Author: jim.ma
Date: 2014-02-17 06:41:49 -0500 (Mon, 17 Feb 2014)
New Revision: 18377
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java
Modified:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java
stack/cxf/branches/jaspi/pom.xml
Log:
More cleanup
Modified:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java
===================================================================
---
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java 2014-02-17
11:37:36 UTC (rev 18376)
+++
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -31,6 +31,7 @@
import org.jboss.ws.common.configuration.ConfigHelper;
import org.jboss.wsf.spi.SPIProvider;
import org.jboss.wsf.spi.WSFException;
+import org.jboss.wsf.spi.classloading.ClassLoaderProvider;
import org.jboss.wsf.spi.metadata.config.ClientConfig;
import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
@@ -63,8 +64,9 @@
//config jaspi
try
- {
- JASPIAuthenticationProvider japsiProvider =
SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class);
+ {
+ JASPIAuthenticationProvider japsiProvider =
SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class,
+
ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
if (japsiProvider != null)
{
japsiProvider.enableClientAuthentication(cxfClient, props);
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java 2014-02-17
11:37:36 UTC (rev 18376)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -170,7 +170,7 @@
public boolean enableServerAuthentication(Object target, Endpoint endpoint)
{
- if (target instanceof EndpointImpl) {
+ if (!(target instanceof EndpointImpl)) {
Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
return false;
}
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -0,0 +1,157 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi;
+
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ServerAuthContext;
+import javax.xml.namespace.QName;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.Soap12;
+import org.apache.cxf.binding.soap.SoapBinding;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.interceptor.InterceptorChain;
+import org.apache.cxf.interceptor.OutgoingChainInterceptor;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+
+/**
+ * Authenticator for server side , it is used to authenticate cxf SoapMessage with japsi
ServerAuthContext
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiServerAuthenticator
+{
+ public static final String JASPI_SECURITY_DOMAIN = "jaspi.security.domain";
+
+ private final ServerAuthContext sctx;
+
+ public JaspiServerAuthenticator(ServerAuthContext sctx)
+ {
+ this.sctx = sctx;
+ }
+
+ public void validateRequest(SoapMessage message)
+ {
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(soapMessage, null);
+ AuthStatus authStatus;
+ try
+ {
+ authStatus = sctx.validateRequest(messageInfo, null, null);
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(),
Soap12.getInstance().getReceiver());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi
AuthException"));
+ }
+ }
+ Message response = null;
+ if (messageInfo.getResponseMessage() != null &&
!message.getExchange().isOneWay())
+ {
+
+ Endpoint e = message.getExchange().get(Endpoint.class);
+
+ response = new MessageImpl();
+ response.setExchange(message.getExchange());
+ response = e.getBinding().createMessage(response);
+ message.getExchange().setOutMessage(response);
+ response.setContent(SOAPMessage.class, messageInfo.getResponseMessage());
+ if (AuthStatus.SEND_CONTINUE == authStatus)
+ {
+ response.put(Message.RESPONSE_CODE, Integer.valueOf(303));
+ }
+ if (AuthStatus.SEND_FAILURE == authStatus)
+ {
+ response.put(Message.RESPONSE_CODE, Integer.valueOf(500));
+ }
+
+ message.getInterceptorChain().abort();
+ InterceptorChain chain =
OutgoingChainInterceptor.getOutInterceptorChain(message.getExchange());
+ response.setInterceptorChain(chain);
+ chain.doInterceptStartingAfter(response,
SoapPreProtocolOutInterceptor.class.getName());
+
+ }
+
+ }
+
+ public void secureResponse(SoapMessage message)
+ {
+ SOAPMessage request = message.getExchange().getInMessage().get(SOAPMessage.class);
+ SOAPMessage response = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(request, response);
+ AuthStatus authStatus = null;
+ try
+ {
+ authStatus = sctx.secureResponse(messageInfo, null);
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(),
Soap12.getInstance().getReceiver());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi
AuthException"));
+ }
+ }
+ if (messageInfo.getResponseMessage() != null &&
!message.getExchange().isOneWay())
+ {
+ if (AuthStatus.SEND_CONTINUE == authStatus)
+ {
+ message.put(Message.RESPONSE_CODE, Integer.valueOf(303));
+ }
+ if (AuthStatus.SEND_FAILURE == authStatus)
+ {
+ message.put(Message.RESPONSE_CODE, Integer.valueOf(500));
+ }
+ }
+
+ }
+
+ private boolean isSOAP12(Message message)
+ {
+ if (message.getExchange().getBinding() instanceof SoapBinding)
+ {
+ SoapBinding binding = (SoapBinding) message.getExchange().getBinding();
+ if (binding.getSoapVersion() == Soap12.getInstance())
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -0,0 +1,124 @@
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+import java.util.Properties;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.xml.namespace.QName;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.Soap12;
