nonce/NonceStore.java
===================================================================
---
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/nonce/NonceStore.java
(rev 0)
+++
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/nonce/NonceStore.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.security.nonce;
+
+/**
+ * A nonce store collects recently used nonces.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public interface NonceStore
+{
+ /**
+ * Checks whether the store contains the provided nonce.
+ *
+ * @param nonce
+ * @return True if the provided nonce has been recently put in the store
+ */
+ public boolean hasNonce(String nonce);
+
+ /**
+ * Put the given nonce in the store.
+ *
+ * @param nonce
+ */
+ public void putNonce(String nonce);
+}
Property changes on:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/nonce/NonceStore.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml
===================================================================
--- stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml 2010-06-17
09:48:31 UTC (rev 12494)
+++ stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jaxws.xml 2010-06-17
13:05:59 UTC (rev 12495)
@@ -218,6 +218,26 @@
</webinf>
</war>
+ <!-- jaxws-samples-wsse-username-digest -->
+ <war
+
warfile="${tests.output.dir}/test-libs/jaxws-samples-wsse-username-digest.war"
+
webxml="${tests.output.dir}/test-resources/jaxws/samples/wsse/username-digest/WEB-INF/web.xml">
+ <classes dir="${tests.output.dir}/test-classes">
+ <include
name="org/jboss/test/ws/jaxws/samples/wsseDigest/Service*.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wsseDigest/MemoryNonceStore.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/*.class"/>
+ </classes>
+ <webinf
dir="${tests.output.dir}/test-resources/jaxws/samples/wsse/username-digest/WEB-INF">
+ <include name="jboss-web.xml"/>
+ <include name="jboss-service.xml"/>
+ <include name="jbossws-cxf.xml"/>
+ <include name="login-config.xml"/>
+ <include name="jbossws-users.properties"/>
+ <include name="jbossws-roles.properties"/>
+ <include name="wsdl/*"/>
+ </webinf>
+ </war>
+
<!-- jaxws-samples-wsseEJB -->
<jar
destfile="${tests.output.dir}/test-libs/jaxws-samples-wsseEJB.jar">
<fileset dir="${tests.output.dir}/test-classes">
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/MemoryNonceStore.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/MemoryNonceStore.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/MemoryNonceStore.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest;
+
+import java.util.Set;
+import java.util.HashSet;
+import org.jboss.wsf.stack.cxf.security.nonce.NonceStore;
+
+public class MemoryNonceStore implements NonceStore
+{
+ private Set<String> nonces = new HashSet<String>();
+
+ public boolean hasNonce(String nonce)
+ {
+ synchronized (nonces)
+ {
+ return nonces.contains(nonce);
+ }
+ }
+
+ public void putNonce(String nonce)
+ {
+ synchronized (nonces)
+ {
+ nonces.add(nonce);
+ }
+ }
+
+}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/MemoryNonceStore.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceIface.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceIface.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceIface.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest;
+
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+
+@WebService
+(
+ targetNamespace = "http://www.jboss.org/jbossws/ws-extensions/wssecurity"
+)
+public interface ServiceIface
+{
+ @WebMethod
+ String sayHello();
+
+ @WebMethod
+ String greetMe();
+}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceIface.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceImpl.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceImpl.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceImpl.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest;
+
+import javax.jws.WebService;
+
+@WebService
+(
+ serviceName = "SecurityService",
+ wsdlLocation = "WEB-INF/wsdl/SecurityService.wsdl",
+ targetNamespace = "http://www.jboss.org/jbossws/ws-extensions/wssecurity",
+ endpointInterface =
"org.jboss.test.ws.jaxws.samples.wsseDigest.ServiceIface"
+)
+public class ServiceImpl implements ServiceIface
+{
+ public String sayHello()
+ {
+ return "Secure Hello World!";
+ }
+ public String greetMe()
+ {
+ return "Greetings!";
+ }
+}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/ServiceImpl.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernameDigestTestCase.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernameDigestTestCase.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernameDigestTestCase.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,130 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest;
+
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.Service;
+
+import junit.framework.Test;
+
+import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.jboss.wsf.test.JBossWSTest;
+import org.jboss.wsf.test.JBossWSTestSetup;
+
+/**
+ * WS-Security username authorization test case
+ *
+ * @author Sergey Beryozkin
+ *
+ */
+public final class UsernameDigestTestCase extends JBossWSTest
+{
+ private final String serviceURL = "http://" + getServerHost() +
