Author: jim.ma
Date: 2013-10-16 02:29:47 -0400 (Wed, 16 Oct 2013)
New Revision: 17999
Added:
projects/jaspic-soap/trunk/pom.xml
projects/jaspic-soap/trunk/src/
projects/jaspic-soap/trunk/src/main/
projects/jaspic-soap/trunk/src/main/java/
projects/jaspic-soap/trunk/src/main/java/org/
projects/jaspic-soap/trunk/src/main/java/org/jboss/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConfigProvider.java
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConstants.java
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthConfig.java
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthContext.java
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/SecurityActions.java
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/module/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/module/SOAPServerAuthModule.java
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/wss/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/wss/validator/
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/wss/validator/UsernameTokenValidator.java
projects/jaspic-soap/trunk/src/test/
projects/jaspic-soap/trunk/src/test/java/
projects/jaspic-soap/trunk/src/test/java/org/
projects/jaspic-soap/trunk/src/test/java/org/jboss/
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/container/
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/container/config/
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/container/config/JASPISoapTest.java
projects/jaspic-soap/trunk/src/test/resources/
projects/jaspic-soap/trunk/src/test/resources/jaspi-config.xml
projects/jaspic-soap/trunk/src/test/resources/usernametoken-soapmessage.xml
projects/jaspic-soap/trunk/src/test/resources/users.properties
Log:
Initial commit for jaspic soap profile
Added: projects/jaspic-soap/trunk/pom.xml
===================================================================
--- projects/jaspic-soap/trunk/pom.xml (rev 0)
+++ projects/jaspic-soap/trunk/pom.xml 2013-10-16 06:29:47 UTC (rev 17999)
@@ -0,0 +1,113 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <name>JBossWS CXF JASPIC SOAP</name>
+ <groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jaspic</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+ <description>JBossWS CXF JASPIC SOAP Profile</description>
+
+ <parent>
+ <groupId>org.jboss.ws</groupId>
+ <artifactId>jbossws-parent</artifactId>
+ <version>1.1.0.GA</version>
+ </parent>
+
+ <scm>
+
<
connection>scm:svn:http://anonsvn.jboss.org/repos/jbossws/stack/cxf/tr...
+
<
developerConnection>scm:svn:https://svn.jboss.org/repos/jbossws/stack/...
+ <
url>http://fisheye.jboss.com/viewrep/JBossWS/stack/cxf/trunk</url>
+ </scm>
+
+ <properties>
+ <jaspi.api.version>1.0.0.Final</jaspi.api.version>
+ <jascc.api.version>1.0.1.Final</jascc.api.version>
+ <cxf.version>2.7.7</cxf.version>
+ <picketbox.version>4.0.17.Final</picketbox.version>
+ <picketlink.version>2.1.7.Final</picketlink.version>
+ <log4j.version>1.2.16</log4j.version>
+ <opensaml.version>2.5.3</opensaml.version>
+ <saaj.api.version>1.0.1.Final</saaj.api.version>
+ <wss4j.version>1.6.12</wss4j.version>
+ <jboss-logging.version>3.1.2.GA</jboss-logging.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-api</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-security</artifactId>
+ <version>${cxf.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.soap</groupId>
+ <artifactId>saaj-api</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.ws.security</groupId>
+ <artifactId>wss4j</artifactId>
+ <version>${wss4j.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xml-apis</groupId>
+ <artifactId>xml-apis</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+
+ <dependency>
+ <groupId>org.picketbox</groupId>
+ <artifactId>jbosssx-bare</artifactId>
+ <version>${picketbox.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.spec.javax.security.auth.message</groupId>
+ <artifactId>jboss-jaspi-api_1.0_spec</artifactId>
+ <version>${jaspi.api.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging</artifactId>
+ <version>${jboss-logging.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.spec.javax.security.jacc</groupId>
+ <artifactId>jboss-jacc-api_1.4_spec</artifactId>
+ <version>${jascc.api.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.spec.javax.xml.soap</groupId>
+ <artifactId>jboss-saaj-api_1.3_spec</artifactId>
