JBossWS SVN: r1966 - in trunk: integration-jboss50/src/main/java/org/jboss/ws/integration/jboss50 and 4 other directories.
7:32 a.m.
Author: thomas.diesler(a)jboss.com
Date: 2007-01-15 08:32:12 -0500 (Mon, 15 Jan 2007)
New Revision: 1966
Modified:
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB21.java
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB3.java
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/ServiceEndpointGeneratorEJB.java
trunk/integration-jboss50/src/main/java/org/jboss/ws/integration/jboss50/ServiceEndpointGeneratorEJB.java
trunk/jbossws-core/src/main/java/org/jboss/ws/annotation/PortComponent.java
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/builder/jaxws/JAXWSEndpointMetaDataBuilder.java
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/umdm/ServerEndpointMetaData.java
trunk/jbossws-tests/src/main/java/org/jboss/test/ws/jaxws/samples/jsr181ejb/EJB3Bean01.java
Log:
[JBWS-723] - Protect access to wsdl
Modified:
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB21.java
===================================================================
---
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB21.java 2007-01-15
13:25:57 UTC (rev 1965)
+++
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB21.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -113,7 +113,7 @@
protected URL generateWebDeployment(DeploymentInfo di, UnifiedMetaData wsMetaData)
throws IOException
{
ServiceEndpointGeneratorEJB21 generator = new ServiceEndpointGeneratorEJB21();
- return generator.generatWebDeployment(di, wsMetaData);
+ return generator.generatWebDeployment(wsMetaData, di);
}
}
Modified:
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB3.java
===================================================================
---
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB3.java 2007-01-15
13:25:57 UTC (rev 1965)
+++
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/DeployerInterceptorEJB3.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -124,6 +124,6 @@
protected URL generateWebDeployment(DeploymentInfo di, UnifiedMetaData wsMetaData)
throws IOException
{
- return new ServiceEndpointGeneratorEJB3().generatWebDeployment(di, wsMetaData);
+ return new ServiceEndpointGeneratorEJB3().generatWebDeployment(wsMetaData, di);
}
}
Modified:
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/ServiceEndpointGeneratorEJB.java
===================================================================
---
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/ServiceEndpointGeneratorEJB.java 2007-01-15
13:25:57 UTC (rev 1965)
+++
trunk/integration-jboss42/src/main/java/org/jboss/ws/integration/jboss42/ServiceEndpointGeneratorEJB.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -33,9 +33,9 @@
import org.jboss.deployment.DeploymentInfo;
import org.jboss.logging.Logger;
-import org.jboss.system.server.ServerConfig;
-import org.jboss.system.server.ServerConfigLocator;
import org.jboss.ws.WSException;
+import org.jboss.ws.core.server.ServerConfig;
+import org.jboss.ws.core.server.ServerConfigFactory;
import org.jboss.ws.core.utils.DOMUtils;
import org.jboss.ws.core.utils.DOMWriter;
import org.jboss.ws.metadata.umdm.EndpointMetaData;
@@ -55,25 +55,25 @@
// logging support
protected Logger log = Logger.getLogger(ServiceEndpointGeneratorEJB.class);
- public URL generatWebDeployment(DeploymentInfo di, UnifiedMetaData wsMetaData) throws
IOException
+ public URL generatWebDeployment(UnifiedMetaData wsMetaData, DeploymentInfo di) throws
IOException
{
// Collect the list of PortComponentMetaData
- List<EndpointMetaData> epMetaDataList = new
ArrayList<EndpointMetaData>();
+ List<ServerEndpointMetaData> sepMetaDataList = new
ArrayList<ServerEndpointMetaData>();