":8080/jaxws-samples-wsse-username-digest";
+
+ private final QName servicePort = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecurity",
"SecurityServicePort");
+
+ public static Test suite()
+ {
+ return new JBossWSTestSetup(UsernameDigestTestCase.class,
"jaxws-samples-wsse-username-digest.war");
+ }
+
+ public void testAuthorized() throws Exception
+ {
+ doTestAuthorized(serviceURL, servicePort, "kermit");
+ }
+
+private void doTestAuthorized(String endpointAddress, QName portName, String userName)
throws Exception
+ {
+ QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecurity",
"SecurityService");
+ URL wsdlURL = new URL(endpointAddress + "?wsdl");
+ Service service = Service.create(wsdlURL, serviceName);
+ ServiceIface proxy = (ServiceIface)service.getPort(portName, ServiceIface.class);
+ setupWsse(proxy, userName);
+ assertEquals("Secure Hello World!", proxy.sayHello());
+ }
+
+ public void testUnauthenticated() throws Exception
+ {
+ QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecurity",
"SecurityService");
+ URL wsdlURL = new URL(serviceURL + "?wsdl");
+ Service service = Service.create(wsdlURL, serviceName);
+ ServiceIface proxy = (ServiceIface)service.getPort(ServiceIface.class);
+ setupWsse(proxy, "foo");
+ try
+ {
+ proxy.sayHello();
+ fail("User foo should not be authenticated.");
+ }
+ catch (Exception ex)
+ {
+ //expected
+ }
+ }
+
+ public void testUnauthorized() throws Exception
+ {
+ doTestUnauthorized(serviceURL, servicePort, "kermit");
+ }
+
+ private void doTestUnauthorized(String endpointAddress, QName portName, String
userName) throws Exception
+ {
+ QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecurity",
"SecurityService");
+ URL wsdlURL = new URL(endpointAddress + "?wsdl");
+ Service service = Service.create(wsdlURL, serviceName);
+ ServiceIface proxy = (ServiceIface)service.getPort(portName, ServiceIface.class);
+ setupWsse(proxy, userName);
+ try
+ {
+ proxy.greetMe();
+ fail("User kermit should not be authorized to invoke greetMe.");
+ }
+ catch (Exception ex)
+ {
+ assertEquals("Unauthorized", ex.getMessage());
+ }
+ }
+
+ private void setupWsse(ServiceIface proxy, String username)
+ {
+ Client client = ClientProxy.getClient(proxy);
+ Endpoint cxfEndpoint = client.getEndpoint();
+
+ Map<String, Object> outProps = new HashMap<String, Object>();
+ outProps.put("action", "UsernameToken");
+ outProps.put("user", username);
+ outProps.put("passwordType", "PasswordDigest");
+ outProps.put("passwordCallbackClass",
"org.jboss.test.ws.jaxws.samples.wsseDigest.UsernamePasswordCallback");
+ WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); //request
+ cxfEndpoint.getOutInterceptors().add(wssOut);
+ cxfEndpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+ }
+
+
+}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernameDigestTestCase.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernamePasswordCallback.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernamePasswordCallback.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernamePasswordCallback.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.ws.security.WSPasswordCallback;
+
+public class UsernamePasswordCallback implements CallbackHandler
+{
+ public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
+ {
+ WSPasswordCallback pc = (WSPasswordCallback)callbacks[0];
+ if ("kermit".equals(pc.getIdentifier()))
+ pc.setPassword("therealfrog");
+ else
+ pc.setPassword("wrong password");
+ }
+}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/UsernamePasswordCallback.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMe.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMe.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMe.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,32 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest.jaxws;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+@XmlRootElement(name = "greetMe", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "greetMe", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+public class GreetMe {}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMe.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMeResponse.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMeResponse.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMeResponse.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,49 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest.jaxws;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+@XmlRootElement(name = "greetMeResponse", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "greetMeResponse", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+public class GreetMeResponse
+{
+
+ @XmlElement(name = "return", namespace = "")
+ private String _return;
+
+ public String getReturn()
+ {
+ return this._return;
+ }
+
+ public void setReturn(String _return)
+ {
+ this._return = _return;
+ }
+
+}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/GreetMeResponse.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHello.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHello.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHello.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,32 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest.jaxws;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+@XmlRootElement(name = "sayHello", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "sayHello", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+public class SayHello {}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHello.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHelloResponse.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHelloResponse.java
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHelloResponse.java 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,49 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wsseDigest.jaxws;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+@XmlRootElement(name = "sayHelloResponse", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "sayHelloResponse", namespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecurity")
+public class SayHelloResponse
+{
+
+ @XmlElement(name = "return", namespace = "")
+ private String _return;
+
+ public String getReturn()
+ {
+ return this._return;
+ }
+
+ public void setReturn(String _return)
+ {
+ this._return = _return;
+ }
+
+}
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseDigest/jaxws/SayHelloResponse.java
___________________________________________________________________
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-service.xml
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-service.xml
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-service.xml 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<server>
+ <!-- ==================================================================== -->
+ <!-- Dynamic login config to install the login module using digest -->
+ <!-- ==================================================================== -->
+ <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
+ name="jboss:service=DynamicLoginConfig">
+ <attribute name="AuthConfig">login-config.xml</attribute>
+ <!-- The service which supports dynamic processing of login-config.xml
+ configurations.
+ -->
+ <depends optional-attribute-name="LoginConfigService">
+ jboss.security:service=XMLLoginConfig
+ </depends>
+ <!-- Optionally specify the security mgr service to use when
+ this service is stopped to flush the auth caches of the domains
+ registered by this service.
+ -->
+ <depends optional-attribute-name="SecurityManagerService">
+ jboss.security:service=JaasSecurityManager
+ </depends>
+ </mbean>
+</server>
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-service.xml
___________________________________________________________________
Name: svn:mime-type
+ text/xml
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-web.xml
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-web.xml
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-web.xml 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.4//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">
+
+<jboss-web>
+ <security-domain>java:/jaas/JBossWSDigest</security-domain>
+</jboss-web>
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jboss-web.xml
___________________________________________________________________
Name: svn:mime-type
+ text/xml
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-cxf.xml
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-cxf.xml
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-cxf.xml 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,54 @@
+<beans
+
xmlns='http://www.springframework.org/schema/beans'
+
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
+
xmlns:beans='http://www.springframework.org/schema/beans'
+
xmlns:jaxws='http://cxf.apache.org/jaxws'
+
xmlns:util='http://www.springframework.org/schema/util'
+
xsi:schemaLocation='http://cxf.apache.org/core
+
http://cxf.apache.org/schemas/core.xsd
+
http://www.springframework.org/schema/util
+
http://www.springframework.org/schema/util/spring-util-2.0.xsd
+
http://www.springframework.org/schema/beans
+
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+
http://cxf.apache.org/jaxws
+
http://cxf.apache.org/schemas/jaxws.xsd'>
+
+ <bean id="nonceStore"
class="org.jboss.test.ws.jaxws.samples.wsseDigest.MemoryNonceStore"/>
+
+ <bean id="SecurityContextIn"
class="org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="UsernameToken"/>
+ </map>
+ </constructor-arg>
+ <property name="nonceStore" ref="nonceStore"/>
+ <property name="supportDigestPasswords" value="true"/>
+ </bean>
+
+ <util:map id="methodPermissions">
+ <entry key="sayHello" value="friend"/>
+ <entry key="greetMe" value="snoopies"/>
+ </util:map>
+
+ <bean id="AuthorizeIn"
class="org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor">
+ <property name="methodRolesMap" ref="methodPermissions"/>
+ </bean>
+
+ <jaxws:endpoint
+ id='ServiceImpl'
+
address='http://@jboss.bind.address@:8080/jaxws-samples-wsse-username-digest'
+ implementor='org.jboss.test.ws.jaxws.samples.wsseDigest.ServiceImpl'
+ endpointName="ns:SecurityServicePort"
+ serviceName="ns:SecurityService"
+
xmlns:ns="http://www.jboss.org/jbossws/ws-extensions/wssecurity"...
+ <jaxws:inInterceptors>
+ <ref bean="SecurityContextIn"/>
+ <ref bean="AuthorizeIn"/>
+ <bean
class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
+<!--
+ <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
+-->
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+</beans>
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-cxf.xml
___________________________________________________________________
Name: svn:mime-type
+ text/xml
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-roles.properties
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-roles.properties
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-roles.properties 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,2 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+kermit=friend
\ No newline at end of file
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-roles.properties
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-users.properties
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-users.properties
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-users.properties 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,2 @@
+# A sample users.properties file for use with the UsersRolesLoginModule
+kermit=therealfrog
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/jbossws-users.properties
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/login-config.xml
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/login-config.xml
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/login-config.xml 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,25 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+<policy> <!-- xmlns="urn:jboss:security-config:5.0"> -->
+
+ <application-policy name="JBossWSDigest">
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option
name="usersProperties">jbossws-users.properties</module-option>
+ <module-option
name="rolesProperties">jbossws-roles.properties</module-option>
+ <module-option name="hashAlgorithm">SHA</module-option>
+ <module-option
name="hashEncoding">BASE64</module-option>
+ <module-option name="hashCharset">UTF-8</module-option>
+ <module-option
name="hashUserPassword">false</module-option>
+ <module-option
name="hashStorePassword">true</module-option>
+ <module-option
name="storeDigestCallback">org.jboss.wsf.stack.cxf.security.authentication.callback.UsernameTokenCallback</module-option>
+ <module-option
name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+</policy>
+
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/login-config.xml
___________________________________________________________________
Name: svn:mime-type
+ text/xml
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/web.xml
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/web.xml
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/web.xml 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<web-app
+ version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
+
+ <servlet>
+ <servlet-name>TestService</servlet-name>
+
<servlet-class>org.jboss.test.ws.jaxws.samples.wsseDigest.ServiceImpl</servlet-class>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>TestService</servlet-name>
+ <url-pattern>/*</url-pattern>
+ </servlet-mapping>
+
+
+</web-app>
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/web.xml
___________________________________________________________________
Name: svn:mime-type
+ text/xml
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService.wsdl
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService.wsdl
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService.wsdl 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"
standalone="yes"?>
+<definitions
targetNamespace="http://www.jboss.org/jbossws/ws-extensions/wssecuri...