+ <version>${saaj.api.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.11</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
Property changes on: projects/jaspic-soap/trunk/pom.xml
___________________________________________________________________
Added: svn:mime-type
+ text/xml
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConfigProvider.java
===================================================================
---
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConfigProvider.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConfigProvider.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,63 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.jaspic.container.config;
+
+import java.util.Properties;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
+
+public class JBossWSAuthConfigProvider implements AuthConfigProvider {
+ private Properties contextProperties;
+
+ public JBossWSAuthConfigProvider(Properties props, AuthConfigFactory factory) {
+ contextProperties = props;
+ if (factory != null) {
+ factory.registerConfigProvider(this, "SOAP", null,"JBossWS
AuthConfigProvider");
+ }
+
+ }
+
+ @Override
+ public ClientAuthConfig getClientAuthConfig(String layer,String appContext,
CallbackHandler handler) throws AuthException, SecurityException {
+ //TODO:implement it
+ return null;
+ }
+
+ @Override
+ public ServerAuthConfig getServerAuthConfig(String layer,
+ String appContext, CallbackHandler handler) throws AuthException,
+ SecurityException {
+ return new JBossWSServerAuthConfig(layer, appContext, handler, contextProperties);
+ }
+
+ @Override
+ public void refresh() {
+
+
+ }
+
+}
\ No newline at end of file
Property changes on:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConfigProvider.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConstants.java
===================================================================
---
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConstants.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConstants.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,6 @@
+package org.jboss.ws.jaspic.container.config;
+
+public class JBossWSAuthConstants {
+ public static final String WSS4J_CONFIG = "wss4j.config";
+
+}
Property changes on:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSAuthConstants.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthConfig.java
===================================================================
---
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthConfig.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthConfig.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,211 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.jaspic.container.config;
+
+import java.lang.reflect.Constructor;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.AuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+import javax.security.auth.message.module.ServerAuthModule;
+
+import org.jboss.security.PicketBoxMessages;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.AuthenticationInfo;
+import org.jboss.security.auth.login.BaseAuthenticationInfo;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.message.config.JBossServerAuthContext;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.plugins.ClassLoaderLocator;
+import org.jboss.security.plugins.ClassLoaderLocatorFactory;
+
+//TODO: Refactor JBossServerAuthConfig, this class should extend JBossServerAuthConfig,
+public class JBossWSServerAuthConfig implements ServerAuthConfig {
+ private String layer;
+ private String contextId;
+ private CallbackHandler callbackHandler = new JBossCallbackHandler();
+ @SuppressWarnings("rawtypes")
+ private List modules = new ArrayList();
+ @SuppressWarnings({ "unused", "rawtypes" })
+ private Map contextProperties;
+
+ @SuppressWarnings("rawtypes")
+ public JBossWSServerAuthConfig(String layer, String appContext,
+ CallbackHandler handler, Map properties) {
+ this.layer = layer;
+ this.contextId = appContext;
+ this.callbackHandler = handler;
+ this.contextProperties = properties;
+ }
+
+ @SuppressWarnings({ "rawtypes", "unchecked" })
+ public ServerAuthContext getAuthContext(String authContextID,
+ Subject serviceSubject, Map properties) throws AuthException {
+ List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
+
+ Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
