Author: darran.lofthouse(a)jboss.com Date: 2008-12-18 13:06:14 -0500 (Thu, 18 Dec 2008) New Revision: 8956 Added: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Authorize.java stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Role.java stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Unchecked.java stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1999/JBWS1999ConfigurationTestCase.java stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/resources/jaxws/jbws1999/config/jboss-wsse-default-roles.xml Modified: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd Log: New configuration and test case for reading configuration. Added: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Authorize.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Authorize.java (rev 0) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Authorize.java 2008-12-18 18:06:14 UTC (rev 8956) @@ -0,0 +1,63 @@ +/* +* JBoss, Home of Professional Open Source. +* Copyright 2008, Red Hat Middleware LLC, and individual contributors +* as indicated by the @author tags. See the copyright.txt file in the +* distribution for a full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.ws.metadata.wsse; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +/** + * <code>Authorize</code> specifies that the users credentials should be + * checked to ensure the user is authorized to call the endpoint. + * + * @author <a href="mailto:darran.lofthouse@jboss.com">Darran Lofthouse</a> + * @since December 18th 2008 + */ +public class Authorize implements Serializable +{ + + private Unchecked unchecked; + + private List<Role> roles = new ArrayList<Role>(); + + public List<Role> getRoles() + { + return Collections.unmodifiableList(roles); + } + + public void addRole(final Role role) + { + roles.add(role); + } + + public boolean isUnchecked() + { + return unchecked != null; + } + + void setUnchecked(Unchecked unchecked) + { + this.unchecked = unchecked; + } + +} Property changes on: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Authorize.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Modified: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java 2008-12-18 16:47:44 UTC (rev 8955) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java 2008-12-18 18:06:14 UTC (rev 8956) @@ -38,6 +38,7 @@ private Encrypt encrypt; private Requires requires; private Authenticate authenticate; + private Authorize authorize; public Encrypt getEncrypt() { @@ -98,4 +99,14 @@ { this.authenticate = authenticate; } + + public Authorize getAuthorize() + { + return this.authorize; + } + + public void setAuthorize(Authorize authorize) + { + this.authorize = authorize; + } } Added: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Role.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Role.java (rev 0) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Role.java 2008-12-18 18:06:14 UTC (rev 8956) @@ -0,0 +1,53 @@ +/* +* JBoss, Home of Professional Open Source. +* Copyright 2008, Red Hat Middleware LLC, and individual contributors +* as indicated by the @author tags. See the copyright.txt file in the +* distribution for a full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.ws.metadata.wsse; + +import java.io.Serializable; + +/** + * <code>Role</code> representation of a role authorized to call an endpoint. + * + * @author <a href="mailto:darran.lofthouse@jboss.com">Darran Lofthouse</a> + * @since December 18th 2008 + */ +public class Role implements Serializable +{ + + private String name; + + public String getName() + { + return name; + } + + public void setName(String name) + { + this.name = name; + } + + @Override + public String toString() + { + return this.name; + } + +} Property changes on: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Role.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Added: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Unchecked.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Unchecked.java (rev 0) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Unchecked.java 2008-12-18 18:06:14 UTC (rev 8956) @@ -0,0 +1,35 @@ +/* +* JBoss, Home of Professional Open Source. +* Copyright 2008, Red Hat Middleware LLC, and individual contributors +* as indicated by the @author tags. See the copyright.txt file in the +* distribution for a full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.ws.metadata.wsse; + +import java.io.Serializable; + +/** + * <code>Unchecked</code> used when all authenticated users are authorized. + * + * @author <a href="mailto:darran.lofthouse@jboss.com">Darran Lofthouse</a> + * @since December 18th 2008 + */ +public class Unchecked implements Serializable +{ + +} Property changes on: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Unchecked.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Modified: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2008-12-18 16:47:44 UTC (rev 8955) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2008-12-18 18:06:14 UTC (rev 8956) @@ -307,6 +307,10 @@ { return new Authenticate(); } + else if ("authorize".equals(localName)) + { + return new Authorize(); + } return null; } @@ -363,7 +367,7 @@ { log.trace("addChild: [obj=" + config + ",child=" + authenticate + "]"); config.setAuthenticate(authenticate); - } + } /** * Called when parsing character is complete. @@ -372,7 +376,7 @@ { log.trace("addChild: [obj=" + authenticate + ",child=" + usernameAuth + "]"); authenticate.setUsernameAuth(usernameAuth); - } + } /** * Called when parsing character is complete. @@ -382,7 +386,34 @@ log.trace("addChild: [obj=" + authenticate + ",child=" + signatureCertAuth + "]"); authenticate.setSignatureCertAuth(signatureCertAuth); } - + + /** + * Called when parsing character is complete. + */ + public void addChild(Config config, Authorize authorize, UnmarshallingContext navigator, String namespaceURI, String localName) + { + log.trace("addChild: [obj=" + config + ",child=" + authorize + "]"); + config.setAuthorize(authorize); + } + + /** + * Called when parsing character is complete. + */ + public void addChild(Authorize authorize, Unchecked unchecked, UnmarshallingContext navigator, String namespaceURI, String localName) + { + log.trace("addChild: [obj=" + authorize + ",child=" + unchecked + "]"); + authorize.setUnchecked(unchecked); + } + + /** + * Called when