for (ServiceMetaData serviceMetaData : wsMetaData.getServices())
{
for (EndpointMetaData epMetaData : serviceMetaData.getEndpoints())
{
- epMetaDataList.add(epMetaData);
+ sepMetaDataList.add((ServerEndpointMetaData)epMetaData);
}
}
- Element webDoc = createWebAppDescriptor(di, epMetaDataList);
- Element jbossDoc = createJBossWebAppDescriptor(di, epMetaDataList);
+ Element webDoc = createWebAppDescriptor(sepMetaDataList, di);
+ Element jbossDoc = createJBossWebAppDescriptor(sepMetaDataList, di);
File tmpWar = null;
try
{
- ServerConfig config = ServerConfigLocator.locate();
+ ServerConfig config = ServerConfigFactory.getInstance().getServerConfig();
File tmpdir = new File(config.getServerTempDir().getCanonicalPath() +
"/deploy");
String deploymentName = di.getCanonicalName().replace('/', '-')
+ "-ws";
@@ -91,16 +91,16 @@
fw = new FileWriter(jbossWebXml);
new DOMWriter(fw).setPrettyprint(true).print(jbossDoc);
fw.close();
+
+ return tmpWar.toURL();
}
catch (IOException e)
{
throw new WSException("Failed to create webservice.war", e);
}
-
- return tmpWar.toURL();
}
- private Element createWebAppDescriptor(DeploymentInfo di, List<EndpointMetaData>
epMetaDataList)
+ private Element createWebAppDescriptor(List<ServerEndpointMetaData>
sepMetaDataList, DeploymentInfo di)
{
Element webApp = DOMUtils.createElement("web-app");
@@ -110,9 +110,8 @@
<servlet-class>
</servlet>
*/
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String ejbName = sepMetaData.getLinkName();
Element servlet =
(Element)webApp.appendChild(DOMUtils.createElement("servlet"));
Element servletName =
(Element)servlet.appendChild(DOMUtils.createElement("servlet-name"));
@@ -131,9 +130,8 @@
</servlet-mapping>
*/
ArrayList<String> urlPatters = new ArrayList<String>();
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String ejbName = sepMetaData.getLinkName();
Element servletMapping =
(Element)webApp.appendChild(DOMUtils.createElement("servlet-mapping"));
Element servletName =
(Element)servletMapping.appendChild(DOMUtils.createElement("servlet-name"));
@@ -156,9 +154,8 @@
String authMethod = null;
// Add web-app/security-constraint for each port component
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String ejbName = sepMetaData.getLinkName();
if (sepMetaData.getAuthMethod() != null || sepMetaData.getTransportGuarantee()
!= null)
{
@@ -183,9 +180,12 @@
Element pattern =
(Element)wrc.appendChild(DOMUtils.createElement("url-pattern"));
String uri = sepMetaData.getURLPattern();
pattern.appendChild(DOMUtils.createTextNode(uri));
+ if (sepMetaData.isSecureWSDLAccess())
+ {
+ Element method =
(Element)wrc.appendChild(DOMUtils.createElement("http-method"));
+ method.appendChild(DOMUtils.createTextNode("GET"));
+ }
Element method =
(Element)wrc.appendChild(DOMUtils.createElement("http-method"));
- method.appendChild(DOMUtils.createTextNode("GET"));
- method =
(Element)wrc.appendChild(DOMUtils.createElement("http-method"));
method.appendChild(DOMUtils.createTextNode("POST"));
// Optional auth-constraint
@@ -224,7 +224,7 @@
return webApp;
}
- private Element createJBossWebAppDescriptor(DeploymentInfo di,
List<EndpointMetaData> epMetaDataList)
+ private Element createJBossWebAppDescriptor(List<ServerEndpointMetaData>
sepMetaDataList, DeploymentInfo di)
{
/* Create a jboss-web
<jboss-web>
@@ -234,7 +234,7 @@
*/
Element jbossWeb = DOMUtils.createElement("jboss-web");
- UnifiedMetaData wsMetaData =
epMetaDataList.get(0).getServiceMetaData().getUnifiedMetaData();
+ UnifiedMetaData wsMetaData =
sepMetaDataList.get(0).getServiceMetaData().getUnifiedMetaData();
String securityDomain = wsMetaData.getSecurityDomain();
if (securityDomain != null)
{
@@ -244,9 +244,8 @@
