Author: alessio.soldano(a)jboss.com
Date: 2012-04-10 13:44:43 -0400 (Tue, 10 Apr 2012)
New Revision: 16153
Added:
projects/interop/cxf/wsse-webapp/
projects/interop/cxf/wsse-webapp/README.txt
projects/interop/cxf/wsse-webapp/pom.xml
projects/interop/cxf/wsse-webapp/src/
projects/interop/cxf/wsse-webapp/src/main/
projects/interop/cxf/wsse-webapp/src/main/java/
projects/interop/cxf/wsse-webapp/src/main/java/org/
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/KeystorePasswordCallback.java
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/ServiceIface.java
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptClient.java
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptGCMClient.java
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernamePasswordCallback.java
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernameTokenClient.java
projects/interop/cxf/wsse-webapp/src/main/resources/
projects/interop/cxf/wsse-webapp/src/main/resources/alice.jks
projects/interop/cxf/wsse-webapp/src/main/resources/alice.properties
projects/interop/cxf/wsse-webapp/src/main/webapp/
projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/
projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/beans.xml
projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/faces-config.xml
projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/lib/
projects/interop/cxf/wsse-webapp/src/main/webapp/home.xhtml
projects/interop/cxf/wsse-webapp/src/main/webapp/index.html
projects/interop/cxf/wsse-webapp/src/main/webapp/signencrypt.xhtml
projects/interop/cxf/wsse-webapp/src/main/webapp/signencryptgcm.xhtml
projects/interop/cxf/wsse-webapp/src/main/webapp/usernametoken.xhtml
Log:
Adding a basic webapp acting as client for the JBossWS-CXF WSSE samples. It can be
deployed to JBoss AS 7.1.
Added: projects/interop/cxf/wsse-webapp/README.txt
===================================================================
--- projects/interop/cxf/wsse-webapp/README.txt (rev 0)
+++ projects/interop/cxf/wsse-webapp/README.txt 2012-04-10 17:44:43 UTC (rev 16153)
@@ -0,0 +1 @@
+Use 'mvn clean package jboss-as:deploy' to build and deploy to JBoss AS 7.1
Added: projects/interop/cxf/wsse-webapp/pom.xml
===================================================================
--- projects/interop/cxf/wsse-webapp/pom.xml (rev 0)
+++ projects/interop/cxf/wsse-webapp/pom.xml 2012-04-10 17:44:43 UTC (rev 16153)
@@ -0,0 +1,127 @@
+<?xml version="1.0"?>
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <groupId>org.jboss.ws.interop</groupId>
+ <artifactId>jbossws-cxf-wsse-interop</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <packaging>war</packaging>
+ <name>JBoss WS Interop Webapp: WS-Security (CXF)</name>
+ <description>JBoss WS Interop Webapp: WS-Security</description>
+
+ <
url>http://jboss.org/jbossas</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <distribution>repo</distribution>
+ <
url>http://www.apache.org/licenses/LICENSE-2.0.html</url>
+ </license>
+ </licenses>
+
+ <properties>
+ <!-- Explicitly declaring the source encoding eliminates the following
+ message: -->
+ <!-- [WARNING] Using platform encoding (UTF-8 actually) to copy filtered
+ resources, i.e. build is platform dependent! -->
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+
+ <dependencyManagement>
+ <dependencies>
+ <!-- Define the version of JBoss' Java EE 6 APIs we want to import.