+ SecurityContext securityContext = SecurityActions.getSecurityContext();
+ String secDomain = null;
+ if (securityContext != null) {
+ secDomain = securityContext.getSecurityDomain();
+ } else {
+ secDomain = (String) properties.get("security-domain");
+ if (secDomain == null)
+ throw PicketBoxMessages.MESSAGES
+ .failedToObtainSecDomainFromContextOrConfig();
+ }
+
+ String defaultAppDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ // Get the modules from the SecurityConfiguration
+ ApplicationPolicy ap = SecurityConfiguration
+ .getApplicationPolicy(secDomain);
+ if (ap == null) {
+ ap = SecurityConfiguration.getApplicationPolicy(defaultAppDomain);
+ }
+ if (ap == null)
+ throw PicketBoxMessages.MESSAGES
+ .failedToObtainApplicationPolicy(secDomain);
+ BaseAuthenticationInfo bai = ap.getAuthenticationInfo();
+ if (bai == null)
+ throw PicketBoxMessages.MESSAGES
+ .failedToObtainAuthenticationInfo(secDomain);
+
+ if (bai instanceof AuthenticationInfo) {
+ throw new AuthException("Unexpected authentication configuration");
+
+ } else {
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+ AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
+
+ ClassLoader moduleCL = null;
+ String jbossModule = jai.getJBossModuleName();
+ if (jbossModule != null && !jbossModule.isEmpty()) {
+ ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
+ if (locator != null)
+ moduleCL = locator.get(jbossModule);
+ }
+
+ for (AuthModuleEntry ame : amearr) {
+ if (ame.getLoginModuleStackHolderName() != null) {
+ try {
+ mapOptionsByName.put(ame.getAuthModuleName(),
+ ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ServerAuthModule sam = this.createSAM(moduleCL,
+ ame.getAuthModuleName(),
+ ame.getLoginModuleStackHolderName());
+
+ Map options = new HashMap();
+
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ } catch (Exception e) {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ } else {
+ try {
+ mapOptionsByName.put(ame.getAuthModuleName(),
+ ame.getOptions());
+ controlFlags.add(ame.getControlFlag());
+ ServerAuthModule sam = this.createSAM(moduleCL,
+ ame.getAuthModuleName());
+
+ Map options = new HashMap();
+ sam.initialize(null, null, callbackHandler, options);
+ modules.add(sam);
+ } catch (Exception e) {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ }
+ }
+ }
+
+ JBossServerAuthContext serverAuthContext = new JBossServerAuthContext(
+ modules, mapOptionsByName, this.callbackHandler);
+ serverAuthContext.setControlFlags(controlFlags);
+ return serverAuthContext;
+ }
+
+ /**
+ * @see AuthConfig#getAppContext()
+ */
+ public String getAppContext() {
+ return this.contextId;
+ }
+
+ /**
+ * @see AuthConfig#getMessageLayer()
+ */
+ public String getMessageLayer() {
+ return this.layer;
+ }
+
+ /**
+ * @see AuthConfig#refresh()
+ */
+ public void refresh() {
+ }
+
+ // Custom Methods
+ @SuppressWarnings({ "rawtypes" })
+ public List getServerAuthModules() {
+ return this.modules;
+ }
+
+ public String getAuthContextID(MessageInfo messageInfo) {
+ return this.contextId;
+ }
+
+ public boolean isProtected() {
+ throw new UnsupportedOperationException();
+ }
+
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name)
+ throws Exception {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[0]);
+ return (ServerAuthModule) ctr.newInstance(new Object[0]);
+ }
+
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name,
+ String lmshName) throws Exception {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[] { String.class });
+ return (ServerAuthModule) ctr.newInstance(new Object[] { lmshName });
+ }
+
+}
\ No newline at end of file
Property changes on:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthConfig.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthContext.java
===================================================================
---
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthContext.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthContext.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.jaspic.container.config;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.module.ServerAuthModule;
+
+import org.jboss.security.auth.message.config.JBossServerAuthContext;
+@SuppressWarnings({"rawtypes" })
+public class JBossWSServerAuthContext extends JBossServerAuthContext {
+