// Get the context root for this deployment
String contextRoot = null;
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String next = sepMetaData.getContextRoot();
if (next != null)
{
@@ -267,9 +266,8 @@
root.appendChild(DOMUtils.createTextNode(contextRoot));
String[] virtualHosts = null;
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String[] next = sepMetaData.getVirtualHosts();
if (next != null && next.length > 0)
{
Modified:
trunk/integration-jboss50/src/main/java/org/jboss/ws/integration/jboss50/ServiceEndpointGeneratorEJB.java
===================================================================
---
trunk/integration-jboss50/src/main/java/org/jboss/ws/integration/jboss50/ServiceEndpointGeneratorEJB.java 2007-01-15
13:25:57 UTC (rev 1965)
+++
trunk/integration-jboss50/src/main/java/org/jboss/ws/integration/jboss50/ServiceEndpointGeneratorEJB.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -57,30 +57,29 @@
public URL generatWebDeployment(UnifiedMetaData wsMetaData, DeploymentUnit unit)
{
- // Collect the list of EndpointMetaData
- List<EndpointMetaData> epMetaDataList = new
ArrayList<EndpointMetaData>();
+ // Collect the list of PortComponentMetaData
+ List<ServerEndpointMetaData> sepMetaDataList = new
ArrayList<ServerEndpointMetaData>();
for (ServiceMetaData serviceMetaData : wsMetaData.getServices())
{
for (EndpointMetaData epMetaData : serviceMetaData.getEndpoints())
{
- epMetaDataList.add(epMetaData);
+ sepMetaDataList.add((ServerEndpointMetaData)epMetaData);
}
}
- Element webDoc = createWebAppDescriptor(epMetaDataList, unit);
- Element jbossDoc = createJBossWebAppDescriptor(epMetaDataList, unit);
+ Element webDoc = createWebAppDescriptor(sepMetaDataList, unit);
+ Element jbossDoc = createJBossWebAppDescriptor(sepMetaDataList, unit);
File tmpWar = null;
try
{
- ServerConfigFactory factory = ServerConfigFactory.getInstance();
- ServerConfig config = factory.getServerConfig();
+ ServerConfig config = ServerConfigFactory.getInstance().getServerConfig();
File tmpdir = new File(config.getServerTempDir().getCanonicalPath() +
"/deploy");
String deploymentName = wsMetaData.getDeploymentName().replace('/',
'-');
tmpWar = File.createTempFile(deploymentName, ".war", tmpdir);
tmpWar.delete();
-
+
File webInf = new File(tmpWar, "WEB-INF");
webInf.mkdirs();
@@ -93,7 +92,7 @@
fw = new FileWriter(jbossWebXml);
new DOMWriter(fw).setPrettyprint(true).print(jbossDoc);
fw.close();
-
+
return tmpWar.toURL();
}
catch (IOException e)
@@ -102,7 +101,7 @@
}
}
- private Element createWebAppDescriptor(List<EndpointMetaData> epMetaDataList,
DeploymentUnit unit)
+ private Element createWebAppDescriptor(List<ServerEndpointMetaData>
sepMetaDataList, DeploymentUnit unit)
{
Element webApp = DOMUtils.createElement("web-app");
@@ -112,9 +111,8 @@
<servlet-class>
</servlet>
*/
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String ejbName = sepMetaData.getLinkName();
Element servlet =
(Element)webApp.appendChild(DOMUtils.createElement("servlet"));
Element servletName =
(Element)servlet.appendChild(DOMUtils.createElement("servlet-name"));
@@ -133,9 +131,8 @@
</servlet-mapping>
*/
ArrayList urlPatters = new ArrayList();
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String ejbName = sepMetaData.getLinkName();
Element servletMapping =
(Element)webApp.appendChild(DOMUtils.createElement("servlet-mapping"));
Element servletName =
(Element)servletMapping.appendChild(DOMUtils.createElement("servlet-name"));
@@ -158,9 +155,8 @@
String authMethod = null;
// Add web-app/security-constraint for each port component
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String ejbName = sepMetaData.getLinkName();
if (sepMetaData.getAuthMethod() != null || sepMetaData.getTransportGuarantee()
!= null)
{
@@ -185,9 +181,12 @@
Element pattern =
(Element)wrc.appendChild(DOMUtils.createElement("url-pattern"));
String uri = sepMetaData.getURLPattern();
pattern.appendChild(DOMUtils.createTextNode(uri));
+ if (sepMetaData.isSecureWSDLAccess())
+ {
+ Element method =
(Element)wrc.appendChild(DOMUtils.createElement("http-method"));
+ method.appendChild(DOMUtils.createTextNode("GET"));
+ }
Element method =
(Element)wrc.appendChild(DOMUtils.createElement("http-method"));
- method.appendChild(DOMUtils.createTextNode("GET"));
- method =
(Element)wrc.appendChild(DOMUtils.createElement("http-method"));
method.appendChild(DOMUtils.createTextNode("POST"));
// Optional auth-constraint
@@ -226,7 +225,7 @@
return webApp;
}
- private Element createJBossWebAppDescriptor(List<EndpointMetaData>
epMetaDataList, DeploymentUnit unit)
+ private Element createJBossWebAppDescriptor(List<ServerEndpointMetaData>
sepMetaDataList, DeploymentUnit unit)
{
/* Create a jboss-web
<jboss-web>
@@ -237,7 +236,7 @@
*/
Element jbossWeb = DOMUtils.createElement("jboss-web");
- UnifiedMetaData wsMetaData =
epMetaDataList.get(0).getServiceMetaData().getUnifiedMetaData();
+ UnifiedMetaData wsMetaData =
sepMetaDataList.get(0).getServiceMetaData().getUnifiedMetaData();
String securityDomain = wsMetaData.getSecurityDomain();
if (securityDomain != null)
{
@@ -247,9 +246,8 @@
// Get the context root for this deployment
String contextRoot = null;
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String next = sepMetaData.getContextRoot();
if (next != null)
{
@@ -270,9 +268,8 @@
root.appendChild(DOMUtils.createTextNode(contextRoot));
String[] virtualHosts = null;
- for (EndpointMetaData epMetaData : epMetaDataList)
+ for (ServerEndpointMetaData sepMetaData : sepMetaDataList)
{
- ServerEndpointMetaData sepMetaData = (ServerEndpointMetaData)epMetaData;
String[] next = sepMetaData.getVirtualHosts();
if (next != null && next.length > 0)
{
@@ -298,9 +295,8 @@
Element virtualHost =
(Element)jbossWeb.appendChild(DOMUtils.createElement("virtual-host"));
virtualHost.appendChild(DOMUtils.createTextNode(current));
}
- }
-
-
+ }
+
return jbossWeb;
}
Modified: trunk/jbossws-core/src/main/java/org/jboss/ws/annotation/PortComponent.java
===================================================================
--- trunk/jbossws-core/src/main/java/org/jboss/ws/annotation/PortComponent.java 2007-01-15
13:25:57 UTC (rev 1965)
+++ trunk/jbossws-core/src/main/java/org/jboss/ws/annotation/PortComponent.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -61,23 +61,6 @@
*/
String urlPattern() default "";
- /**
- * The optional config-name element gives the client configuration name that must be
present in
- * the configuration given by element config-file.
- *
- * Server side default: Standard Endpoint
- * Client side default: Standard Client
- */
- String configName() default "";
-
- /**
- * The optional config-file element gives the to a URL or resource name for the
configuration.
- *
- * Server side default: standard-jaxrpc-endpoint-config.xml,
standard-jaxws-endpoint-config.xml
- * Client side default: standard-jaxrpc-client-config.xml,
standard-jaxws-client-config.xml
- */
- String configFile() default "";
-
/**
* The authMethod is used to configure the authentication mechanism for the web
service.
* As a prerequisite to gaining access to any web service which are protected by an
authorization
@@ -100,4 +83,30 @@
* CONFIDENTIAL flag will indicate that the use of SSL is required.
*/
String transportGuarantee() default "";
+
+ /**
+ * A secure endpoint does not by default publish it's wsdl on an unsecure
transport.
+ * You can override this behaviour by explicitly setting the secureWSDLAccess flag to
false.
