JBossWS SVN: r18370 - in stack/cxf/branches/jaspi/modules: client/src/main/java/org/jboss/wsf/stack/cxf/client and 20 other directories.
7:44 a.m.
Author: jim.ma
Date: 2014-02-14 08:44:38 -0500 (Fri, 14 Feb 2014)
New Revision: 18370
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/resources/
stack/cxf/branches/jaspi/modules/jaspi/src/main/resources/META-INF/
stack/cxf/branches/jaspi/modules/jaspi/src/main/resources/META-INF/services/
stack/cxf/branches/jaspi/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java
Removed:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/jaspi/
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverInInterceptor.java
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverOutInterceptor.java
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/jaspi/
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/JaspiSubjectCreatingInterceptor.java
Modified:
stack/cxf/branches/jaspi/modules/client/pom.xml
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java
stack/cxf/branches/jaspi/modules/jaspi/pom.xml
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
stack/cxf/branches/jaspi/modules/server/pom.xml
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/deployment/aspect/BusDeploymentAspect.java
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/metadata/services/DDJmsAddressBean.java
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/ChangeRequestnterceptor.java
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/Endpoint.java
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/EndpointImpl.java
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/JBossWSCXFConfigurerTestCase.java
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/Helper.java
Log:
Make jaspi authentication plugable for AS72 and Wildfly800
Modified: stack/cxf/branches/jaspi/modules/client/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/modules/client/pom.xml 2014-02-14 12:43:48 UTC (rev 18369)
+++ stack/cxf/branches/jaspi/modules/client/pom.xml 2014-02-14 13:44:38 UTC (rev 18370)
@@ -224,10 +224,6 @@
<dependency>
<groupId>org.jboss.spec.javax.xml.soap</groupId>
<artifactId>jboss-saaj-api_1.3_spec</artifactId>
- </dependency>
- <dependency>
- <groupId>org.jboss.spec.javax.security.auth.message</groupId>
- <artifactId>jboss-jaspi-api_1.1_spec</artifactId>
</dependency>
<!-- [JBWS-3722] Explicit JAXB dependencies to ensure the dependency management
from jbossws-cxf pom.xml applies -->
<dependency>
@@ -244,10 +240,6 @@
<artifactId>jboss-common-core</artifactId>
</dependency>
<dependency>
- <groupId>org.picketbox</groupId>
- <artifactId>picketbox</artifactId>
- </dependency>
- <dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</dependency>
Modified:
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java
===================================================================
---
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/CXFClientConfigurer.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -22,31 +22,17 @@
package org.jboss.wsf.stack.cxf.client.configuration;
import java.util.Map;
-import java.util.Properties;
import java.util.Set;
-import javax.security.auth.message.config.AuthConfigFactory;
-import javax.security.auth.message.config.AuthConfigProvider;
-import javax.security.auth.message.config.ClientAuthConfig;
-
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.jaxws.DispatchImpl;
-import org.jboss.security.auth.callback.JBossCallbackHandler;
-import org.jboss.security.auth.login.AuthenticationInfo;
-import org.jboss.security.auth.login.BaseAuthenticationInfo;
-import org.jboss.security.auth.login.JASPIAuthenticationInfo;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.SecurityConfiguration;
import org.jboss.ws.common.configuration.ConfigHelper;
+import org.jboss.wsf.spi.SPIProvider;
+import org.jboss.wsf.spi.WSFException;
import org.jboss.wsf.spi.metadata.config.ClientConfig;
-import org.jboss.wsf.stack.cxf.Loggers;
-import org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientAuthenticator;
-import org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientInInterceptor;
-import org.jboss.wsf.stack.cxf.client.jaspi.JaspiClientOutInterceptor;
-import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider;
-import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConstants;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
/**
* CXF extension of common ClientConfigurer
@@ -76,53 +62,19 @@
setConfigProperties(cxfClient, props);
//config jaspi
- JaspiClientAuthenticator clientAuthenticator = getJaspiAuthenticator(cxfClient,
props) ;
- if (clientAuthenticator != null) {
- cxfClient.getInInterceptors().add(new
JaspiClientInInterceptor(clientAuthenticator));
- cxfClient.getOutInterceptors().add(new
JaspiClientOutInterceptor(clientAuthenticator));
- }
-
- }
-
-
- private JaspiClientAuthenticator getJaspiAuthenticator(Client client, Map<String,
String> properties) {
- String securityDomain =
properties.get(JaspiClientAuthenticator.JASPI_SECURITY_DOMAIN);
- if (securityDomain == null) {
- return null;
- }
- ApplicationPolicy appPolicy =
SecurityConfiguration.getApplicationPolicy(securityDomain);
- if (appPolicy == null) {
- Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
- return null;
- }
- BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
- if (bai == null || bai instanceof AuthenticationInfo) {
- Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
- return null;
- }
- JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
-
- String contextRoot = client.getEndpoint().getEndpointInfo().getName().toString();
- String appId = "localhost " + contextRoot;
- AuthConfigFactory factory = AuthConfigFactory.getFactory();
-
- Properties props = new Properties();
- AuthConfigProvider provider = new JBossWSAuthConfigProvider(props, factory);
- provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId,
null);
- JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
try
{
- ClientAuthConfig clientConfig = provider.getClientAuthConfig("soap",
appId, callbackHandler);
- return new JaspiClientAuthenticator(clientConfig, securityDomain, jai);
+ JASPIAuthenticationProvider japsiProvider =
SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class);
+ if (japsiProvider != null)
+ {
+ japsiProvider.enableClientAuthentication(cxfClient, props);
+ }
}
- catch (Exception e)
+ catch (WSFException e)
{
- //ignore
+ // ignore
}
-
- return null;
-
- }
+ }
public void setConfigProperties(Client client, Map<String, String> properties)
{
client.getEndpoint().putAll(properties);
Modified: stack/cxf/branches/jaspi/modules/jaspi/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/modules/jaspi/pom.xml 2014-02-14 12:43:48 UTC (rev 18369)
+++ stack/cxf/branches/jaspi/modules/jaspi/pom.xml 2014-02-14 13:44:38 UTC (rev 18370)
@@ -16,11 +16,25 @@
<!-- Dependencies -->
<dependencies>
<dependency>
+ <groupId>org.jboss.ws</groupId>
+ <artifactId>jbossws-spi</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.spec.javax.servlet</groupId>
+ <artifactId>jboss-servlet-api_3.0_spec</artifactId>
+ </dependency>
+
+ <dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
</dependency>
<dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-security</artifactId>
+ </dependency>
+
+ <dependency>
<groupId>org.picketbox</groupId>
<artifactId>picketbox</artifactId>
</dependency>
@@ -31,6 +45,20 @@
</dependency>
<dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging-processor</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1,227 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi;
+
+import java.util.Map;
+import java.util.Properties;
+
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.jaxws22.EndpointImpl;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.login.AuthenticationInfo;
+import org.jboss.security.auth.login.BaseAuthenticationInfo;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.wsf.spi.deployment.Deployment;
+import org.jboss.wsf.spi.deployment.Endpoint;
+import org.jboss.wsf.spi.metadata.webservices.JBossWebservicesMetaData;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