+ Any dependencies from org.jboss.spec will have their version defined by this
+ BOM -->
+ <!-- JBoss distributes a complete set of Java EE 6 APIs including
+ a Bill of Materials (BOM). A BOM specifies the versions of a
"stack" (or
+ a collection) of artifacts. We use this here so that we always get the
correct
+ versions of artifacts. Here we use the jboss-javaee-6.0 stack (you can
+ read this as the JBoss stack of the Java EE 6 APIs). You can actually
+ use this stack with any version of JBoss AS that implements Java EE 6, not
+ just JBoss AS 7! -->
+ <dependency>
+ <groupId>org.jboss.spec</groupId>
+ <artifactId>jboss-javaee-6.0</artifactId>
+ <version>3.0.0.Beta1</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+
+ <dependencies>
+
+ <!-- Import the CDI API, we use provided scope as the API is included
+ in JBoss AS 7 -->
+ <dependency>
+ <groupId>javax.enterprise</groupId>
+ <artifactId>cdi-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Import the Common Annotations API (JSR-250), we use provided scope
+ as the API is included in JBoss AS 7 -->
+ <dependency>
+ <groupId>org.jboss.spec.javax.annotation</groupId>
+ <artifactId>jboss-annotations-api_1.1_spec</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Import the JSF API, we use provided scope as the API is included
+ in JBoss AS 7 -->
+ <dependency>
+ <groupId>org.jboss.spec.javax.faces</groupId>
+ <artifactId>jboss-jsf-api_2.0_spec</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Import the JBossWS-CXF client API, we use provided scope as the API is
included
+ in JBoss AS 7 -->
+ <dependency>
+ <groupId>org.jboss.ws.cxf</groupId>
+ <artifactId>jbossws-cxf-client</artifactId>
+ <version>4.0.2.GA</version>
+ <scope>provided</scope>
+ </dependency>
+
+ </dependencies>
+
+ <build>
+ <!-- Set the name of the war, used as the context root when the app
+ is deployed -->
+ <finalName>jbossws-cxf-wsse-interop</finalName>
+ <plugins>
+ <plugin>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.1.1</version>
+ <configuration>
+ <archive>
+ <manifestEntries>
+ <Dependencies>org.jboss.ws.cxf.jbossws-cxf-client services,
org.apache.ws.security</Dependencies>
+ </manifestEntries>
+ </archive>
+ <!-- Java EE 6 doesn't require web.xml, Maven needs to catch
+ up! -->
+ <failOnMissingWebXml>false</failOnMissingWebXml>
+ </configuration>
+ </plugin>
+ <!-- JBoss AS plugin to deploy war -->
+ <plugin>
+ <groupId>org.jboss.as.plugins</groupId>
+ <artifactId>jboss-as-maven-plugin</artifactId>
+ <version>7.1.0.Final</version>
+ </plugin>
+ <!-- Compiler plugin enforces Java 1.6 compatibility and activates
+ annotation processors -->
+ <plugin>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>2.3.1</version>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
+
Added:
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/KeystorePasswordCallback.java
===================================================================
---
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/KeystorePasswordCallback.java
(rev 0)
+++
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/KeystorePasswordCallback.java 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,71 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.cxf.interop.wsse;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.ws.security.WSPasswordCallback;
+
+public class KeystorePasswordCallback implements CallbackHandler
+{
+
+ private Map<String, String> passwords = new HashMap<String, String>();
+
+ public KeystorePasswordCallback()
+ {
+ passwords.put("alice", "password");
+ passwords.put("bob", "password");
+ passwords.put("john", "password");
+ }
+
+ /**
+ * It attempts to get the password from the private
+ * alias/passwords map.
+ */
+ public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
+ {
+ for (int i = 0; i < callbacks.length; i++)
+ {
+ WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+
+ String pass = passwords.get(pc.getIdentifier());
+ if (pass != null)
+ {
+ pc.setPassword(pass);
+ return;
+ }
+ }
+ }
+
+ /**
+ * Add an alias/password pair to the callback mechanism.
+ */
+ public void setAliasPassword(String alias, String password)
+ {
+ passwords.put(alias, password);
+ }
+}
Added:
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/ServiceIface.java
===================================================================
---
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/ServiceIface.java
(rev 0)
+++
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/ServiceIface.java 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,35 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.cxf.interop.wsse;
+
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+
+@WebService
+(
+ targetNamespace =
"http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy"
+)
+public interface ServiceIface
+{
+ @WebMethod
+ String sayHello();
+}
Added:
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptClient.java
===================================================================
---
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptClient.java
(rev 0)
+++
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptClient.java 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,135 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.cxf.interop.wsse;
+
+import java.io.Serializable;
+import java.net.URL;
+
+import javax.enterprise.context.SessionScoped;
+import javax.faces.application.FacesMessage;
+import javax.faces.component.UIComponent;
+import javax.faces.component.UIInput;
+import javax.faces.context.FacesContext;
+import javax.inject.Named;
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.ws.security.SecurityConstants;
+
+@Named
+@SessionScoped
+public class SignEncryptClient implements Serializable
+{
+ private static final long serialVersionUID = 4816529347065394475L;
+ private static final String DEFAULT_EP_ADDR =
"http://localhost:8080/jaxws-samples-wsse-policy-sign-encrypt";
+
+ private String targetEndpointAddress = DEFAULT_EP_ADDR;
+ private String expectedResponse = "Secure Hello World!";
+
+ public String getWsdl() {
+ return DEFAULT_EP_ADDR + "?wsdl";
+ }
+
+ public String getExpectedResponse()
+ {
+ return expectedResponse;
+ }
+
+ public void setExpectedResponse(String expectedResponse)
+ {
+ this.expectedResponse = expectedResponse;
+ }
+
+ public String getTargetEndpointAddress()
+ {
+ return targetEndpointAddress;
+ }
+
+ public void setTargetEndpointAddress(String targetEndpointAddress)
+ {
+ this.targetEndpointAddress = targetEndpointAddress;
+ }
+
+ public void runTest() {
+ String result = null;
+ try {
+ if (testSignEncrypt(expectedResponse)) {
+ result = "Invocation successfully performed";
+ } else {
+ result = "Target enpoind didn't return expected message!";
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ result = "Invocation failed! " + e.getClass() + ": " +
e.getMessage();
+ } finally {
+ FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(result));
+ }
+ }
+
+ public void validateTargetEndpointAddress(FacesContext context, UIComponent
toValidate, Object value)
+ {
+ String input = (String) value;
+ try
+ {
+ new URL(input);
+ }
+ catch (Exception e)
+ {
+ ((UIInput) toValidate).setValid(false);
+ FacesMessage message = new FacesMessage("Invalid endpoint address;
can't build a URL from that.");
+ context.addMessage(toValidate.getClientId(context), message);
+ }
+ }
+
+ private boolean testSignEncrypt(String expectedResponse) throws Exception
+ {
+ Bus bus = BusFactory.newInstance().createBus();
+ try
+ {
+ BusFactory.setThreadDefaultBus(bus);
+
+ QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy",
"SecurityService");
+ URL wsdlURL = new URL(getWsdl());
+ Service service = Service.create(wsdlURL, serviceName);
+ ServiceIface proxy = (ServiceIface)service.getPort(ServiceIface.class);
+
((BindingProvider)proxy).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
targetEndpointAddress);
+ setupWsse(proxy);
+ return expectedResponse.equals(proxy.sayHello());
+ }
+ finally
+ {
+ bus.shutdown(true);
+ }
+ }
+
+ private void setupWsse(ServiceIface proxy)
+ {
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, new
KeystorePasswordCallback());
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
Thread.currentThread().getContextClassLoader().getResource("alice.properties"));
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
Thread.currentThread().getContextClassLoader().getResource("alice.properties"));
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME,
"alice");
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME,
"bob");
+ }
+}
Added:
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptGCMClient.java
===================================================================
---
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptGCMClient.java
(rev 0)
+++
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/SignEncryptGCMClient.java 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,135 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.cxf.interop.wsse;
+
+import java.io.Serializable;
+import java.net.URL;
+
+import javax.enterprise.context.SessionScoped;
+import javax.faces.application.FacesMessage;
+import javax.faces.component.UIComponent;
+import javax.faces.component.UIInput;
+import javax.faces.context.FacesContext;
+import javax.inject.Named;
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.ws.security.SecurityConstants;
+
+@Named
+@SessionScoped
+public class SignEncryptGCMClient implements Serializable
+{
+ private static final long serialVersionUID = 3816529347065394474L;
+ private static final String DEFAULT_EP_ADDR =
"http://localhost:8080/jaxws-samples-wsse-policy-sign-encrypt-gcm";
+
+ private String targetEndpointAddress = DEFAULT_EP_ADDR;
+ private String expectedResponse = "Secure Hello World!";
+
+ public String getWsdl() {
+ return DEFAULT_EP_ADDR + "?wsdl";
+ }
+
+ public String getExpectedResponse()
+ {
+ return expectedResponse;
+ }
+
+ public void setExpectedResponse(String expectedResponse)
+ {
+ this.expectedResponse = expectedResponse;
+ }
+
+ public String getTargetEndpointAddress()
+ {
+ return targetEndpointAddress;
+ }
+
+ public void setTargetEndpointAddress(String targetEndpointAddress)
+ {
+ this.targetEndpointAddress = targetEndpointAddress;
+ }
+
+ public void runTest() {
+ String result = null;
+ try {
+ if (testSignEncrypt(expectedResponse)) {
+ result = "Invocation successfully performed";
+ } else {
+ result = "Target enpoind didn't return expected message!";
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ result = "Invocation failed! " + e.getClass() + ": " +
e.getMessage();
+ } finally {
+ FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(result));
+ }
+ }
+
+ public void validateTargetEndpointAddress(FacesContext context, UIComponent
toValidate, Object value)
+ {
+ String input = (String) value;
+ try
+ {
+ new URL(input);
+ }
+ catch (Exception e)
+ {
+ ((UIInput) toValidate).setValid(false);
+ FacesMessage message = new FacesMessage("Invalid endpoint address;
can't build a URL from that.");
+ context.addMessage(toValidate.getClientId(context), message);
+ }
+ }
+
+ private boolean testSignEncrypt(String expectedResponse) throws Exception
+ {
+ Bus bus = BusFactory.newInstance().createBus();
+ try
+ {
+ BusFactory.setThreadDefaultBus(bus);
+
+ QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy",
"SecurityService");
+ URL wsdlURL = new URL(getWsdl());
+ Service service = Service.create(wsdlURL, serviceName);
+ ServiceIface proxy = (ServiceIface)service.getPort(ServiceIface.class);
+
((BindingProvider)proxy).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
targetEndpointAddress);
+ setupWsse(proxy);
+ return expectedResponse.equals(proxy.sayHello());
+ }
+ finally
+ {
+ bus.shutdown(true);
+ }
+ }
+
+ private void setupWsse(ServiceIface proxy)
+ {
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, new
KeystorePasswordCallback());
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
Thread.currentThread().getContextClassLoader().getResource("alice.properties"));
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
Thread.currentThread().getContextClassLoader().getResource("alice.properties"));
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME,
"alice");
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME,
"bob");
+ }
+}
Added:
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernamePasswordCallback.java
===================================================================
---
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernamePasswordCallback.java
(rev 0)
+++
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernamePasswordCallback.java 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.cxf.interop.wsse;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.ws.security.WSPasswordCallback;
+
+public class UsernamePasswordCallback implements CallbackHandler
+{
+ public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
+ {
+ WSPasswordCallback pc = (WSPasswordCallback)callbacks[0];
+ if ("kermit".equals(pc.getIdentifier()))
+ pc.setPassword("thefrog");
+ else
+ pc.setPassword("wrong password");
+ }
+}
Added:
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernameTokenClient.java
===================================================================
---
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernameTokenClient.java
(rev 0)
+++
projects/interop/cxf/wsse-webapp/src/main/java/org/jboss/ws/cxf/interop/wsse/UsernameTokenClient.java 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,132 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.cxf.interop.wsse;
+
+import java.io.Serializable;
+import java.net.URL;
+
+import javax.enterprise.context.SessionScoped;
+import javax.faces.application.FacesMessage;
+import javax.faces.component.UIComponent;
+import javax.faces.component.UIInput;
+import javax.faces.context.FacesContext;
+import javax.inject.Named;
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.ws.security.SecurityConstants;
+
+@Named
+@SessionScoped
+public class UsernameTokenClient implements Serializable
+{
+ private static final long serialVersionUID = 5816529347065394476L;
+ private static final String DEFAULT_EP_ADDR =
"http://localhost:8080/jaxws-samples-wsse-policy-username-unsecure-transport";
+
+ private String targetEndpointAddress = DEFAULT_EP_ADDR;
+ private String expectedResponse = "Secure Hello World!";
+
+ public String getWsdl() {
+ return DEFAULT_EP_ADDR + "?wsdl";
+ }
+
+ public String getExpectedResponse()
+ {
+ return expectedResponse;
+ }
+
+ public void setExpectedResponse(String expectedResponse)
+ {
+ this.expectedResponse = expectedResponse;
+ }
+
+ public String getTargetEndpointAddress()
+ {
+ return targetEndpointAddress;
+ }
+
+ public void setTargetEndpointAddress(String targetEndpointAddress)
+ {
+ this.targetEndpointAddress = targetEndpointAddress;
+ }
+
+ public void runTest() {
+ String result = null;
+ try {
+ if (testUsernameToken(expectedResponse)) {
+ result = "Invocation successfully performed";
+ } else {
+ result = "Target enpoind didn't return expected message!";
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ result = "Invocation failed! " + e.getClass() + ": " +
e.getMessage();
+ } finally {
+ FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(result));
+ }
+ }
+
+ public void validateTargetEndpointAddress(FacesContext context, UIComponent
toValidate, Object value)
+ {
+ String input = (String) value;
+ try
+ {
+ new URL(input);
+ }
+ catch (Exception e)
+ {
+ ((UIInput) toValidate).setValid(false);
+ FacesMessage message = new FacesMessage("Invalid endpoint address;
can't build a URL from that.");
+ context.addMessage(toValidate.getClientId(context), message);
+ }
+ }
+
+ private boolean testUsernameToken(String expectedResponse) throws Exception
+ {
+ Bus bus = BusFactory.newInstance().createBus();
+ try
+ {
+ BusFactory.setThreadDefaultBus(bus);
+
+ QName serviceName = new
QName("http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy",
"SecurityService");
+ URL wsdlURL = new URL(getWsdl());
+ Service service = Service.create(wsdlURL, serviceName);
+ ServiceIface proxy = (ServiceIface)service.getPort(ServiceIface.class);
+
((BindingProvider)proxy).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
targetEndpointAddress);
+ setupWsse(proxy, "kermit");
+ return expectedResponse.equals(proxy.sayHello());
+ }
+ finally
+ {
+ bus.shutdown(true);
+ }
+ }
+
+ private void setupWsse(ServiceIface proxy, String username)
+ {
+ ((BindingProvider)proxy).getRequestContext().put(SecurityConstants.USERNAME,
username);
+
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
"org.jboss.ws.cxf.interop.wsse.UsernamePasswordCallback");
+ }
+}
Added: projects/interop/cxf/wsse-webapp/src/main/resources/alice.jks
===================================================================
(Binary files differ)
Property changes on: projects/interop/cxf/wsse-webapp/src/main/resources/alice.jks
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Added: projects/interop/cxf/wsse-webapp/src/main/resources/alice.properties
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/resources/alice.properties
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/resources/alice.properties 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=password
+org.apache.ws.security.crypto.merlin.keystore.alias=alice
+org.apache.ws.security.crypto.merlin.file=alice.jks
\ No newline at end of file
Added: projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/beans.xml
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/beans.xml
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/beans.xml 2012-04-10 17:44:43
UTC (rev 16153)
@@ -0,0 +1,8 @@
+<!-- Marker file indicating CDI 1.0 should be enabled -->
+
+<beans
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+
http://java.sun.com/xml/ns/javaee
+
http://java.sun.com/xml/ns/javaee/beans_1_0.xsd">
+</beans>
\ No newline at end of file
Added: projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/faces-config.xml
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/faces-config.xml
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/webapp/WEB-INF/faces-config.xml 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,10 @@
+<!-- Marker file indicating JSF 2.0 should be enabled in the application -->
+
+<faces-config version="2.0"
+
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+
http://java.sun.com/xml/ns/javaee
+
http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd">
+
+</faces-config>
Added: projects/interop/cxf/wsse-webapp/src/main/webapp/home.xhtml
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/webapp/home.xhtml
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/webapp/home.xhtml 2012-04-10 17:44:43 UTC
(rev 16153)
@@ -0,0 +1,35 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
xmlns="http://www.w3.org/1999/xhtml"
+
xmlns:ui="http://java.sun.com/jsf/facelets"
+
xmlns:h="http://java.sun.com/jsf/html"
+
xmlns:f="http://java.sun.com/jsf/core">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
+<title>JBossWS - CXF WS-Security Interop</title>
+</head>
+
+<body>
+ <div id="content">
+ <h1>JBossWS - CXF WS-Security Interop webapp</h1>
+ <h2>Specs of interest:</h2>
+ <div>
+ <ul>
+ <li><a
href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/ws-sec...