+ public JBossWSServerAuthContext(List<ServerAuthModule> modules,
+ Map<String, Map> moduleNameToOptions, CallbackHandler cbh)
+ throws AuthException {
+ super(modules, moduleNameToOptions, cbh);
+ }
+
+}
Property changes on:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/JBossWSServerAuthContext.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/SecurityActions.java
===================================================================
---
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/SecurityActions.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/SecurityActions.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.jaspic.container.config;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
+ {
+
+ public SecurityContext run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ });
+ }
+
+ static Class<?> loadClass(final ClassLoader cl, final String name) throws
PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ if (cl == null)
+ {
+ return loadClass(name);
+ }
+ try
+ {
+ return cl.loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ return loadClass(name);
+ }
+ }
+ });
+ }
+
+ static Class<?> loadClass(final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ try
+ {
+ return getClass().getClassLoader().loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ try
+ {
+ return getContextClassLoader().loadClass(name);
+ }
+ catch (Exception e)
+ {
+ throw new PrivilegedActionException(e);
+ }
+ }
+ }
+ });
+ }
+}
\ No newline at end of file
Property changes on:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/config/SecurityActions.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/module/SOAPServerAuthModule.java
===================================================================
---
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/module/SOAPServerAuthModule.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/module/SOAPServerAuthModule.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,133 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.jaspic.container.module;
+
+import java.util.Map.Entry;
+import java.util.Properties;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.SoapVersion;
+import org.apache.cxf.binding.soap.SoapVersionFactory;
+import org.apache.cxf.message.Exchange;
+import org.apache.cxf.message.ExchangeImpl;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.WSSecurityEngine;
+import org.jboss.security.auth.container.modules.AbstractServerAuthModule;
+import org.jboss.ws.jaspic.container.config.JBossWSAuthConstants;
+import org.jboss.ws.jaspic.wss.validator.UsernameTokenValidator;
+
+public class SOAPServerAuthModule extends AbstractServerAuthModule {
+ private String securityDomainName = null;
+
+ public SOAPServerAuthModule() {
+ supportedTypes.add(Object.class);
+ supportedTypes.add(SOAPMessage.class);
+ }
+
+ public SOAPServerAuthModule(String lmshName) {
+ supportedTypes.add(Object.class);
+ this.supportedTypes.add(SOAPMessage.class);
+ securityDomainName = lmshName;
+ }
+
+ @Override
+ protected boolean validate(Subject clientSubject, MessageInfo messageInfo)
+ throws AuthException {
+
+ SOAPMessage soapMessage = (SOAPMessage)messageInfo.getRequestMessage();
+ SoapVersion soapVersion = null;
+ try {
+ String ns = soapMessage.getSOAPBody().getNamespaceURI();
+ soapVersion = SoapVersionFactory.getInstance().getSoapVersion(ns);
+ } catch (SOAPException e) {
+ throw new AuthException(e.getMessage());
+ }
+ if (soapVersion == null) {
+ throw new AuthException("Invalid soap message");
+ }
+
+
+ Exchange exchange = new ExchangeImpl();
+ MessageImpl messageImpl = new MessageImpl();
+ messageImpl.setExchange(exchange);
+ SoapMessage cxfSoapMessage = new SoapMessage(messageImpl);
+ cxfSoapMessage.setVersion(soapVersion);
+ cxfSoapMessage.setContent(SOAPMessage.class, soapMessage);
+ cxfSoapMessage.put(Message.HTTP_REQUEST_METHOD, "POST");
+
+
+ WSSConfig wssConfig = WSSConfig.getNewInstance();
+ setJASPICValidator(wssConfig);
+ cxfSoapMessage.put(WSSConfig.class.getName(), wssConfig);
+
+ //set the wss4j config from messageinfo
+ if (messageInfo.getMap().get(JBossWSAuthConstants.WSS4J_CONFIG) != null) {
+ Properties props =
(Properties)messageInfo.getMap().get(JBossWSAuthConstants.WSS4J_CONFIG);
+ for(Entry<Object, Object> e : props.entrySet()) {
+ cxfSoapMessage.put(e.getKey().toString(), e.getValue());
+ }
+ }
+