+import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientAuthenticator;
+import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientInInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientOutInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider;
+import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConstants;
+import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverInInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverOutInterceptor;
+import org.jboss.wsf.stack.cxf.jaspi.log.Loggers;
+
+/**
+ * Class to enable the jaspi authentication interceptors in cxf bus , endpoint or client
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class DefaultJASPIAuthenticationProvider implements JASPIAuthenticationProvider
+{
+ public DefaultJASPIAuthenticationProvider()
+ {
+ }
+
+ public boolean enableClientAuthentication(Object target, Map<String, String>
properties)
+ {
+ if (!(target instanceof Client)) {
+
Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
+ return false;
+ }
+ Client client = (Client)target;
+ String securityDomain =
properties.get(JaspiClientAuthenticator.JASPI_SECURITY_DOMAIN);
+ if (securityDomain == null)
+ {
+ return false;
+ }
+ ApplicationPolicy appPolicy =
SecurityConfiguration.getApplicationPolicy(securityDomain);
+ if (appPolicy == null)
+ {
+ Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
+ return false;
+ }
+ BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
+ if (bai == null || bai instanceof AuthenticationInfo)
+ {
+ Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
+ return false;
+ }
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+
+ String contextRoot = client.getEndpoint().getEndpointInfo().getName().toString();
+ String appId = "localhost " + contextRoot;
+ AuthConfigFactory factory = AuthConfigFactory.getFactory();
+
+ Properties props = new Properties();
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(props, factory);
+ provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId,
null);
+ JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
+ try
+ {
+ ClientAuthConfig clientConfig = provider.getClientAuthConfig("soap",
appId, callbackHandler);
+ JaspiClientAuthenticator clientAuthenticator = new
JaspiClientAuthenticator(clientConfig, securityDomain, jai);
+ client.getInInterceptors().add(new
JaspiClientInInterceptor(clientAuthenticator));
+ client.getOutInterceptors().add(new
JaspiClientOutInterceptor(clientAuthenticator));
+ }
+ catch (Exception e)
+ {
+ //ignore
+ }
+
+ return false;
+
+ }
+
+ public boolean enableServerAuthentication(Deployment dep, JBossWebservicesMetaData
wsmd)
+ {
+ String securityDomain = null;
+ if (wsmd != null)
+ {
+ securityDomain =
wsmd.getProperty(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
+ }
+ if (securityDomain == null)
+ {
+ return false;
+ }
+ ApplicationPolicy appPolicy =
SecurityConfiguration.getApplicationPolicy(securityDomain);
+ if (appPolicy == null)
+ {
+ Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
+ return false;
+ }
+ BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
+ if (bai == null || bai instanceof AuthenticationInfo)
+ {
+ Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
+ return false;
+ }
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+
+ String contextRoot = dep.getService().getContextRoot();
+ String appId = "localhost " + contextRoot;
+ AuthConfigFactory factory = AuthConfigFactory.getFactory();
+ Properties properties = new Properties();
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
+ provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId,
null);
+
+ JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
+ try
+ {
+ ServerAuthConfig serverConfig =
provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId,
+ callbackHandler);
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jai);
+ Bus bus = dep.getAttachment(Bus.class);
+ serverContextProperties.put(Bus.class, bus);
+ String authContextID = dep.getSimpleName();
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null,
serverContextProperties);
+ JaspiServerAuthenticator serverAuthenticator = new
JaspiServerAuthenticator(sctx);
+ bus.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
+ bus.getOutInterceptors().add(new
JaspiSeverOutInterceptor(serverAuthenticator));
+ return true;
+ }
+ catch (Exception e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
+ }
+ return false;
+ }
+
+ public boolean enableServerAuthentication(Object target, Endpoint endpoint)
+ {
+ if (target instanceof EndpointImpl) {
+
Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
+ return false;
+ }
+ EndpointImpl endpointImpl = (EndpointImpl)target;
+ String securityDomain = (String)
endpointImpl.getProperties().get(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
+ if (securityDomain == null)
+ {
+ return false;
+ }
+ ApplicationPolicy appPolicy =
SecurityConfiguration.getApplicationPolicy(securityDomain);
+ if (appPolicy == null)
+ {
+ Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
+ return false;
+ }
+ BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
+ if (bai == null || bai instanceof AuthenticationInfo)
+ {
+ Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
+ return false;
+ }
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+ String contextRoot = endpoint.getService().getContextRoot();
+ String appId = "localhost " + contextRoot;
+ AuthConfigFactory factory = AuthConfigFactory.getFactory();
+ Properties properties = new Properties();
+ AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
+ provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId,
null);
+
+ JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
+ JaspiServerAuthenticator serverAuthenticator = null;
+ try
+ {
+ ServerAuthConfig serverConfig =
provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId,
+ callbackHandler);
+ Properties serverContextProperties = new Properties();
+ serverContextProperties.put("security-domain", securityDomain);
+ serverContextProperties.put("jaspi-policy", jai);
+ serverContextProperties.put(javax.xml.ws.Endpoint.class, endpointImpl);
+ String authContextID = endpointImpl.getBeanName();
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null,
serverContextProperties);
+ serverAuthenticator = new JaspiServerAuthenticator(sctx);
+ endpointImpl.getInInterceptors().add(new
JaspiSeverInInterceptor(serverAuthenticator));
+ endpointImpl.getOutInterceptors().add(new
JaspiSeverOutInterceptor(serverAuthenticator));
+ return true;
+
+ }
+ catch (Exception e)
+ {
+ Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
+ }
+ return false;
+ }
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConfigProvider.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -31,7 +31,12 @@
import javax.security.auth.message.config.ServerAuthConfig;
/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * Factory class used to getJBossWSClientAuthConfig and JBossWSServerAuthConfig
+ * <p>I
+ * It is used to Obtain JBosswSClientAuthConfig and JBossWSServerAuthConfig
+ * @see org.jboss.wsf.stack.cxf.jaspi.config.JBosswSClientAuthConfig
+ * @see org.jboss.wsf.stack.cxf.jaspi.config.JBossWSServerAuthConfig
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
public class JBossWSAuthConfigProvider implements AuthConfigProvider
{
@@ -48,13 +53,15 @@
}
@Override
- public ClientAuthConfig getClientAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException, SecurityException
+ public ClientAuthConfig getClientAuthConfig(String layer, String appContext,
CallbackHandler handler)
+ throws AuthException, SecurityException
{
return new JBossWSClientAuthConfig(layer, appContext, handler, contextProperties);
}
@Override
- public ServerAuthConfig getServerAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException, SecurityException
+ public ServerAuthConfig getServerAuthConfig(String layer, String appContext,
CallbackHandler handler)
+ throws AuthException, SecurityException
{
return new JBossWSServerAuthConfig(layer, appContext, handler, contextProperties);
}
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSAuthConstants.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -21,8 +21,9 @@
*/
package org.jboss.wsf.stack.cxf.jaspi.config;
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+/**
+ * Define the jaspi authentication property name
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
public class JBossWSAuthConstants
{
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthConfig.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -52,29 +52,34 @@
import org.jboss.security.plugins.ClassLoaderLocatorFactory;
/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * JBossWS ClientAuthConfig implementation to obtain ClientAuthContext
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
public class JBossWSClientAuthConfig extends JBossClientAuthConfig
{
@SuppressWarnings("rawtypes")
private final List modules = new ArrayList();
+
private CallbackHandler callbackHandler;
@SuppressWarnings("rawtypes")
public JBossWSClientAuthConfig(String layer, String appContext, CallbackHandler
handler, Map properties)
{
super(layer, appContext, handler, properties);
+ callbackHandler = handler;
}
- @SuppressWarnings({ "rawtypes", "unchecked" })
- public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject,
Map properties) throws AuthException
+ @SuppressWarnings(
+ {"rawtypes", "unchecked"})
+ public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject,
Map properties)
+ throws AuthException
{
List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
- JASPIAuthenticationInfo jai =
(JASPIAuthenticationInfo)properties.get("jaspi-policy");
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo)
properties.get("jaspi-policy");
AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
ClassLoader moduleCL = null;
@@ -105,30 +110,32 @@
}
}
- JBossWSClientAuthContext clientAuthContext = new JBossWSClientAuthContext(modules,
mapOptionsByName, this.callbackHandler);
+ JBossWSClientAuthContext clientAuthContext = new JBossWSClientAuthContext(modules,
mapOptionsByName,
+ this.callbackHandler);
clientAuthContext.setControlFlags(controlFlags);
return clientAuthContext;
}
- @SuppressWarnings({ "unchecked", "rawtypes" })
+ @SuppressWarnings(
+ {"unchecked", "rawtypes"})
private ClientAuthModule createCAM(ClassLoader moduleCL, String name) throws
Exception
{
Class clazz = SecurityActions.loadClass(moduleCL, name);
Constructor ctr = clazz.getConstructor(new Class[0]);
- return (ClientAuthModule)ctr.newInstance(new Object[0]);
+ return (ClientAuthModule) ctr.newInstance(new Object[0]);
}
- @SuppressWarnings({ "rawtypes" })
+ @SuppressWarnings(
+ {"rawtypes"})
public List getClientAuthModules()
{
return modules;
}
-
-
+
@SuppressWarnings("rawtypes")
public String getAuthContextID(MessageInfo messageInfo)
{
- SOAPMessage request = (SOAPMessage)messageInfo.getRequestMessage();
+ SOAPMessage request = (SOAPMessage) messageInfo.getRequestMessage();
if (request == null)
{
return null;
@@ -159,14 +166,14 @@
SOAPBody body = envelope.getBody();
if (body != null)
{
-
+
Iterator it = body.getChildElements();
while (it.hasNext())
{
Object o = it.next();
if (o instanceof SOAPElement)
{
- QName name = ((SOAPElement)o).getElementQName();
+ QName name = ((SOAPElement) o).getElementQName();
return name.getLocalPart();
}
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSClientAuthContext.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -36,46 +36,55 @@
import org.jboss.security.config.ControlFlag;
/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * JBossWS ClientAuthContext implementation to {@link #secureRequest(MessageInfo,
Subject)}
+ * <p>and {@link #validateResponse(MessageInfo, Subject, Subject)}
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
-public class JBossWSClientAuthContext implements ClientAuthContext {
+public class JBossWSClientAuthContext implements ClientAuthContext
+{
private final List<ClientAuthModule> modules;
+
@SuppressWarnings("rawtypes")
private final Map<String, Map> moduleOptionsByName;
+
protected List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
@SuppressWarnings("rawtypes")
- public JBossWSClientAuthContext(List<ClientAuthModule> modules,
- Map<String, Map> moduleNameToOptions, CallbackHandler cbh)
- throws AuthException {
+ public JBossWSClientAuthContext(List<ClientAuthModule> modules, Map<String,
Map> moduleNameToOptions,
+ CallbackHandler cbh) throws AuthException
+ {
this.modules = modules;
this.moduleOptionsByName = moduleNameToOptions;
- for (ClientAuthModule cam : modules) {
- cam.initialize(null, null, cbh,
- moduleOptionsByName.get(cam.getClass().getName()));
+ for (ClientAuthModule cam : modules)
+ {
+ cam.initialize(null, null, cbh,
moduleOptionsByName.get(cam.getClass().getName()));
}
}
@Override
- public void cleanSubject(MessageInfo messageInfo, Subject subject)
- throws AuthException {
- for (ClientAuthModule cam : modules) {
+ public void cleanSubject(MessageInfo messageInfo, Subject subject) throws
AuthException
+ {
+ for (ClientAuthModule cam : modules)
+ {
cam.cleanSubject(messageInfo, subject);
}
}
- public void setControlFlags(List<ControlFlag> controlFlags) {
+ public void setControlFlags(List<ControlFlag> controlFlags)
+ {
this.controlFlags = controlFlags;
}
@Override
- public AuthStatus secureRequest(MessageInfo messageInfo,
- Subject clientSubject) throws AuthException {
+ public AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject) throws
AuthException
+ {
AuthStatus status = null;
- for (ClientAuthModule sam : modules) {
+ for (ClientAuthModule sam : modules)
+ {
status = sam.secureRequest(messageInfo, clientSubject);
- if (status == AuthStatus.FAILURE) {
+ if (status == AuthStatus.FAILURE)
+ {
break;
}
}
@@ -83,12 +92,15 @@
}
@Override
- public AuthStatus validateResponse(MessageInfo messageInfo,
- Subject clientSubject, Subject serviceSubject) throws AuthException {
+ public AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject)
+ throws AuthException
+ {
AuthStatus status = null;
- for (ClientAuthModule sam : modules) {
+ for (ClientAuthModule sam : modules)
+ {
status = sam.secureRequest(messageInfo, clientSubject);
- if (status == AuthStatus.FAILURE) {
+ if (status == AuthStatus.FAILURE)
+ {
break;
}
}
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthConfig.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -52,27 +52,34 @@
import org.jboss.security.config.ControlFlag;
import org.jboss.security.plugins.ClassLoaderLocator;
import org.jboss.security.plugins.ClassLoaderLocatorFactory;
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+
+/**
+ * JBossWS ServerAuthConfig implentation to obtain JBossWSServerAuthContext
+ * @see org.jboss.wsf.stack.cxf.jaspi.config.JBossWSServerAuthContext
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
-public class JBossWSServerAuthConfig extends JBossServerAuthConfig {
- private final CallbackHandler callbackHandler = new JBossCallbackHandler();
- @SuppressWarnings("rawtypes")
- private final List modules = new ArrayList();
+public class JBossWSServerAuthConfig extends JBossServerAuthConfig
+{
+ private final CallbackHandler callbackHandler = new JBossCallbackHandler();
- @SuppressWarnings("rawtypes")
- public JBossWSServerAuthConfig(String layer, String appContext,
- CallbackHandler handler, Map properties) {
- super(layer, appContext, handler, properties);
- }
+ @SuppressWarnings("rawtypes")
+ private final List modules = new ArrayList();
- @SuppressWarnings({ "rawtypes", "unchecked" })
- public ServerAuthContext getAuthContext(String authContextID, Subject serviceSubject,
Map properties) throws AuthException
+ @SuppressWarnings("rawtypes")
+ public JBossWSServerAuthConfig(String layer, String appContext, CallbackHandler
handler, Map properties)
{
+ super(layer, appContext, handler, properties);
+ }
+
+ @SuppressWarnings(
+ {"rawtypes", "unchecked"})
+ public ServerAuthContext getAuthContext(String authContextID, Subject serviceSubject,
Map properties)
+ throws AuthException
+ {
List<ControlFlag> controlFlags = new ArrayList<ControlFlag>();
Map<String, Map> mapOptionsByName = new HashMap<String, Map>();
- JASPIAuthenticationInfo jai =
(JASPIAuthenticationInfo)properties.get("jaspi-policy");
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo)
properties.get("jaspi-policy");
AuthModuleEntry[] amearr = jai.getAuthModuleEntry();
ClassLoader moduleCL = null;
@@ -92,14 +99,15 @@
{
mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
controlFlags.add(ame.getControlFlag());
- ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName(),
ame.getLoginModuleStackHolderName());
+ ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName(),
+ ame.getLoginModuleStackHolderName());
Map options = new HashMap();
- Bus bus = (Bus)properties.get(Bus.class);
+ Bus bus = (Bus) properties.get(Bus.class);
options.put(Bus.class, bus);
- javax.xml.ws.Endpoint endpoint =
(javax.xml.ws.Endpoint)properties.get(javax.xml.ws.Endpoint.class);
+ javax.xml.ws.Endpoint endpoint = (javax.xml.ws.Endpoint)
properties.get(javax.xml.ws.Endpoint.class);
options.put(javax.xml.ws.Endpoint.class, endpoint);
-
+
sam.initialize(null, null, callbackHandler, options);
modules.add(sam);
}
@@ -127,15 +135,16 @@
}
}
- JBossWSServerAuthContext serverAuthContext = new JBossWSServerAuthContext(modules,
mapOptionsByName, this.callbackHandler);
+ JBossWSServerAuthContext serverAuthContext = new JBossWSServerAuthContext(modules,
mapOptionsByName,
+ this.callbackHandler);
serverAuthContext.setControlFlags(controlFlags);
return serverAuthContext;
- }
+ }
- @SuppressWarnings("rawtypes")
+ @SuppressWarnings("rawtypes")
public String getAuthContextID(MessageInfo messageInfo)
{
- SOAPMessage request = (SOAPMessage)messageInfo.getRequestMessage();
+ SOAPMessage request = (SOAPMessage) messageInfo.getRequestMessage();
if (request == null)
{
return null;
@@ -166,14 +175,14 @@
SOAPBody body = envelope.getBody();
if (body != null)
{
-
+
Iterator it = body.getChildElements();
while (it.hasNext())
{
Object o = it.next();
if (o instanceof SOAPElement)
{
- QName name = ((SOAPElement)o).getElementQName();
+ QName name = ((SOAPElement) o).getElementQName();
return name.getLocalPart();
}
@@ -190,24 +199,29 @@
return null;
}
- public boolean isProtected() {
- throw new UnsupportedOperationException();
- }
+ public boolean isProtected()
+ {
+ throw new UnsupportedOperationException();
+ }
- @SuppressWarnings({ "unchecked", "rawtypes" })
- private ServerAuthModule createSAM(ClassLoader moduleCL, String name)
- throws Exception {
- Class clazz = SecurityActions.loadClass(moduleCL, name);
- Constructor ctr = clazz.getConstructor(new Class[0]);
- return (ServerAuthModule) ctr.newInstance(new Object[0]);
- }
+ @SuppressWarnings(
+ {"unchecked", "rawtypes"})
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name) throws
Exception
+ {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[0]);
+ return (ServerAuthModule) ctr.newInstance(new Object[0]);
+ }
- @SuppressWarnings({ "unchecked", "rawtypes" })
- private ServerAuthModule createSAM(ClassLoader moduleCL, String name,
- String lmshName) throws Exception {
- Class clazz = SecurityActions.loadClass(moduleCL, name);
- Constructor ctr = clazz.getConstructor(new Class[] { String.class });
- return (ServerAuthModule) ctr.newInstance(new Object[] { lmshName });
- }
+ @SuppressWarnings(
+ {"unchecked", "rawtypes"})
+ private ServerAuthModule createSAM(ClassLoader moduleCL, String name, String lmshName)
throws Exception
+ {
+ Class clazz = SecurityActions.loadClass(moduleCL, name);
+ Constructor ctr = clazz.getConstructor(new Class[]
+ {String.class});
+ return (ServerAuthModule) ctr.newInstance(new Object[]
+ {lmshName});
+ }
}
\ No newline at end of file
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/JBossWSServerAuthContext.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -20,8 +20,10 @@
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.wsf.stack.cxf.jaspi.config;
+
/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * JBossWS ServerAuthContext implementation
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
import java.util.List;
import java.util.Map;
@@ -31,13 +33,15 @@
import javax.security.auth.message.module.ServerAuthModule;
import org.jboss.security.auth.message.config.JBossServerAuthContext;
-@SuppressWarnings({"rawtypes" })
-public class JBossWSServerAuthContext extends JBossServerAuthContext {
- public JBossWSServerAuthContext(List<ServerAuthModule> modules,
- Map<String, Map> moduleNameToOptions, CallbackHandler cbh)
- throws AuthException {
- super(modules, moduleNameToOptions, cbh);
- }
+@SuppressWarnings({"rawtypes"})
+public class JBossWSServerAuthContext extends JBossServerAuthContext
+{
+ public JBossWSServerAuthContext(List<ServerAuthModule> modules, Map<String,
Map> moduleNameToOptions,
+ CallbackHandler cbh) throws AuthException
+ {
+ super(modules, moduleNameToOptions, cbh);
+ }
+
}
Modified:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/config/SecurityActions.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -21,7 +21,7 @@
*/
package org.jboss.wsf.stack.cxf.jaspi.config;
/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
import java.security.AccessController;
import java.security.PrivilegedAction;
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1,99 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.interceptor;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.SAAJPreInInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.phase.Phase;
+import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
+/**
+ * CXF in interceptor to validateRequest cxf SoapMessage with JaspiServerAuthenticator
+ * @see org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiSeverInInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiServerAuthenticator authManager;
+
+ public JaspiSeverInInterceptor(JaspiServerAuthenticator authManager)
+ {
+ super(Phase.PRE_PROTOCOL);
+ addAfter(SAAJInInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ SAAJInInterceptor saajIn = new SAAJInInterceptor();
+ saajIn.handleMessage(message);
+ }
+ SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
+ if (soapMessage == null)
+ {
+ return;
+ }
+
+ SOAPMessage copyMessage = null;
+ try
+ {
+ MessageFactory messageFactory =
SAAJPreInInterceptor.INSTANCE.getFactory(message);
+ ByteArrayOutputStream bout = new ByteArrayOutputStream();
+ soapMessage.writeTo(bout);
+ copyMessage = messageFactory.createMessage(soapMessage.getMimeHeaders(), new
ByteArrayInputStream(bout.toByteArray()));
+ }
+ catch (SOAPException e)
+ {
+ throw new Fault(e);
+ }
+ catch (IOException e)
+ {
+ throw new Fault(e);
+ }
+ if (copyMessage != null) {
+ message.put(SOAPMessage.class, copyMessage);
+ }
+ try
+ {
+ authManager.validateRequest(message);
+ }
+ finally
+ {
+ message.put(SOAPMessage.class, soapMessage);
+ }
+
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverInInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.interceptor;
+
+import java.util.ListIterator;
+
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.Interceptor;
+import org.apache.cxf.interceptor.StaxOutInterceptor;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.Phase;
+import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
+
+/**
+ * CXF out interceptor to secureResponse cxf SoapMessage with JaspiServerAuthenticator
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiSeverOutInterceptor extends AbstractSoapInterceptor
+{
+ private final JaspiServerAuthenticator authManager;
+ private static final SAAJOutInterceptor SAAJ_OUT = new SAAJOutInterceptor();
+
+ public JaspiSeverOutInterceptor(JaspiServerAuthenticator authManager)
+ {
+ super(Phase.PRE_STREAM);
+ addAfter(StaxOutInterceptor.class.getName());
+ this.authManager = authManager;
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (!chainAlreadyContainsSAAJ(message))
+ {
+ SAAJ_OUT.handleMessage(message);
+ }
+ message.getInterceptorChain().add(new JaspiServerOutEndingInterceptor());
+
+ }
+
+ private static boolean chainAlreadyContainsSAAJ(SoapMessage message)
+ {
+ ListIterator<Interceptor<? extends Message>> listIterator =
message.getInterceptorChain().getIterator();
+ while (listIterator.hasNext())
+ {
+ if (listIterator.next() instanceof SAAJOutInterceptor)
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public class JaspiServerOutEndingInterceptor extends AbstractSoapInterceptor
+ {
+ public JaspiServerOutEndingInterceptor()
+ {
+ super(Phase.WRITE_ENDING);
+ addAfter(SoapOutInterceptor.SoapOutEndingInterceptor.class.getName());
+ }
+
+ @Override
+ public void handleMessage(SoapMessage message) throws Fault
+ {
+ if (message.getContent(SOAPMessage.class) == null)
+ {
+ return;
+ }
+ authManager.secureResponse(message);
+ }
+ }
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSeverOutInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1,32 @@
+package org.jboss.wsf.stack.cxf.jaspi.interceptor;
+
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.plugins.JBossAuthenticationManager;
+
+/*
+ * CXF interceptor to set jaspi JBossAuthenticationManager in message
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class JaspiSubjectCreatingInitInterceptor extends
AbstractPhaseInterceptor<Message>
+{
+ private final JBossAuthenticationManager authenticationManger;
+
+ public JaspiSubjectCreatingInitInterceptor(String securityDomain) {
+ super(Phase.PRE_INVOKE);
+
this.addBefore("org.jboss.wsf.stack.cxf.security.authentication.JaspiSubjectCreatingInterceptor");
+ authenticationManger = new JBossAuthenticationManager(securityDomain, new
JBossCallbackHandler());
+ }
+
+
+ @Override
+ public void handleMessage(Message message) throws Fault
+ {
+ message.put(JBossAuthenticationManager.class, authenticationManger);
+ }
+
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/interceptor/JaspiSubjectCreatingInitInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.log;
+
+import static org.jboss.logging.Logger.Level.WARN;
+
+import org.jboss.logging.BasicLogger;
+import org.jboss.logging.Cause;
+import org.jboss.logging.LogMessage;
+import org.jboss.logging.Message;
+import org.jboss.logging.MessageLogger;
+
+/**
+ * JBossWS-CXF log messages
+ *
+ * @author alessio.soldano(a)jboss.com
+ */
+@SuppressWarnings("deprecation")
+@MessageLogger(projectCode = "JBWS")
+public interface Loggers extends BasicLogger
+{
+ Loggers ROOT_LOGGER = org.jboss.logging.Logger.getMessageLogger(Loggers.class,
"org.jboss.ws.cxf");
+ Loggers DEPLOYMENT_LOGGER = org.jboss.logging.Logger.getMessageLogger(Loggers.class,
"org.jboss.ws.cxf.deployment");
+
+ @LogMessage(level = WARN)
+ @Message(id = 24102, value = "No application policy found for security domain
'%s'")
+ void noApplicationPolicy(String securityDomain);
+
+ @LogMessage(level = WARN)
+ @Message(id = 24103, value = "No JASPIAuthenticationInfo found for security
domain '%s'")
+ void noJaspiApplicationPolicy(String securityDomain);
+
+ @LogMessage(level = WARN)
+ @Message(id = 24104, value = "Can not create Jaspi ServerAuthContext for
security domain '%s'")
+ void cannotCreateServerAuthContext(String securityDomain, @Cause Throwable cause);
+
+ @LogMessage(level = WARN)
+ @Message(id = 24105, value = "Can not enable Jaspi authentication for
'%s' instance")
+ void cannotEnableJASPIAuthentication(String classname);
+}
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/log/Loggers.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1,118 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2013, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.jaspi.module;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.MessagePolicy;
+import javax.xml.soap.SOAPMessage;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.interceptor.InterceptorProvider;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.jboss.security.auth.container.modules.AbstractServerAuthModule;
+import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSubjectCreatingInitInterceptor;
+
+
+/**
+ * This ServerAuthModule class adds JaspiSubjectCreatingInitInterceptor to authenticate
principal and populates Subject
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class UsernameTokenServerAuthModule extends AbstractServerAuthModule
+{
+ private final String securityDomainName;
+
+ @SuppressWarnings("rawtypes")
+ public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy,
CallbackHandler handler, Map options) throws AuthException
+ {
+ super.initialize(requestPolicy, responsePolicy, handler, options);
+ final javax.xml.ws.Endpoint endpoint =
(javax.xml.ws.Endpoint)options.get(javax.xml.ws.Endpoint.class);
+ InterceptorProvider ip = null;
+ if (endpoint == null && options.get(Bus.class) != null)
+ {
+ final Bus bus = (Bus)options.get(Bus.class);
+ bus.setProperty(SecurityConstants.VALIDATE_TOKEN, false);
+ ip = (InterceptorProvider)bus;
+ }
+ if (endpoint != null) {
+ endpoint.getProperties().put(SecurityConstants.VALIDATE_TOKEN, false);
+ ip = (InterceptorProvider)endpoint;
+ }
+ if (ip != null)
+ {
+ JaspiSubjectCreatingInitInterceptor jaspiInterceptor = new
JaspiSubjectCreatingInitInterceptor(securityDomainName);
+ ip.getInInterceptors().add(jaspiInterceptor);
+ }
+
+ }
+
+ public UsernameTokenServerAuthModule()
+ {
+ supportedTypes.add(Object.class);
+ supportedTypes.add(SOAPMessage.class);
+ securityDomainName = null;
+ }
+
+ public UsernameTokenServerAuthModule(String lmshName)
+ {
+ supportedTypes.add(Object.class);
+ this.supportedTypes.add(SOAPMessage.class);
+ securityDomainName = lmshName;
+ }
+
+ @Override
+ public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException
+ {
+ return AuthStatus.SUCCESS;
+ }
+
+ public AuthStatus secureResponse(MessageInfo messageInfo, Subject arg1) throws
AuthException
+ {
+ return AuthStatus.SUCCESS;
+ }
+
+ protected String getSecurityDomainName()
+ {
+ if (this.securityDomainName != null)
+ return securityDomainName;
+
+ // Check if it is passed in the options
+ String domainName =
(String)options.get("javax.security.auth.login.LoginContext");
+ if (domainName == null)
+ {
+ domainName = getClass().getName();
+ }
+ return domainName;
+ }
+
+ @Override
+ protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws
AuthException
+ {
+ return true;
+ }
+
+}
\ No newline at end of file
Property changes on:
stack/cxf/branches/jaspi/modules/jaspi/src/main/java/org/jboss/wsf/stack/cxf/jaspi/module/UsernameTokenServerAuthModule.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Added:
stack/cxf/branches/jaspi/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider
===================================================================
---
stack/cxf/branches/jaspi/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider
(rev 0)
+++
stack/cxf/branches/jaspi/modules/jaspi/src/main/resources/META-INF/services/org.jboss.wsf.spi.security.JASPIAuthenticationProvider 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1 @@
+org.jboss.wsf.stack.cxf.jaspi.DefaultJASPIAuthenticationProvider
Modified: stack/cxf/branches/jaspi/modules/server/pom.xml
===================================================================
--- stack/cxf/branches/jaspi/modules/server/pom.xml 2014-02-14 12:43:48 UTC (rev 18369)
+++ stack/cxf/branches/jaspi/modules/server/pom.xml 2014-02-14 13:44:38 UTC (rev 18370)
@@ -20,13 +20,12 @@
<groupId>org.jboss.ws.cxf</groupId>
<artifactId>jbossws-cxf-client</artifactId>
<version>${project.version}</version>
- </dependency>
+ </dependency>
<dependency>
<groupId>org.jboss.ws.cxf</groupId>
<artifactId>jbossws-cxf-jaspi</artifactId>
<version>${project.version}</version>
- </dependency>
-
+ </dependency>
<dependency>
<groupId>org.jboss.spec.javax.ejb</groupId>
<artifactId>jboss-ejb-api_3.1_spec</artifactId>
@@ -253,10 +252,6 @@
<groupId>org.jboss.spec.javax.jms</groupId>
<artifactId>jboss-jms-api_1.1_spec</artifactId>
</dependency>
- <dependency>
- <groupId>org.jboss.spec.javax.security.auth.message</groupId>
- <artifactId>jboss-jaspi-api_1.1_spec</artifactId>
- </dependency>
<dependency>
<groupId>junit</groupId>
Modified:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -24,14 +24,8 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.Properties;
import java.util.Map.Entry;
-import javax.security.auth.message.config.AuthConfigFactory;
-import javax.security.auth.message.config.AuthConfigProvider;
-import javax.security.auth.message.config.ServerAuthConfig;
-import javax.security.auth.message.config.ServerAuthContext;
-
import org.apache.cxf.Bus;
import org.apache.cxf.buslifecycle.BusLifeCycleListener;
import org.apache.cxf.buslifecycle.BusLifeCycleManager;
@@ -54,33 +48,26 @@
import org.apache.cxf.ws.policy.AlternativeSelector;
import org.apache.cxf.ws.policy.PolicyEngine;
import org.apache.cxf.ws.policy.selector.MaximalAlternativeSelector;
-import org.jboss.security.auth.callback.JBossCallbackHandler;
-import org.jboss.security.auth.login.AuthenticationInfo;
-import org.jboss.security.auth.login.BaseAuthenticationInfo;
-import org.jboss.security.auth.login.JASPIAuthenticationInfo;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.SecurityConfiguration;
import org.jboss.ws.api.annotation.PolicySets;
import org.jboss.ws.api.binding.BindingCustomization;
+import org.jboss.wsf.spi.SPIProvider;
+import org.jboss.wsf.spi.WSFException;
+import org.jboss.wsf.spi.classloading.ClassLoaderProvider;
import org.jboss.wsf.spi.deployment.AnnotationsInfo;
import org.jboss.wsf.spi.deployment.Deployment;
import org.jboss.wsf.spi.deployment.Endpoint;
import org.jboss.wsf.spi.deployment.UnifiedVirtualFile;
import org.jboss.wsf.spi.metadata.webservices.JBossWebservicesMetaData;
-import org.jboss.wsf.stack.cxf.Loggers;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
import org.jboss.wsf.stack.cxf.client.Constants;
import org.jboss.wsf.stack.cxf.deployment.WSDLFilePublisher;
import org.jboss.wsf.stack.cxf.extensions.policy.PolicySetsAnnotationListener;
import org.jboss.wsf.stack.cxf.interceptor.EnableDecoupledFaultInterceptor;
import org.jboss.wsf.stack.cxf.interceptor.EndpointAssociationInterceptor;
import org.jboss.wsf.stack.cxf.interceptor.HandlerAuthInterceptor;
-import org.jboss.wsf.stack.cxf.interceptor.JaspiSeverInInterceptor;
-import org.jboss.wsf.stack.cxf.interceptor.JaspiSeverOutInterceptor;
import org.jboss.wsf.stack.cxf.interceptor.NsCtxSelectorStoreInterceptor;
-import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
-import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider;
-import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConstants;
import org.jboss.wsf.stack.cxf.management.InstrumentationManagerExtImpl;
+import
org.jboss.wsf.stack.cxf.security.authentication.AutenticationMgrSubjectCreatingInterceptor;
import org.jboss.wsf.stack.cxf.transport.JBossWSDestinationRegistryImpl;
/**
@@ -131,12 +118,22 @@
Map<String, String> props = (wsmd == null) ? null : wsmd.getProperties();
setInterceptors(bus, props);
-
- final JaspiServerAuthenticator authenticator = getJaspiAuthenticator(dep, wsmd);
- if (authenticator != null) {
- bus.getInInterceptors().add(new JaspiSeverInInterceptor(authenticator));
- bus.getOutInterceptors().add(new JaspiSeverOutInterceptor(authenticator));
+
+ try
+ {
+ final JASPIAuthenticationProvider jaspiProvider =
SPIProvider.getInstance().getSPI(
+ JASPIAuthenticationProvider.class,
+
ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
+ if (jaspiProvider != null)
+ {
+ jaspiProvider.enableServerAuthentication(dep, wsmd);
+ bus.getInInterceptors().add(new
AutenticationMgrSubjectCreatingInterceptor());
+ }
}
+ catch (WSFException e)
+ {
+ // ignore
+ }
setResourceResolver(bus, resolver);
@@ -306,52 +303,8 @@
return selector;
}
- private JaspiServerAuthenticator getJaspiAuthenticator(Deployment dep,
JBossWebservicesMetaData wsmd) {
- String securityDomain = null;
- if (wsmd != null) {
- securityDomain =
wsmd.getProperty(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
- }
- if (securityDomain == null) {
- return null;
- }
- ApplicationPolicy appPolicy =
SecurityConfiguration.getApplicationPolicy(securityDomain);
- if (appPolicy == null) {
- Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
- return null;
- }
- BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
- if (bai == null || bai instanceof AuthenticationInfo) {
- Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
- return null;
- }
- JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
-
- String contextRoot = dep.getService().getContextRoot();
- String appId = "localhost " + contextRoot;
- AuthConfigFactory factory = AuthConfigFactory.getFactory();
- Properties properties = new Properties();
- AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
- provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId,
null);
-
- JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
- try
- {
- ServerAuthConfig serverConfig =
provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
- Properties serverContextProperties = new Properties();
- serverContextProperties.put("security-domain", securityDomain);
- serverContextProperties.put("jaspi-policy", jai);
- serverContextProperties.put(Bus.class, bus);
- String authContextID = dep.getSimpleName();
- ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null,
serverContextProperties);
- return new JaspiServerAuthenticator(sctx);
- }
- catch (Exception e)
- {
- Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
- }
- return null;
- }
+
private static AutomaticWorkQueue createWorkQueue(String name, Map<String,
String> props) {
int mqs = parseInt(props.get(Constants.CXF_QUEUE_MAX_QUEUE_SIZE_PROP), 256);
int initialThreads = parseInt(props.get(Constants.CXF_QUEUE_INITIAL_THREADS_PROP),
0);
Modified:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/ServerBeanCustomizer.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -24,38 +24,25 @@
import java.io.IOException;
import java.security.AccessController;
import java.util.List;
-import java.util.Properties;
-import javax.security.auth.message.config.AuthConfigFactory;
-import javax.security.auth.message.config.AuthConfigProvider;
-import javax.security.auth.message.config.ServerAuthConfig;
-import javax.security.auth.message.config.ServerAuthContext;
-
import org.apache.cxf.frontend.ServerFactoryBean;
-import org.jboss.security.auth.callback.JBossCallbackHandler;
-import org.jboss.security.auth.login.AuthenticationInfo;
-import org.jboss.security.auth.login.BaseAuthenticationInfo;
-import org.jboss.security.auth.login.JASPIAuthenticationInfo;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.SecurityConfiguration;
import org.jboss.ws.api.annotation.EndpointConfig;
import org.jboss.ws.common.management.AbstractServerConfig;
+import org.jboss.wsf.spi.SPIProvider;
+import org.jboss.wsf.spi.WSFException;
+import org.jboss.wsf.spi.classloading.ClassLoaderProvider;
import org.jboss.wsf.spi.deployment.Endpoint;
import org.jboss.wsf.spi.deployment.UnifiedVirtualFile;
import org.jboss.wsf.spi.management.ServerConfig;
import org.jboss.wsf.spi.metadata.config.ConfigMetaDataParser;
import org.jboss.wsf.spi.metadata.config.ConfigRoot;
+import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
import org.jboss.wsf.stack.cxf.JBossWSInvoker;
-import org.jboss.wsf.stack.cxf.Loggers;
import org.jboss.wsf.stack.cxf.Messages;
import org.jboss.wsf.stack.cxf.client.configuration.BeanCustomizer;
import org.jboss.wsf.stack.cxf.deployment.EndpointImpl;
import org.jboss.wsf.stack.cxf.deployment.WSDLFilePublisher;
-import org.jboss.wsf.stack.cxf.interceptor.JaspiSeverInInterceptor;
-import org.jboss.wsf.stack.cxf.interceptor.JaspiSeverOutInterceptor;
-import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
-import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider;
-import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConstants;
+import
org.jboss.wsf.stack.cxf.security.authentication.AutenticationMgrSubjectCreatingInterceptor;
/**
*
@@ -175,8 +162,20 @@
throw Messages.MESSAGES.couldNotReadConfigFile(configFile);
}
}
-
- addJaspiInterceptors(endpoint);
+ try
+ {
+ final JASPIAuthenticationProvider jaspiProvider =
SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class,
+
ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
+ if (jaspiProvider != null)
+ {
+ jaspiProvider.enableServerAuthentication(endpoint, depEndpoints.get(0));
+ endpoint.getInInterceptors().add(new
AutenticationMgrSubjectCreatingInterceptor());
+ }
+ }
+ catch (WSFException e)
+ {
+ //ignore
+ }
}
}
@@ -212,48 +211,6 @@
this.epConfigFile = epConfigFile;
}
- private void addJaspiInterceptors(EndpointImpl endpoint) {
- String securityDomain =
(String)endpoint.getProperties().get(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
- if (securityDomain == null) {
- return;
- }
- ApplicationPolicy appPolicy =
SecurityConfiguration.getApplicationPolicy(securityDomain);
- if (appPolicy == null) {
- Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
- return;
- }
- BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
- if (bai == null || bai instanceof AuthenticationInfo) {
- Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
- return;
- }
- JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
- String contextRoot = depEndpoints.get(0).getService().getContextRoot();
- String appId = "localhost " + contextRoot;
- AuthConfigFactory factory = AuthConfigFactory.getFactory();
- Properties properties = new Properties();
- AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
- provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId,
null);
+
- JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
- JaspiServerAuthenticator serverAuthenticator = null;
- try
- {
- ServerAuthConfig serverConfig =
provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
- Properties serverContextProperties = new Properties();
- serverContextProperties.put("security-domain", securityDomain);
- serverContextProperties.put("jaspi-policy", jai);
- serverContextProperties.put(javax.xml.ws.Endpoint.class, endpoint);
- String authContextID = endpoint.getBeanName();
- ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null,
serverContextProperties);
- serverAuthenticator = new JaspiServerAuthenticator(sctx);
- endpoint.getInInterceptors().add(new
JaspiSeverInInterceptor(serverAuthenticator));
- endpoint.getOutInterceptors().add(new
JaspiSeverOutInterceptor(serverAuthenticator));
- }
- catch (Exception e)
- {
- Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
- }
- }
-
}
Modified:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/deployment/aspect/BusDeploymentAspect.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/deployment/aspect/BusDeploymentAspect.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/deployment/aspect/BusDeploymentAspect.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -27,6 +27,7 @@
import javax.xml.ws.spi.Provider;
+import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.configuration.Configurer;
import org.jboss.ws.api.binding.BindingCustomization;
@@ -136,6 +137,7 @@
holder.configure(resolver, configurer, wsmd, dep);
dep.addAttachment(BusHolder.class, holder);
+ dep.addAttachment(Bus.class, holder.getBus());
if (holder instanceof SpringBusHolder)
{
for (Endpoint endpoint : dep.getService().getEndpoints())
Deleted:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverInInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverInInterceptor.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverInInterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -1,97 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2010, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.wsf.stack.cxf.interceptor;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import javax.xml.soap.MessageFactory;
-import javax.xml.soap.SOAPException;
-import javax.xml.soap.SOAPMessage;
-
-import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
-import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
-import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.SAAJPreInInterceptor;
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.phase.Phase;
-import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
- */
-public class JaspiSeverInInterceptor extends AbstractSoapInterceptor
-{
- private final JaspiServerAuthenticator authManager;
-
- public JaspiSeverInInterceptor(JaspiServerAuthenticator authManager)
- {
- super(Phase.PRE_PROTOCOL);
- addAfter(SAAJInInterceptor.class.getName());
- this.authManager = authManager;
- }
-
- @Override
- public void handleMessage(SoapMessage message) throws Fault
- {
- if (message.getContent(SOAPMessage.class) == null)
- {
- SAAJInInterceptor saajIn = new SAAJInInterceptor();
- saajIn.handleMessage(message);
- }
- SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
- if (soapMessage == null)
- {
- return;
- }
-
- SOAPMessage copyMessage = null;
- try
- {
- MessageFactory messageFactory =
SAAJPreInInterceptor.INSTANCE.getFactory(message);
- ByteArrayOutputStream bout = new ByteArrayOutputStream();
- soapMessage.writeTo(bout);
- copyMessage = messageFactory.createMessage(soapMessage.getMimeHeaders(), new
ByteArrayInputStream(bout.toByteArray()));
- }
- catch (SOAPException e)
- {
- throw new Fault(e);
- }
- catch (IOException e)
- {
- throw new Fault(e);
- }
- if (copyMessage != null) {
- message.put(SOAPMessage.class, copyMessage);
- }
- try
- {
- authManager.validateRequest(message);
- }
- finally
- {
- message.put(SOAPMessage.class, soapMessage);
- }
-
- }
-
-}
Deleted:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverOutInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverOutInterceptor.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/interceptor/JaspiSeverOutInterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -1,97 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2010, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.wsf.stack.cxf.interceptor;
-
-import java.util.ListIterator;
-
-import javax.xml.soap.SOAPMessage;
-
-import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
-import org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor;
-import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.interceptor.Interceptor;
-import org.apache.cxf.interceptor.StaxOutInterceptor;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.Phase;
-import org.jboss.wsf.stack.cxf.jaspi.JaspiServerAuthenticator;
-
-/**
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
- */
-public class JaspiSeverOutInterceptor extends AbstractSoapInterceptor
-{
- private final JaspiServerAuthenticator authManager;
- private static final SAAJOutInterceptor SAAJ_OUT = new SAAJOutInterceptor();
-
- public JaspiSeverOutInterceptor(JaspiServerAuthenticator authManager)
- {
- super(Phase.PRE_STREAM);
- addAfter(StaxOutInterceptor.class.getName());
- this.authManager = authManager;
- }
-
- @Override
- public void handleMessage(SoapMessage message) throws Fault
- {
- if (!chainAlreadyContainsSAAJ(message))
- {
- SAAJ_OUT.handleMessage(message);
- }
- message.getInterceptorChain().add(new JaspiServerOutEndingInterceptor());
-
- }
-
- private static boolean chainAlreadyContainsSAAJ(SoapMessage message)
- {
- ListIterator<Interceptor<? extends Message>> listIterator =
message.getInterceptorChain().getIterator();
- while (listIterator.hasNext())
- {
- if (listIterator.next() instanceof SAAJOutInterceptor)
- {
- return true;
- }
- }
- return false;
- }
-
- public class JaspiServerOutEndingInterceptor extends AbstractSoapInterceptor
- {
- public JaspiServerOutEndingInterceptor()
- {
- super(Phase.WRITE_ENDING);
- addAfter(SoapOutInterceptor.SoapOutEndingInterceptor.class.getName());
- }
-
- @Override
- public void handleMessage(SoapMessage message) throws Fault
- {
- if (message.getContent(SOAPMessage.class) == null)
- {
- return;
- }
- authManager.secureResponse(message);
- }
- }
-
-}
Modified:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/metadata/services/DDJmsAddressBean.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/metadata/services/DDJmsAddressBean.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/metadata/services/DDJmsAddressBean.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -29,7 +29,7 @@
/**
* DDJmsAddressBean.
*
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
public class DDJmsAddressBean
{
Added:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java
(rev 0)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -0,0 +1,73 @@
+package org.jboss.wsf.stack.cxf.security.authentication;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.apache.cxf.common.security.SecurityToken;
+import org.apache.cxf.common.security.TokenType;
+import org.apache.cxf.common.security.UsernameToken;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.security.SecurityContext;
+import org.apache.ws.security.WSUsernameTokenPrincipal;
+import org.jboss.security.plugins.JBossAuthenticationManager;
+import org.jboss.wsf.stack.cxf.Loggers;
+import org.jboss.wsf.stack.cxf.Messages;
+
+/*
+ * Interceptor to authenticate principal with provided jaspi JBossAuthenticationManager
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
+ */
+public class AutenticationMgrSubjectCreatingInterceptor extends
SubjectCreatingPolicyInterceptor
+{
+
+ public AutenticationMgrSubjectCreatingInterceptor() {
+ super();
+ }
+
+
+ @Override
+ public void handleMessage(Message message) throws Fault
+ {
+ JBossAuthenticationManager authenticationManger =
message.get(JBossAuthenticationManager.class);
+ if (authenticationManger == null) {
+ return;
+ }
+ SecurityContext context = message.get(SecurityContext.class);
+ if (context == null || context.getUserPrincipal() == null)
+ {
+ Loggers.SECURITY_LOGGER.userPrincipalNotAvailableOnCurrentMessage();
+ return;
+ }
+
+ SecurityToken token = message.get(SecurityToken.class);
+ Subject subject = null;
+ if (token != null)
+ {
+ //Try authenticating using SecurityToken info
+ if (token.getTokenType() != TokenType.UsernameToken)
+ {
+ throw Messages.MESSAGES.unsupportedTokenType(token.getTokenType());
+ }
+ UsernameToken ut = (UsernameToken) token;
+ subject = helper.createSubject(authenticationManger, ut.getName(),
ut.getPassword(), ut.isHashed(), ut.getNonce(), ut.getCreatedTime());
+
+ }
+ else
+ {
+ //Try authenticating using WSS4J internal info (previously set into
SecurityContext by WSS4JInInterceptor)
+ Principal p = context.getUserPrincipal();
+ if (!(p instanceof WSUsernameTokenPrincipal)) {
+ throw Messages.MESSAGES.couldNotGetSubjectInfo();
+ }
+ WSUsernameTokenPrincipal up = (WSUsernameTokenPrincipal) p;
+ subject = helper.createSubject(authenticationManger, up.getName(),
up.getPassword(), up.isPasswordDigest(), up.getNonce(), up.getCreatedTime());
+ }
+
+ Principal principal = getPrincipal(context.getUserPrincipal(), subject);
+ message.put(SecurityContext.class, createSecurityContext(principal, subject));
+ }
+
+
+}
Property changes on:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AutenticationMgrSubjectCreatingInterceptor.java
___________________________________________________________________
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
Deleted:
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/JaspiSubjectCreatingInterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/JaspiSubjectCreatingInterceptor.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/JaspiSubjectCreatingInterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -1,68 +0,0 @@
-package org.jboss.wsf.stack.cxf.security.authentication;
-
-import java.security.Principal;
-
-import javax.security.auth.Subject;
-
-import org.apache.cxf.common.security.SecurityToken;
-import org.apache.cxf.common.security.TokenType;
-import org.apache.cxf.common.security.UsernameToken;
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.security.SecurityContext;
-import org.apache.ws.security.WSUsernameTokenPrincipal;
-import org.jboss.security.auth.callback.JBossCallbackHandler;
-import org.jboss.security.plugins.JBossAuthenticationManager;
-import org.jboss.wsf.stack.cxf.Loggers;
-import org.jboss.wsf.stack.cxf.Messages;
-
-public class JaspiSubjectCreatingInterceptor extends SubjectCreatingPolicyInterceptor
-{
- private final JBossAuthenticationManager authenticationManger;
-
- public JaspiSubjectCreatingInterceptor(String securityDomain) {
- super();
- authenticationManger = new JBossAuthenticationManager(securityDomain, new
JBossCallbackHandler());
- }
-
-
- @Override
- public void handleMessage(Message message) throws Fault
- {
- SecurityContext context = message.get(SecurityContext.class);
- if (context == null || context.getUserPrincipal() == null)
- {
- Loggers.SECURITY_LOGGER.userPrincipalNotAvailableOnCurrentMessage();
- return;
- }
-
- SecurityToken token = message.get(SecurityToken.class);
- Subject subject = null;
- if (token != null)
- {
- //Try authenticating using SecurityToken info
- if (token.getTokenType() != TokenType.UsernameToken)
- {
- throw Messages.MESSAGES.unsupportedTokenType(token.getTokenType());
- }
- UsernameToken ut = (UsernameToken) token;
- subject = helper.createSubject(authenticationManger, ut.getName(),
ut.getPassword(), ut.isHashed(), ut.getNonce(), ut.getCreatedTime());
-
- }
- else
- {
- //Try authenticating using WSS4J internal info (previously set into
SecurityContext by WSS4JInInterceptor)
- Principal p = context.getUserPrincipal();
- if (!(p instanceof WSUsernameTokenPrincipal)) {
- throw Messages.MESSAGES.couldNotGetSubjectInfo();
- }
- WSUsernameTokenPrincipal up = (WSUsernameTokenPrincipal) p;
- subject = helper.createSubject(authenticationManger, up.getName(),
up.getPassword(), up.isPasswordDigest(), up.getNonce(), up.getCreatedTime());
- }
-
- Principal principal = getPrincipal(context.getUserPrincipal(), subject);
- message.put(SecurityContext.class, createSecurityContext(principal, subject));
- }
-
-
-}
Modified:
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/ChangeRequestnterceptor.java
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/ChangeRequestnterceptor.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/ChangeRequestnterceptor.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -31,7 +31,7 @@
/**
* The cxf interceptor to change the request "Hello" to
"ChangedRequest"
*
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
public class ChangeRequestnterceptor extends AbstractPhaseInterceptor<Message>
{
Modified:
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/Endpoint.java
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/Endpoint.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/Endpoint.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -27,7 +27,7 @@
/**
* Endpoint.
*
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
@WebService(name = "Endpoint", targetNamespace =
"http://ws.jboss.org/jbws3033")
@SOAPBinding(style = SOAPBinding.Style.RPC)
Modified:
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/EndpointImpl.java
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/EndpointImpl.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/EndpointImpl.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -27,7 +27,7 @@
/**
* EndpointImpl.
*
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
@WebService(name = "Endpoint", serviceName = "EndpointService",
targetNamespace = "http://org.jboss.ws/jbws3033", endpointInterface =
"org.jboss.test.ws.jaxws.cxf.configuration.Endpoint")
Modified:
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/JBossWSCXFConfigurerTestCase.java
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/JBossWSCXFConfigurerTestCase.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/configuration/JBossWSCXFConfigurerTestCase.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -34,7 +34,7 @@
/**
* To test configure bean by name auto wire
*
- * @author <a href="ema(a)redhat.com">Jim Ma</a>
+ * @author <a href="mailto:ema@redhat.com">Jim Ma</a>
*/
public class JBossWSCXFConfigurerTestCase extends JBossWSTest
{
Modified:
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/Helper.java
===================================================================
---
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/Helper.java 2014-02-14
12:43:48 UTC (rev 18369)
+++
stack/cxf/branches/jaspi/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/Helper.java 2014-02-14
13:44:38 UTC (rev 18370)
@@ -29,7 +29,7 @@
import org.apache.cxf.ws.security.SecurityConstants;
import org.jboss.ws.api.configuration.ClientConfigUtil;
-import org.jboss.wsf.stack.cxf.client.jaspi.module.SOAPClientAuthModule;
+import org.jboss.wsf.stack.cxf.jaspi.client.module.SOAPClientAuthModule;
import org.jboss.wsf.test.ClientHelper;
public class Helper implements ClientHelper
4291
days inactive
4291
days old
jbossws-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
jbossws-commits@lists.jboss.org