+ *
+ * Protect access to WSDL
+ * http://jira.jboss.org/jira/browse/JBWS-723
+ */
+ boolean secureWSDLAccess() default true;
+
+ /**
+ * The optional config-name element gives the client configuration name that must be
present in
+ * the configuration given by element config-file.
+ *
+ * Server side default: Standard Endpoint
+ * Client side default: Standard Client
+ */
+ String configName() default "";
+
+ /**
+ * The optional config-file element gives the to a URL or resource name for the
configuration.
+ *
+ * Server side default: standard-jaxrpc-endpoint-config.xml,
standard-jaxws-endpoint-config.xml
+ * Client side default: standard-jaxrpc-client-config.xml,
standard-jaxws-client-config.xml
+ */
+ String configFile() default "";
}
Modified:
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/builder/jaxws/JAXWSEndpointMetaDataBuilder.java
===================================================================
---
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/builder/jaxws/JAXWSEndpointMetaDataBuilder.java 2007-01-15
13:25:57 UTC (rev 1965)
+++
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/builder/jaxws/JAXWSEndpointMetaDataBuilder.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -135,6 +135,9 @@
sepMetaData.setTransportGuarantee(transportGuarantee);
}
}
+
+ // secure wsdl access
+ sepMetaData.setSecureWSDLAccess(anPortComponent.secureWSDLAccess());
// virtual hosts
String[] virtualHosts = anPortComponent.virtualHosts();
Modified:
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/umdm/ServerEndpointMetaData.java
===================================================================
---
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/umdm/ServerEndpointMetaData.java 2007-01-15
13:25:57 UTC (rev 1965)
+++
trunk/jbossws-core/src/main/java/org/jboss/ws/metadata/umdm/ServerEndpointMetaData.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -58,6 +58,8 @@
private String urlPattern;
// The optional transport guarantee
private String transportGuarantee;
+ // The optional secure wsdl access
+ private boolean secureWSDLAccess = true;
// The bean that registers with the ServiceEndpointManager
private String managedEndpointBean =
"org.jboss.ws.core.server.ServiceEndpoint";
@@ -152,6 +154,16 @@
this.transportGuarantee = transportGuarantee;
}
+ public boolean isSecureWSDLAccess()
+ {
+ return secureWSDLAccess;
+ }
+
+ public void setSecureWSDLAccess(boolean secureWSDLAccess)
+ {
+ this.secureWSDLAccess = secureWSDLAccess;
+ }
+
public String getManagedEndpointBean()
{
return managedEndpointBean;
@@ -209,6 +221,7 @@
buffer.append("\n configName=").append(getConfigName());
buffer.append("\n authMethod=").append(getAuthMethod());
buffer.append("\n transportGuarantee=").append(getTransportGuarantee());
+ buffer.append("\n secureWSDLAccess=").append(isSecureWSDLAccess());
buffer.append("\n properties=").append(getProperties());
for (OperationMetaData opMetaData : getOperations())
Modified:
trunk/jbossws-tests/src/main/java/org/jboss/test/ws/jaxws/samples/jsr181ejb/EJB3Bean01.java
===================================================================
---
trunk/jbossws-tests/src/main/java/org/jboss/test/ws/jaxws/samples/jsr181ejb/EJB3Bean01.java 2007-01-15
13:25:57 UTC (rev 1965)
+++
trunk/jbossws-tests/src/main/java/org/jboss/test/ws/jaxws/samples/jsr181ejb/EJB3Bean01.java 2007-01-15
13:32:12 UTC (rev 1966)
@@ -52,7 +52,7 @@
// jboss propriatary annotations
@RemoteBinding(jndiBinding = "/ejb3/EJB3Bean01")
-@PortComponent(authMethod="BASIC", transportGuarantee="NONE",
configName="Standard WSSecurity Endpoint")
+@PortComponent(authMethod="BASIC", transportGuarantee="NONE",
secureWSDLAccess=false, configName="Standard WSSecurity Endpoint")
@SecurityDomain("JBossWS")
public class EJB3Bean01 implements EJB3RemoteInterface
{
7059
days inactive
7059
days old
jbossws-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
jbossws-commits@lists.jboss.org