name="SecurityService"
+
xmlns:tns="http://www.jboss.org/jbossws/ws-extensions/wssecurity"
+
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
+
xmlns="http://schemas.xmlsoap.org/wsdl/">
+ <types>
+ <xsd:schema>
+ <xsd:import
namespace="http://www.jboss.org/jbossws/ws-extensions/wssecurity"
schemaLocation="SecurityService_schema1.xsd"/>
+ </xsd:schema>
+ </types>
+ <message name="sayHello">
+ <part name="parameters" element="tns:sayHello"/>
+ </message>
+ <message name="sayHelloResponse">
+ <part name="parameters" element="tns:sayHelloResponse"/>
+ </message>
+ <message name="greetMe">
+ <part name="parameters" element="tns:greetMe"/>
+ </message>
+ <message name="greetMeResponse">
+ <part name="parameters" element="tns:greetMeResponse"/>
+ </message>
+ <portType name="ServiceIface">
+ <operation name="sayHello">
+ <input message="tns:sayHello"/>
+ <output message="tns:sayHelloResponse"/>
+ </operation>
+ <operation name="greetMe">
+ <input message="tns:greetMe"/>
+ <output message="tns:greetMeResponse"/>
+ </operation>
+ </portType>
+ <binding name="SecurityServicePortBinding"
type="tns:ServiceIface">
+ <soap:binding
transport="http://schemas.xmlsoap.org/soap/http"
style="document"/>
+ <operation name="sayHello">
+ <soap:operation soapAction=""/>
+ <input>
+ <soap:body use="literal"/>
+ </input>
+ <output>
+ <soap:body use="literal"/>
+ </output>
+ </operation>
+ <operation name="greetMe">
+ <soap:operation soapAction=""/>
+ <input>
+ <soap:body use="literal"/>
+ </input>
+ <output>
+ <soap:body use="literal"/>
+ </output>
+ </operation>
+ </binding>
+ <service name="SecurityService">
+ <port name="SecurityServicePort"
binding="tns:SecurityServicePortBinding">
+ <soap:address
location="http://@jboss.bind.address@:8080/jaxws-samples-wsse-username-digest"/>
+ </port>
+ </service>
+</definitions>
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService.wsdl
___________________________________________________________________
Name: svn:mime-type
+ text/xml
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Added:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService_schema1.xsd
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService_schema1.xsd
(rev 0)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService_schema1.xsd 2010-06-17
13:05:59 UTC (rev 12495)
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"
standalone="yes"?>
+<xs:schema version="1.0"
targetNamespace="http://www.jboss.org/jbossws/ws-extensions/wssecuri...
xmlns:tns="http://www.jboss.org/jbossws/ws-extensions/wssecurity"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
+
+ <xs:element name="sayHello" type="tns:sayHello"/>
+
+ <xs:element name="sayHelloResponse"
type="tns:sayHelloResponse"/>
+
+ <xs:complexType name="sayHello">
+ <xs:sequence/>
+ </xs:complexType>
+
+ <xs:complexType name="sayHelloResponse">
+ <xs:sequence>
+ <xs:element name="return" type="xs:string"
minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="greetMe" type="tns:greetMe"/>
+
+ <xs:element name="greetMeResponse"
type="tns:greetMeResponse"/>
+
+ <xs:complexType name="greetMe">
+ <xs:sequence/>
+ </xs:complexType>
+
+ <xs:complexType name="greetMeResponse">
+ <xs:sequence>
+ <xs:element name="return" type="xs:string"
minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
+
Property changes on:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/username-digest/WEB-INF/wsdl/SecurityService_schema1.xsd
___________________________________________________________________
Name: svn:mime-type
+ text/xml
Name: svn:keywords
+ Rev Date
Name: svn:eol-style
+ native
Modified: stack/cxf/trunk/pom.xml
===================================================================
--- stack/cxf/trunk/pom.xml 2010-06-17 09:48:31 UTC (rev 12494)
+++ stack/cxf/trunk/pom.xml 2010-06-17 13:05:59 UTC (rev 12495)
@@ -64,6 +64,8 @@
<jboss.common.core.version>2.2.16.GA</jboss.common.core.version>
<jboss.logging.version>2.2.0.CR1</jboss.logging.version>
<jboss.security.spi.version>2.0.4.SP4</jboss.security.spi.version>
+ <jboss.security.sx.version>2.0.4</jboss.security.sx.version>
+ <jboss.xb.version>2.0.2.Beta7</jboss.xb.version>
<picketbox.version>3.0.0.Beta5</picketbox.version>
<jaxb.api.version>1.0.0.Beta1</jaxb.api.version>
<jaxb.impl.version>2.2</jaxb.impl.version>
@@ -538,6 +540,18 @@
<scope>provided</scope>
</dependency>
<dependency>
+ <groupId>org.jboss</groupId>
+ <artifactId>jbossxb</artifactId>
+ <version>${jboss.xb.version}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jbosssx</artifactId>
+ <version>${jboss.security.sx.version}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
<groupId>org.picketbox</groupId>
<artifactId>picketbox-bare</artifactId>
<version>${picketbox.version}</version>