target="_new">WS-Security Policy 1.3</a></li>
+ <li><a
href="http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-SOAPMessa...
target="_new">SOAP Message Security 1.1</a></li>
+ <li><a
href="http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-x509Token...
target="_new">X.509 Certificate Token Profile 1.1</a></li>
+ </ul>
+ </div>
+
+ <h2>Implemented interop scenarios:</h2>
+ <div>
+ <ol>
+ <li><a href="usernametoken.jsf">UsernameToken with plain
text password</a></li>
+ <li><a href="signencrypt.jsf">Mutual Authentication with
X.509 Certificates, Sign, Encrypt</a></li>
+ <li><a href="signencryptgcm.jsf">Mutual Authentication
with X.509 Certificates, Sign, Encrypt (GCM algorithm)</a></li>
+ </ol>
+ </div>
+ </div>
+</body>
+</html>
Added: projects/interop/cxf/wsse-webapp/src/main/webapp/index.html
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/webapp/index.html
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/webapp/index.html 2012-04-10 17:44:43 UTC
(rev 16153)
@@ -0,0 +1,7 @@
+<!-- Plain HTML page that kicks us into the app -->
+
+<html>
+<head>
+<meta http-equiv="Refresh" content="0; URL=home.jsf">
+</head>
+</html>
\ No newline at end of file
Added: projects/interop/cxf/wsse-webapp/src/main/webapp/signencrypt.xhtml
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/webapp/signencrypt.xhtml
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/webapp/signencrypt.xhtml 2012-04-10 17:44:43
UTC (rev 16153)
@@ -0,0 +1,66 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
xmlns="http://www.w3.org/1999/xhtml"
+
xmlns:ui="http://java.sun.com/jsf/facelets"
+
xmlns:h="http://java.sun.com/jsf/html"
+
xmlns:f="http://java.sun.com/jsf/core">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
+<title>JBossWS - CXF WS-Security Interop</title>
+</head>
+
+<body>
+ <div id="content">
+ <h1>Mutual Authentication with X.509 Certificates, Sign, Encrypt</h1>
+ <h:form id="signEncryptForm">
+ <div>
+ <h2>Scenario description</h2>
+ <p>
+ This scenario corresponds to the situation where both parties have X.509
certificates (and public-private key pairs).
+ The requestor wishes to identify itself to the services using its X.509
credentials.
+ The message exchange needs to be integrity protected and encrypted as well.
The X.509 token inserted by the client is
+ included in the message signature.