+import org.apache.cxf.binding.soap.SoapBinding;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.message.Message;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.message.GenericMessageInfo;
+
+/**
+ * Authenticator for client side , it is used to obtain ClientAuthContext and
authenticate cxf SoapMessage
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiClientAuthenticator
+{
+ public static final String JASPI_SECURITY_DOMAIN = "jaspi.security.domain";
+
+ private final ClientAuthConfig clientConfig;
+
+ private final String securityDomain;
+
+ private final JASPIAuthenticationInfo jpi;
+
+ public JaspiClientAuthenticator(ClientAuthConfig clientConfig, String securityDomain,
JASPIAuthenticationInfo jpi)
+ {
+
+ this.clientConfig = clientConfig;
+ this.securityDomain = securityDomain;
+ this.jpi = jpi;
+ }
+
+ public void secureRequest(SoapMessage message)
+ {
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(soapMessage, null);
+ String authContextID = clientConfig.getAuthContextID(messageInfo);
+
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jpi);
+ Subject clientSubject = new Subject();
+ @SuppressWarnings("unused")
+ AuthStatus authStatus = null;
+ try
+ {
+ ClientAuthContext cctx = clientConfig.getAuthContext(authContextID,
clientSubject, serverContextProperties);
+ authStatus = cctx.secureRequest(messageInfo, clientSubject);
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(),
Soap12.getInstance().getSender());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi
AuthException"));
+ }
+ }
+ //TODO:look at how to handle AuthStatus
+
+ }
+
+ public void validateResponse(SoapMessage message)
+ {
+ SOAPMessage request = message.getExchange().getInMessage().get(SOAPMessage.class);
+ SOAPMessage response = message.getContent(SOAPMessage.class);
+ MessageInfo messageInfo = new GenericMessageInfo(request, response);
+ String authContextID = clientConfig.getAuthContextID(messageInfo);
+
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jpi);
+ Subject clientSubject = new Subject();
+ @SuppressWarnings("unused")
+ AuthStatus authStatus = null;
+ try
+ {
+ ClientAuthContext sctx = clientConfig.getAuthContext(authContextID,
clientSubject, serverContextProperties);
+ authStatus = sctx.validateResponse(messageInfo, new Subject(), new Subject());
+ }
+ catch (AuthException e)
+ {
+ if (isSOAP12(message))
+ {
+ SoapFault soap12Fault = new SoapFault(e.getMessage(),
Soap12.getInstance().getSender());
+ throw soap12Fault;
+ }
+ else
+ {
+ throw new SoapFault(e.getMessage(), new QName("", "japsi
AuthException"));
+ }
+ }
+ //TODO:handle AuthStatus
+
+ }
+
+ private boolean isSOAP12(Message message)
+ {
+ if (message.getExchange().getBinding() instanceof SoapBinding)
+ {
+ SoapBinding binding = (SoapBinding) message.getExchange().getBinding();
+ if (binding.getSoapVersion() == Soap12.getInstance())
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientAuthenticator.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.phase.Phase;
+
+/**
+ * CXF in interceptor to validateResponse cxf SoapMessage with JaspiClientAuthentcator
+ * @See org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientAuthentcator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiClientInInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiClientAuthenticator authManager;
+
+ public JaspiClientInInterceptor(JaspiClientAuthenticator authManager)
+ {
+ super(Phase.POST_PROTOCOL_ENDING);
+ addAfter(SAAJOutInterceptor.SAAJOutEndingInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ SAAJOutInterceptor saajout = new SAAJOutInterceptor();
+ saajout.handleMessage(message);
+ }
+ authManager.validateResponse(message);
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientInInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -0,0 +1,101 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.SAAJPreInInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.phase.Phase;
+
+/**
+ * CXF out interceptor to secureRequest cxf SoapMessage with JaspiClientAuthentcator
+ * @See org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientAuthentcator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiClientOutInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiClientAuthenticator authManager;
+
+ public JaspiClientOutInterceptor(JaspiClientAuthenticator authManager)
+ {
+ super(Phase.PRE_PROTOCOL);
+ addAfter(SAAJInInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ SAAJInInterceptor saajIn = new SAAJInInterceptor();
+ saajIn.handleMessage(message);
+ }
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ if (soapMessage == null)
+ {
+ return;
+ }
+
+ SOAPMessage copyMessage = null;
+ try
+ {
+ MessageFactory messageFactory =
SAAJPreInInterceptor.INSTANCE.getFactory(message);
+ ByteArrayOutputStream bout = new ByteArrayOutputStream();
+ soapMessage.writeTo(bout);
+ copyMessage = messageFactory.createMessage(soapMessage.getMimeHeaders(),
+ new ByteArrayInputStream(bout.toByteArray()));
+ }
+ catch (SOAPException e)
+ {
+ throw new Fault(e);
+ }
+ catch (IOException e)
+ {
+ throw new Fault(e);
+ }
+ if (copyMessage != null)
+ {
+ message.put(SOAPMessage.class, copyMessage);
+ }
+ try
+ {
+ authManager.secureRequest(message);
+ }
+ finally
+ {
+ message.put(SOAPMessage.class, soapMessage);
+ }
+
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/JaspiClientOutInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -0,0 +1,107 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client;
+
+/**
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
+ {
+
+ public SecurityContext run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ });
+ }
+
+ static Class<?> loadClass(final ClassLoader cl, final String name) throws
PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ if (cl == null)
+ {
+ return loadClass(name);
+ }
+ try
+ {
+ return cl.loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ return loadClass(name);
+ }
+ }
+ });
+ }
+
+ static Class<?> loadClass(final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ try
+ {
+ return getClass().getClassLoader().loadClass(name);
+ }
+ catch (Exception ignore)
+ {
+ try
+ {
+ return getContextClassLoader().loadClass(name);
+ }
+ catch (Exception e)
+ {
+ throw new PrivilegedActionException(e);
+ }
+ }
+ }
+ });
+ }
+}
\ No newline at end of file
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/SecurityActions.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -0,0 +1,118 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.client.module;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.module.ClientAuthModule;
+import javax.xml.soap.SOAPMessage;
+
+import org.jboss.security.SimplePrincipal;
+
+/**
+ * SOAPClientAuthModule
+ * TODO: Investigate what we can do with this module
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class SOAPClientAuthModule implements ClientAuthModule
+{
+ public static String log;
+
+ @SuppressWarnings("rawtypes")
+ private List<Class> supportedTypes = new ArrayList<Class>();
+
+ private SimplePrincipal principal = null;
+
+ private Object credential = null;
+
+ @SuppressWarnings("unused")
+ private MessagePolicy requestPolicy = null;
+
+ @SuppressWarnings("unused")
+ private MessagePolicy responsePolicy = null;
+
+ @SuppressWarnings("unused")
+ private CallbackHandler handler = null;
+
+ @SuppressWarnings(
+ {"rawtypes"})
+ private Map options = null;
+
+ public SOAPClientAuthModule()
+ {
+ this.supportedTypes.add(Object.class);
+ this.supportedTypes.add(SOAPMessage.class);
+ }
+
+ @SuppressWarnings("rawtypes")
+ public SOAPClientAuthModule(List<Class> supportedTypes)
+ {
+ this.supportedTypes = supportedTypes;
+ }
+
+ @SuppressWarnings("rawtypes")
+ public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy,
CallbackHandler handler,
+ Map options) throws AuthException
+ {
+ this.requestPolicy = requestPolicy;
+ this.responsePolicy = responsePolicy;
+ this.handler = handler;
+ this.options = options;
+ }
+
+ @SuppressWarnings(
+ {"unchecked"})
+ public AuthStatus secureRequest(MessageInfo messageInfo, Subject source) throws
AuthException
+ {
+ log = "secureRequest";
+ SOAPMessage soapMessage = (SOAPMessage) messageInfo.getRequestMessage();
+ return AuthStatus.SUCCESS;
+ }
+
+ public AuthStatus validateResponse(MessageInfo messageInfo, Subject source, Subject
recipient) throws AuthException
+ {
+ return AuthStatus.SUCCESS;
+ }
+
+ @SuppressWarnings("rawtypes")
+ public Class[] getSupportedMessageTypes()
+ {
+ Class[] clsarr = new Class[this.supportedTypes.size()];
+ supportedTypes.toArray(clsarr);
+ return clsarr;
+ }
+
+ public void cleanSubject(MessageInfo messageInfo, Subject subject) throws
AuthException
+ {
+ subject.getPrincipals().remove(principal);
+ subject.getPublicCredentials().remove(credential);
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/client/module/SOAPClientAuthModule.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Modified:
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java 2014-02-17
11:37:36 UTC (rev 18376)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java 2014-02-17
11:41:49 UTC (rev 18377)
@@ -67,7 +67,7 @@
Map<String, String> authModuleOptions = new HashMap<String,
String>();
JBossWSTestHelper.addJaspiSecurityDomain("jaspi",
"jaas-lm-stack", loginModuleOptions,
"org.jboss.wsf.stack.cxf.jaspi.module.UsernameTokenServerAuthModule",
authModuleOptions);
- JBossWSTestHelper.addJaspiSecurityDomain("clientJaspi",
"jaas-lm-stack", loginModuleOptions,
"org.jboss.wsf.stack.cxf.client.jaspi.module.SOAPClientAuthModule",
+ JBossWSTestHelper.addJaspiSecurityDomain("clientJaspi",
"jaas-lm-stack", loginModuleOptions,
"org.jboss.wsf.stack.cxf.jaspi.client.module.SOAPClientAuthModule",
authModuleOptions);
super.setUp();
}
Modified: stack/cxf/branches/jaspi/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/pom.xml 2014-02-17 11:37:36 UTC (rev 18376)
+++ stack/cxf/branches/jaspi/pom.xml 2014-02-17 11:41:49 UTC (rev 18377)
@@ -67,7 +67,7 @@
<jbossws.jboss720.version>4.3.0-SNAPSHOT</jbossws.jboss720.version>
<jbossws.native.version>4.1.2.Final</jbossws.native.version>
<jboss720.version>7.2.0.Final</jboss720.version>
- <wildfly800.version>8.0.0.Final-SNAPSHOT</wildfly800.version>
+ <wildfly800.version>8.0.1.Final-SNAPSHOT</wildfly800.version>
<ejb.api.version>1.0.2.Final</ejb.api.version>
<cxf.version>2.7.10</cxf.version>
<cxf.asm.version>3.3.1</cxf.asm.version>