+ WSS4JInInterceptor wss4jInterceptor = new WSS4JInInterceptor();
+ wss4jInterceptor.setIgnoreActions(true);
+ wss4jInterceptor.handleMessage(cxfSoapMessage);
+
+ return true;
+
+ }
+
+ public AuthStatus secureResponse(MessageInfo arg0, Subject arg1)
+ throws AuthException {
+ throw new UnsupportedOperationException();
+ }
+
+ protected void setJASPICValidator(WSSConfig wssconfig) {
+ //TODO: add other validator
+ UsernameTokenValidator usernameTokenValidator = new UsernameTokenValidator();
+ usernameTokenValidator.setContextName(getSecurityDomainName());
+ wssconfig.setValidator(WSSecurityEngine.USERNAME_TOKEN, usernameTokenValidator);
+ }
+
+ protected String getSecurityDomainName() {
+ if (this.securityDomainName != null)
+ return securityDomainName;
+
+ // Check if it is passed in the options
+ String domainName = (String) options
+ .get("javax.security.auth.login.LoginContext");
+ if (domainName == null) {
+ domainName = getClass().getName();
+ }
+ return domainName;
+ }
+
+}
\ No newline at end of file
Property changes on:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/container/module/SOAPServerAuthModule.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/wss/validator/UsernameTokenValidator.java
===================================================================
---
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/wss/validator/UsernameTokenValidator.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/wss/validator/UsernameTokenValidator.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,30 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.jaspic.wss.validator;
+
+import org.apache.ws.security.validate.JAASUsernameTokenValidator;
+
+public class UsernameTokenValidator extends JAASUsernameTokenValidator {
+ //wss4j's JAASUsernameTokenValidator only supports plain text password
+ //TODO: support other type password
+
+}
Property changes on:
projects/jaspic-soap/trunk/src/main/java/org/jboss/ws/jaspic/wss/validator/UsernameTokenValidator.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/container/config/JASPISoapTest.java
===================================================================
---
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/container/config/JASPISoapTest.java
(rev 0)
+++
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/container/config/JASPISoapTest.java 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1,131 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.jaspic.container.config;
+
+import java.io.ByteArrayInputStream;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.Date;
+import java.util.Properties;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPMessage;
+
+import junit.framework.TestCase;
+
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.util.XmlSchemaDateFormat;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class JASPISoapTest extends TestCase {
+
+ @BeforeClass
+ protected void setUp() throws Exception {
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+
+ setJAASConfiguration(xli);
+
+ URL configURL = Thread.currentThread().getContextClassLoader()
+ .getResource("jaspi-config.xml");
+ assertNotNull("Config URL", configURL);
+
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+ @Test
+ @SuppressWarnings({ "unchecked"})
+ public void testValidateUTPlainPassword() throws Exception {
+ AuthConfigFactory factory = AuthConfigFactory.getFactory();
+ Properties properties = new Properties();
+ String appId = "localhost /jbossws-spi/endpointA";
+ String layer = "SOAP";
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
+ provider = factory.getConfigProvider(layer, appId, null);
+
+ JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer,
+ appId, callbackHandler);
+
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.setProperty("security-domain",
"soap-jaspi");
+ ServerAuthContext sctx = serverConfig.getAuthContext("helloWorld", new
Subject(), serverContextProperties);
+
+ MessageInfo messageInfo = new GenericMessageInfo();
+ Properties props = new Properties();
+ props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
+ props.put(WSHandlerConstants.TIMESTAMP_STRICT, "false");
+ messageInfo.getMap().put(JBossWSAuthConstants.WSS4J_CONFIG, props);
+
+ messageInfo.setRequestMessage(prepareSOAPMessage("usernametoken-soapmessage.xml"));
+ AuthStatus authStatus = sctx.validateRequest(messageInfo, new Subject(), new
Subject());
+ assertTrue(authStatus.equals(AuthStatus.SUCCESS));
+
+ }
+
+ private static void setJAASConfiguration(final Configuration configuration) {
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ Configuration.setConfiguration(configuration);
+ return null;
+ }
+ });
+ }
+
+ private SOAPMessage prepareSOAPMessage(String messageFile) throws Exception {
+ MessageFactory factory = MessageFactory.newInstance();
+ URL fileURl = Thread.currentThread().getContextClassLoader()
+ .getResource(messageFile);
+ FileInputStream fins = new FileInputStream(fileURl.getFile());
+ String content = readFile(fins);
+ XmlSchemaDateFormat formater = new XmlSchemaDateFormat();
+
+ String replaced = content.replaceAll("NOW", formater.format(new
Date(System.currentTimeMillis()-10)));
+ ByteArrayInputStream bin = new ByteArrayInputStream(replaced.getBytes());
+ return factory.createMessage(null, bin);
+ }
+
+ private String readFile(FileInputStream in) throws IOException {
+ StringBuilder sb = new StringBuilder(1024);
+ for (int i = in.read(); i != -1; i = in.read()) {
+ sb.append((char) i);
+ }
+ in.close();
+ return sb.toString();
+ }
+
+}
Property changes on:
projects/jaspic-soap/trunk/src/test/java/org/jboss/ws/jaspic/container/config/JASPISoapTest.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: projects/jaspic-soap/trunk/src/test/resources/jaspi-config.xml
===================================================================
--- projects/jaspic-soap/trunk/src/test/resources/jaspi-config.xml
(rev 0)
+++ projects/jaspic-soap/trunk/src/test/resources/jaspi-config.xml 2013-10-16 06:29:47 UTC
(rev 17999)
@@ -0,0 +1,19 @@
+<?xml version='1.0'?>
+
+<policy
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0">
+ <application-policy name="soap-jaspi">
+ <authentication-jaspi>
+ <login-module-stack name="jaas-lm-stack">
+ <login-module
+ code="org.jboss.security.auth.spi.UsersLoginModule"
flag="required">
+ <module-option
name="usersProperties">users.properties</module-option>
+ </login-module>
+ </login-module-stack>
+ <auth-module
code="org.jboss.ws.jaspic.container.module.SOAPServerAuthModule"
+ login-module-stack-ref="jaas-lm-stack">
+ </auth-module>
+ </authentication-jaspi>
+ </application-policy>
+</policy>
\ No newline at end of file
Property changes on: projects/jaspic-soap/trunk/src/test/resources/jaspi-config.xml
___________________________________________________________________
Added: svn:mime-type
+ text/xml
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: projects/jaspic-soap/trunk/src/test/resources/usernametoken-soapmessage.xml
===================================================================
--- projects/jaspic-soap/trunk/src/test/resources/usernametoken-soapmessage.xml
(rev 0)
+++ projects/jaspic-soap/trunk/src/test/resources/usernametoken-soapmessage.xml 2013-10-16
06:29:47 UTC (rev 17999)
@@ -0,0 +1 @@
+<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><S...
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">&...
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-...
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w...
soap:mustUnderstand="1"><wsu:Timestamp
wsu:Id="TS-96d29305-8a68-42a9-84a7-3f30a2a04e11"><wsu:Created>NOW</wsu:Created><wsu:Expires>NOW</wsu:Expires></wsu:Timestamp><wsse:UsernameToken
wsu:Id="UsernameToken-4313b55e-cbcd-438f-8408-c19f1016b208"><wsse:Username>jbossws</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-userna...
xmlns:ns2="http://www.example.org/schema/DoubleIt"><numbe...
\ No newline at end of file
Property changes on:
projects/jaspic-soap/trunk/src/test/resources/usernametoken-soapmessage.xml
___________________________________________________________________
Added: svn:mime-type
+ text/xml
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added: projects/jaspic-soap/trunk/src/test/resources/users.properties
===================================================================
--- projects/jaspic-soap/trunk/src/test/resources/users.properties
(rev 0)
+++ projects/jaspic-soap/trunk/src/test/resources/users.properties 2013-10-16 06:29:47 UTC
(rev 17999)
@@ -0,0 +1 @@
+jbossws=jbossws
\ No newline at end of file
Property changes on: projects/jaspic-soap/trunk/src/test/resources/users.properties
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native