+ </p>
+
+ <h2>Resources</h2>
+ <p>
+ <ul>
+ <li><a href="#{signEncryptClient.wsdl}"
target="_new">WSDL</a></li>
+ <li><a
href="http://anonsvn.jboss.org/repos/jbossws/stack/cxf/tags/jbossws-...
target="_new">Client (Alice) keystore</a></li>
+ <li><a
href="http://anonsvn.jboss.org/repos/jbossws/stack/cxf/tags/jbossws-...
target="_new">Server (Bob) keystore</a></li>
+ <li>Keystores password:
<i><b>password</b></i></li>
+ </ul>
+ </p>
+
+ <h2>Test server</h2>
+ <p>
+ A sample endpoint is deployed and advertises the WSDL contract above. Feel
free to use your client against that.
+ </p>
+
+ <h2>Test client</h2>
+ <p>
+ Here you can try a pre-built test client; the client invokes the
<i>sayHello</i> operation defined for the test endpoint advertised the WSDL
contract above.
+ Please fill-in the target endpoint address (if you want to test your
endpoint implementation of the above WSDL) and expected "hello" reply.
+ Then let the client perform the invocation.
+ <div>
+ <h:messages id="messages" globalOnly="false" />
+ </div>
+ <div>
+ Target endpoint: <h:inputText id="inputTargetEndpoint"
value="#{signEncryptClient.targetEndpointAddress}"
+ required="true" size="40"
+ validator="#{signEncryptClient.validateTargetEndpointAddress}"
/><br/>
+ Expected response message: <h:inputText
id="inputExpectedResponseMessage"
value="#{signEncryptClient.expectedResponse}"
+ required="true" size="30" /><br/>
+ <h:commandButton id="testButton" value="Test"
+ action="#{signEncryptClient.runTest}" />
+ </div>
+ </p>
+ </div>
+ </h:form>
+ <div>
+ <a href="home.jsf">Back to home</a>
+ </div>
+ </div>
+</body>
+</html>
Added: projects/interop/cxf/wsse-webapp/src/main/webapp/signencryptgcm.xhtml
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/webapp/signencryptgcm.xhtml
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/webapp/signencryptgcm.xhtml 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,70 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
xmlns="http://www.w3.org/1999/xhtml"
+
xmlns:ui="http://java.sun.com/jsf/facelets"
+
xmlns:h="http://java.sun.com/jsf/html"
+
xmlns:f="http://java.sun.com/jsf/core">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
+<title>JBossWS - CXF WS-Security Interop</title>
+</head>
+
+<body>
+ <div id="content">
+ <h1>Mutual Authentication with X.509 Certificates, Sign, Encrypt</h1>
+ <h:form id="signEncryptForm">
+ <div>
+ <h2>Scenario description</h2>
+ <p>
+ This scenario corresponds to the situation where both parties have X.509
certificates (and public-private key pairs).
+ The requestor wishes to identify itself to the services using its X.509
credentials.
+ The message exchange needs to be integrity protected and encrypted as well.
The X.509 token inserted by the client is
+ included in the message signature.
+ </p>
+ <p>
+ The policy for this scenario includes an Apache CXF custom policy assertion
(<
i>{http://cxf.apache.org/custom/security-policy}Basic192GCM</i>)
+ for requiring a custom algorithm suite to be used. That includes AES-GCM
algorithm for secret key encryption.
+ </p>
+
+ <h2>Resources</h2>
+ <p>
+ <ul>
+ <li><a href="#{signEncryptGCMClient.wsdl}"
target="_new">WSDL</a></li>
+ <li><a
href="http://anonsvn.jboss.org/repos/jbossws/stack/cxf/tags/jbossws-...
target="_new">Client (Alice) keystore</a></li>
+ <li><a
href="http://anonsvn.jboss.org/repos/jbossws/stack/cxf/tags/jbossws-...
target="_new">Server (Bob) keystore</a></li>
+ <li>Keystores password:
<i><b>password</b></i></li>
+ </ul>
+ </p>
+
+ <h2>Test server</h2>
+ <p>
+ A sample endpoint is deployed and advertises the WSDL contract above. Feel
free to use your client against that.
+ </p>
+
+ <h2>Test client</h2>
+ <p>
+ Here you can try a pre-built test client; the client invokes the
<i>sayHello</i> operation defined for the test endpoint advertised the WSDL
contract above.
+ Please fill-in the target endpoint address (if you want to test your
endpoint implementation of the above WSDL) and expected "hello" reply.
+ Then let the client perform the invocation.
+ <div>
+ <h:messages id="messages" globalOnly="false" />
+ </div>
+ <div>
+ Target endpoint: <h:inputText id="inputTargetEndpoint"
value="#{signEncryptGCMClient.targetEndpointAddress}"
+ required="true" size="40"
+
validator="#{signEncryptGCMClient.validateTargetEndpointAddress}"
/><br/>
+ Expected response message: <h:inputText
id="inputExpectedResponseMessage"
value="#{signEncryptGCMClient.expectedResponse}"
+ required="true" size="30" /><br/>
+ <h:commandButton id="testButton" value="Test"
+ action="#{signEncryptGCMClient.runTest}" />
+ </div>
+ </p>
+ </div>
+ </h:form>
+ <div>
+ <a href="home.jsf">Back to home</a>
+ </div>
+ </div>
+</body>
+</html>
Added: projects/interop/cxf/wsse-webapp/src/main/webapp/usernametoken.xhtml
===================================================================
--- projects/interop/cxf/wsse-webapp/src/main/webapp/usernametoken.xhtml
(rev 0)
+++ projects/interop/cxf/wsse-webapp/src/main/webapp/usernametoken.xhtml 2012-04-10
17:44:43 UTC (rev 16153)
@@ -0,0 +1,63 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
xmlns="http://www.w3.org/1999/xhtml"
+
xmlns:ui="http://java.sun.com/jsf/facelets"
+
xmlns:h="http://java.sun.com/jsf/html"
+
xmlns:f="http://java.sun.com/jsf/core">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
+<title>JBossWS - CXF WS-Security Interop</title>
+</head>
+
+<body>
+ <div id="content">
+ <h1>UsernameToken with plain text password</h1>
+ <h:form id="usernameTokenForm">
+ <div>
+ <h2>Scenario description</h2>
+ <p>
+ The policy defining this scenario says that the requestor/initiator must
send a password in a UsernameToken in a WS-Security header to the recipient
+ (who as the authority will validate the password). The password is required
because that is the default requirement for the Web Services Security Username Token
Profile 1.x.
+ This setup is only recommended where confidentiality of the message is not
an issue, such as a pre-production test scenario with dummy passwords.
+ </p>
+
+ <h2>Resources</h2>
+ <p>
+ <ul>
+ <li><a href="#{usernameTokenClient.wsdl}"
target="_new">WSDL</a></li>
+ <li>Authorized username/password:
<i><b>kermit</b></i> /
<i><b>thefrog</b></i></li>
+ </ul>
+ </p>
+
+ <h2>Test server</h2>
+ <p>
+ A sample endpoint is deployed and advertises the WSDL contract above. Feel
free to use your client against that.
+ </p>
+
+ <h2>Test</h2>
+ <p>
+ Here you can try a pre-built test client; the client invokes the
<i>sayHello</i> operation defined for the test endpoint advertised the WSDL
contract above.
+ Please fill-in the target endpoint address (if you want to test your
endpoint implementation of the above WSDL) and expected "hello" reply.
+ Then let the client perform the invocation.
+ <div>
+ <h:messages id="messages" globalOnly="false" />
+ </div>
+ <div>
+ Target endpoint: <h:inputText id="inputTargetEndpoint"
value="#{usernameTokenClient.targetEndpointAddress}"
+ required="true" size="40"
+
validator="#{usernameTokenClient.validateTargetEndpointAddress}"
/><br/>
+ Expected response message: <h:inputText
id="inputExpectedResponseMessage"
value="#{usernameTokenClient.expectedResponse}"
+ required="true" size="30" /><br/>
+ <h:commandButton id="testButton" value="Test"
+ action="#{usernameTokenClient.runTest}" />
+ </div>
+ </p>
+ </div>
+ </h:form>
+ <div>
+ <a href="home.jsf">Back to home</a>
+ </div>
+ </div>
+</body>
+</html>