parsing character is complete. + */ + public void addChild(Authorize authorize, Role role, UnmarshallingContext navigator, String namespaceURI, String localName) + { + log.trace("addChild: [obj=" + authorize + ",child=" + role + "]"); + authorize.addRole(role); + } + private Object handleTargets(Object object, UnmarshallingContext navigator, String namespaceURI, String localName, Attributes attrs) { log.trace("newChild: " + localName); @@ -452,7 +483,25 @@ return null; } + + /** + * Called when parsing of a new element started. + */ + public Object newChild(Authorize authorize, UnmarshallingContext navigator, String namespaceURI, String localName, Attributes attrs) + { + log.trace("newChild: " + localName); + if ("unchecked".equals(localName)) + { + return new Unchecked(); + } + else if ("role".equals(localName)) + { + return new Role(); + } + return null; + } + /** * Called when parsing of a new element started. */ @@ -475,7 +524,14 @@ target.setValue(value); } + + public void setValue(Role role, UnmarshallingContext navigator, String namespaceURI, String localName, String value) + { + log.trace("setValue: [obj=" + role + ",value=" + value + "]"); + role.setName(value); + } + /** * Called when parsing character is complete. */ Modified: stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd 2008-12-18 16:47:44 UTC (rev 8955) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd 2008-12-18 18:06:14 UTC (rev 8956) @@ -136,6 +136,16 @@ <xs:documentation>Specifies the token to be used for JAAS authentication. If this is not specified, the username token will be used if available.</xs:documentation> </xs:annotation> </xs:element> + <xs:element name="authorize" type="authorizeType" minOccurs="0"> + <xs:annotation> + <xs:documentation> + Specifies that authentication is required and either provides a list of roles authorized to access the endpoint or unchecked if any + authenticated user can access the endpoint. + + This should only be used for POJO endpoints, EJB3 endpoints should configure security as for any other EJB3 session bean. + </xs:documentation> + </xs:annotation> + </xs:element> </xs:all> </xs:complexType> <xs:complexType name="requireTimestampType"> @@ -351,4 +361,19 @@ </xs:annotation> </xs:attribute> </xs:complexType> + <xs:complexType name="authorizeType"> + <xs:choice minOccurs="1" maxOccurs="1"> + <xs:element name="role" type="xs:string" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Specifies a role that is allowed to call the endpoint.</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="unchecked" type="uncheckedType" minOccurs="0"> + <xs:annotation> + <xs:documentation>Specifies that any authenticated user can call the endpoint.</xs:documentation> + </xs:annotation> + </xs:element> + </xs:choice> + </xs:complexType> + <xs:complexType name="uncheckedType"/> </xs:schema> Added: stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1999/JBWS1999ConfigurationTestCase.java =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1999/JBWS1999ConfigurationTestCase.java (rev 0) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1999/JBWS1999ConfigurationTestCase.java 2008-12-18 18:06:14 UTC (rev 8956) @@ -0,0 +1,76 @@ +/* +* JBoss, Home of Professional Open Source. +* Copyright 2008, Red Hat Middleware LLC, and individual contributors +* as indicated by the @author tags. See the copyright.txt file in the +* distribution for a full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.test.ws.jaxws.jbws1999; + +import java.io.File; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; + +import org.jboss.ws.metadata.wsse.Authorize; +import org.jboss.ws.metadata.wsse.Config; +import org.jboss.ws.metadata.wsse.Role; +import org.jboss.ws.metadata.wsse.WSSecurityConfiguration; +import org.jboss.ws.metadata.wsse.WSSecurityOMFactory; +import org.jboss.wsf.test.JBossWSTest; + +/** + * Test case to test reading the 'authorize' configuration. + * + * @author <a href="mailto:darran.lofthouse@jboss.com">Darran Lofthouse</a> + * @since December 18th 2008 + */ +public class JBWS1999ConfigurationTestCase extends JBossWSTest +{ + + private WSSecurityConfiguration load(final String fileName) throws IOException + { + File configFile = getResourceFile("jaxws/jbws1999/config/" + fileName); + WSSecurityOMFactory factory = WSSecurityOMFactory.newInstance(); + + return factory.parse(configFile.toURL()); + } + + /** + * Test loading a configuration with a default 'authorize' definition + * which contains two roles. + */ + public void testDefaultRoles() throws Exception + { + WSSecurityConfiguration wsConfig = load("jboss-wsse-default-roles.xml"); + + Config config = wsConfig.getDefaultConfig(); + Authorize authorize = config.getAuthorize(); + List<Role> roles = authorize.getRoles(); + + assertEquals("Expected 2 roles", 2, roles.size()); + + List<String> roleNames = new ArrayList<String>(roles.size()); + for (Role current : roles) + { + roleNames.add(current.getName()); + } + assertTrue("Expected 'Trader' role.", roleNames.contains("Trader")); + assertTrue("Expected 'Banker' role.", roleNames.contains("Banker")); + } + +} Property changes on: stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1999/JBWS1999ConfigurationTestCase.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Added: stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/resources/jaxws/jbws1999/config/jboss-wsse-default-roles.xml =================================================================== --- stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/resources/jaxws/jbws1999/config/jboss-wsse-default-roles.xml (rev 0) +++ stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/resources/jaxws/jbws1999/config/jboss-wsse-default-roles.xml 2008-12-18 18:06:14 UTC (rev 8956) @@ -0,0 +1,12 @@ +<jboss-ws-security xmlns='http://www.jboss.com/ws-security/config' + xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' + xsi:schemaLocation='http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd'> + + <config> + <authorize> + <role>Banker</role> + <role>Trader</role> + </authorize> + </config> + +</jboss-ws-security> \ No newline at end of file Property changes on: stack/native/branches/dlofthouse/JBWS-1999/modules/testsuite/native-tests/src/test/resources/jaxws/jbws1999/config/jboss-wsse-default-roles.xml ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF