Author: darran.lofthouse(a)jboss.com
Date: 2010-06-18 09:39:22 -0400 (Fri, 18 Jun 2010)
New Revision: 12505
Added:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
Removed:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Constants.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Util.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/element/UsernameToken.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/Username.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/schema/jboss-ws-security_1_0.xsd
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java
Log:
[JBPAPP-4447] Add support for password digest + nonces
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/ant-import-tests/build-jars-jaxws.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -552,6 +552,25 @@
</webinf>
</war>
+ <!-- jaxws-jbws1988 -->
+ <jar destfile="${tests.output.dir}/libs/jaxws-jbws1988.jar">
+ <fileset dir="${tests.output.dir}/classes">
+ <include name="org/jboss/test/ws/jaxws/jbws1988/*.class"/>
+ <exclude
name="org/jboss/test/ws/jaxws/jbws1988/*TestCase.class"/>
+ </fileset>
+ <metainf
dir="${tests.output.dir}/resources/jaxws/jbws1988/META-INF">
+ <include name="jboss-wsse-server.xml"/>
+ </metainf>
+ </jar>
+ <jar jarfile="${tests.output.dir}/libs/jaxws-jbws1988.sar">
+ <metainf
dir="${tests.output.dir}/resources/jaxws/jbws1988/META-INF">
+ <include name="jboss-service.xml"/>
+ <include name="login-config.xml"/>
+ <include name="jbossws-users.properties"/>
+ <include name="jbossws-roles.properties"/>
+ </metainf>
+ </jar>
+
<!-- jaxws-jbws1999 -->
<war warfile="${tests.output.dir}/libs/jaxws-jbws1999.war"
webxml="${tests.output.dir}/resources/jaxws/jbws1999/WEB-INF/web.xml">
<classes dir="${tests.output.dir}/classes">
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -25,6 +25,7 @@
import java.util.Stack;
+import org.jboss.security.auth.callback.CallbackHandlerPolicyContextHandler;
import org.jboss.ws.core.CommonMessageContext;
import org.jboss.ws.extensions.security.SecurityStore;
@@ -47,7 +48,7 @@
* @see org.jboss.ws.extensions.security.STRTransform
*/
private static ThreadLocal<SecurityStore> strTransformAssoc = new
ThreadLocal<SecurityStore>();
-
+
public static ThreadLocal<Stack<CommonMessageContext>>
localMsgContextAssoc()
{
return msgContextAssoc;
@@ -57,10 +58,15 @@
{
return strTransformAssoc;
}
-
+
public static void clear()
{
msgContextAssoc.remove();
strTransformAssoc.remove();
+ //This removes a custom callback security handler that might have
+ //been set if using UsernameTokenProfile with digest; doing this
+ //here won't be required anymore once our custom security manager
+ //will be used in our wsse implementation.
+ CallbackHandlerPolicyContextHandler.setCallbackHandler(null);
}
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Constants.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Constants.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Constants.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -57,6 +57,10 @@
public static final String WSU_ID = WSU_PREFIX + ":" + ID;
public static final String BASE64_ENCODING_TYPE = WSS_SOAP_NS +
"#Base64Binary";
+
+ public static final String PASSWORD_TEXT_TYPE = WSSE_NS + "#PasswordText";
+
+ public static final String PASSWORD_DIGEST_TYPE = WSSE_NS +
"#PasswordDigest";
public static final String WSSE_HEADER = WSSE_PREFIX + ":Security";
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -35,5 +35,5 @@
*/
public interface EncodingOperation extends Operation
{
- public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException;
+ public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, boolean digest, boolean useNonce, boolean useTimestamp)
throws WSSecurityException;
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -125,7 +125,7 @@
}
}
- public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException
+ public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, boolean digest, boolean useNonce, boolean useTimestamp)
throws WSSecurityException
{
if (! algorithms.containsKey(algorithm))
algorithm = DEFAULT_ALGORITHM;
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -39,15 +39,29 @@
private String credential;
private String algorithm;
+
+ private boolean digest;
+
+ private boolean useNonce;
+
+ private boolean useTimestamp;
- public OperationDescription(Class<? extends T> operation, List<Target>
targets, String certicateAlias, String credential, String algorithm)
+ public OperationDescription(Class<? extends T> operation, List<Target>
targets, String certicateAlias, String credential, String algorithm, boolean digest,
boolean useNonce, boolean useTimestamp)
{
this.operation = operation;
this.targets = targets;
this.certificateAlias = certicateAlias;
this.credential = credential;
this.algorithm = algorithm;
+ this.digest = digest;
+ this.useNonce = useNonce;
+ this.useTimestamp = useTimestamp;
}
+
+ public OperationDescription(Class<? extends T> operation, List<Target>
targets, String certicateAlias, String credential, String algorithm)
+ {
+ this(operation, targets, certicateAlias, credential, algorithm, false, false,
false);
+ }
public Class<? extends T> getOperation()
{
@@ -102,4 +116,34 @@
this.algorithm = algorithm;
}
+ public boolean isDigest()
+ {
+ return digest;
+ }
+
+ public void setDigest(boolean digest)
+ {
+ this.digest = digest;
+ }
+
+ public boolean isUseNonce()
+ {
+ return useNonce;
+ }
+
+ public void setUseNonce(boolean useNonce)
+ {
+ this.useNonce = useNonce;
+ }
+
+ public boolean isUseTimestamp()
+ {
+ return useTimestamp;
+ }
+
+ public void setUseTimestamp(boolean useTimestamp)
+ {
+ this.useTimestamp = useTimestamp;
+ }
+
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -23,37 +23,78 @@
// $Id$
+import java.util.Calendar;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.jboss.security.auth.callback.CallbackHandlerPolicyContextHandler;
+import org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallbackHandler;
import org.jboss.ws.extensions.security.element.SecurityHeader;
import org.jboss.ws.extensions.security.element.Token;
import org.jboss.ws.extensions.security.element.UsernameToken;
+import org.jboss.ws.extensions.security.nonce.NonceStore;
import org.jboss.wsf.spi.SPIProvider;
import org.jboss.wsf.spi.SPIProviderResolver;
import org.jboss.wsf.spi.invocation.SecurityAdaptor;
import org.jboss.wsf.spi.invocation.SecurityAdaptorFactory;
+import org.jboss.xb.binding.SimpleTypeBindings;
import org.w3c.dom.Document;
public class ReceiveUsernameOperation implements TokenOperation
{
private SecurityHeader header;
private SecurityStore store;
+ private NonceStore nonceStore;
+ private static final int TIMESTAMP_FRESHNESS_THRESHOLD = 300;
private SecurityAdaptorFactory secAdapterfactory;
- public ReceiveUsernameOperation(SecurityHeader header, SecurityStore store)
+ public ReceiveUsernameOperation(SecurityHeader header, SecurityStore store, NonceStore
nonceStore)
{
this.header = header;
this.store = store;
+ this.nonceStore = nonceStore;
SPIProvider spiProvider = SPIProviderResolver.getInstance().getProvider();
secAdapterfactory = spiProvider.getSPI(SecurityAdaptorFactory.class);
}
+
+ public ReceiveUsernameOperation(SecurityHeader header, SecurityStore store)
+ {
+ this(header, store, null);
+ }
public void process(Document message, Token token) throws WSSecurityException
{
UsernameToken user = (UsernameToken)token;
SecurityAdaptor securityAdaptor = secAdapterfactory.newSecurityAdapter();
+ if (user.isDigest())
+ {
+ verifyUsernameToken(user);
+ CallbackHandler handler = new UsernameTokenCallbackHandler(user.getNonce(),
user.getCreated());
+ CallbackHandlerPolicyContextHandler.setCallbackHandler(handler);
+ }
securityAdaptor.setPrincipal(new SimplePrincipal(user.getUsername()));
securityAdaptor.setCredential(user.getPassword());
}
+
+ private void verifyUsernameToken(UsernameToken token) throws WSSecurityException
+ {
+ if (token.getCreated() != null)
+ {
+ Calendar cal = SimpleTypeBindings.unmarshalDateTime(token.getCreated());
+ Calendar ref = Calendar.getInstance();
+ ref.add(Calendar.SECOND, -TIMESTAMP_FRESHNESS_THRESHOLD);
+ if (ref.after(cal))
+ throw new WSSecurityException("Request rejected since a stale timestamp
has been provided: " + token.getCreated());
+ }
+ String nonce = token.getNonce();
+ if (nonce != null)
+ {
+ if (nonceStore.hasNonce(nonce))
+ throw new WSSecurityException("Request rejected since a message with the
same nonce has been recently received; nonce = " + nonce);
+ nonceStore.putNonce(nonce);
+ }
+ }
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -34,6 +34,7 @@
import org.jboss.ws.extensions.security.element.Timestamp;
import org.jboss.ws.extensions.security.element.Token;
import org.jboss.ws.extensions.security.element.UsernameToken;
+import org.jboss.ws.extensions.security.nonce.NonceFactory;
import org.jboss.ws.metadata.wsse.Authenticate;
import org.jboss.ws.metadata.wsse.TimestampVerification;
import org.w3c.dom.Document;
@@ -54,6 +55,8 @@
private SecurityHeader header;
private Document message;
+
+ private NonceFactory nonceFactory;
private SecurityStore store;
@@ -65,10 +68,12 @@
private HashSet<String> encryptedIds = new HashSet<String>();
- public SecurityDecoder(SecurityStore store, TimestampVerification
timestampVerification, Authenticate authenticate)
+
+ public SecurityDecoder(SecurityStore store, NonceFactory nonceFactory,
TimestampVerification timestampVerification, Authenticate authenticate)
{
org.apache.xml.security.Init.init();
this.store = store;
+ this.nonceFactory = nonceFactory;
this.timestampVerification = timestampVerification;
this.authenticate = authenticate;
}
@@ -80,10 +85,9 @@
* @param SecurityStore the security store that contains key and trust information
* @param now The timestamp to use as the current time when validating a message
expiration
*/
-
- public SecurityDecoder(SecurityStore store, Calendar now, TimestampVerification
timestampVerification, Authenticate authenticate)
+ public SecurityDecoder(SecurityStore store, Calendar now, NonceFactory nonceFactory,
TimestampVerification timestampVerification, Authenticate authenticate)
{
- this(store, timestampVerification, authenticate);
+ this(store, nonceFactory, timestampVerification, authenticate);
this.now = now;
}
@@ -117,8 +121,8 @@
for (Token token : header.getTokens())
{
if (token instanceof UsernameToken)
- new ReceiveUsernameOperation(header, store).process(message, token);
- }
+ new ReceiveUsernameOperation(header, store, (nonceFactory != null ?
nonceFactory.getStore() : null)).process(message, token);
+ }
}
signedIds.clear();
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -79,7 +79,7 @@
throw new WSSecurityException("Error constructing operation: " +
op.getOperation());
}
- operation.process(message, op.getTargets(), op.getCertificateAlias(),
op.getCredential(), op.getAlgorithm());
+ operation.process(message, op.getTargets(), op.getCertificateAlias(),
op.getCredential(), op.getAlgorithm(), op.isDigest(), op.isUseNonce(),
op.isUseTimestamp());
}
attachHeader(header, message);
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -51,6 +51,7 @@
import java.util.StringTokenizer;
import org.jboss.logging.Logger;
+import org.jboss.ws.extensions.security.nonce.NonceGenerator;
/**
* <code>SecurityStore</code> holds and loads the keystore and truststore
required for encyption and signing.
@@ -73,6 +74,8 @@
private HashMap<String, String> keyPasswords;
+ private NonceGenerator nonceGenerator;
+
public SecurityStore() throws WSSecurityException
{
this(null, null, null, null, null, null, null);
@@ -80,17 +83,30 @@
public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords) throws WSSecurityException
{
+ this(keyStoreURL, keyStoreType, keyStorePassword, keyPasswords, null);
+ }
+
+ public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords, NonceGenerator nonceGenerator) throws
WSSecurityException
+ {
loadKeyStore(keyStoreURL, keyStoreType, keyStorePassword);
loadTrustStore(keyStoreURL, keyStoreType, keyStorePassword);
this.keyPasswords = keyPasswords;
+ this.nonceGenerator = nonceGenerator;
}
public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords, URL trustStoreURL, String trustStoreType,
String trustStorePassword)
+ throws WSSecurityException
+ {
+ this(keyStoreURL, keyStoreType, keyStorePassword, keyPasswords, trustStoreURL,
trustStoreType, trustStorePassword, null);
+ }
+
+ public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords, URL trustStoreURL, String trustStoreType,
String trustStorePassword, NonceGenerator nonceGenerator)
throws WSSecurityException
{
loadKeyStore(keyStoreURL, keyStoreType, keyStorePassword);
loadTrustStore(trustStoreURL, trustStoreType, trustStorePassword);
this.keyPasswords = keyPasswords;
+ this.nonceGenerator = nonceGenerator;
}
private void loadKeyStore(URL keyStoreURL, String keyStoreType, String
keyStorePassword) throws WSSecurityException
@@ -525,4 +541,10 @@
throw new WSSecurityException("Problems setting up certificate
validation", e);
}
}
+
+ public NonceGenerator getNonceGenerator()
+ {
+ return nonceGenerator;
+ }
+
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -21,26 +21,86 @@
*/
package org.jboss.ws.extensions.security;
+//$Id$
+
+import java.security.MessageDigest;
+import java.util.Calendar;
+import java.util.GregorianCalendar;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+import java.util.TimeZone;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.Base64Encoder;
+import org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback;
+import org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallbackHandler;
import org.jboss.ws.extensions.security.element.SecurityHeader;
import org.jboss.ws.extensions.security.element.UsernameToken;
+import org.jboss.xb.binding.SimpleTypeBindings;
import org.w3c.dom.Document;
public class SendUsernameOperation implements EncodingOperation
{
+ private static Logger log = Logger.getLogger(SendUsernameOperation.class);
+
private SecurityHeader header;
private SecurityStore store;
-
+
public SendUsernameOperation(SecurityHeader header, SecurityStore store)
{
this.header = header;
this.store = store;
}
- public void process(Document message, List<Target> targets, String username,
String credential, String algorithm) throws WSSecurityException
+ public void process(Document message, List<Target> targets, String username,
String credential, String algorithm, boolean digest, boolean useNonce, boolean
useTimestamp) throws WSSecurityException
{
- header.addToken(new UsernameToken(username, credential, message));
+ String created = useTimestamp ? getCurrentTimestampAsString() : null;
+ String nonce = useNonce ? store.getNonceGenerator().generateNonce() : null;
+ String password = digest ? createPasswordDigest(nonce, created, credential) :
credential;
+ header.addToken(new UsernameToken(username, password, message, digest, nonce,
created));
}
+
+ private static String getCurrentTimestampAsString()
+ {
+ Calendar timestamp = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
+ return SimpleTypeBindings.marshalDateTime(timestamp);
+ }
+
+ /**
+ * Calculate the password digest using a MessageDigest and the
UsernameTokenCallback/CallbackHandler
+ */
+ @SuppressWarnings("unchecked")
+ public static String createPasswordDigest(String nonce, String created, String
password)
+ {
+ String passwordHash = null;
+ try
+ {
+ // convert password to byte data
+ byte[] passBytes = password.getBytes("UTF-8");
+ // prepare the username token digest callback
+ UsernameTokenCallback callback = new UsernameTokenCallback();
+ Map options = new HashMap();
+ callback.init(options);
+ // add the username token callback handler to provide the parameters
+ CallbackHandler handler = new UsernameTokenCallbackHandler(nonce, created);
+ handler.handle((Callback[])options.get("callbacks"));
+ // calculate the hash and apply the encoding.
+ MessageDigest md = MessageDigest.getInstance("SHA");
+ callback.preDigest(md);
+ md.update(passBytes);
+ callback.postDigest(md);
+ byte[] hash = md.digest();
+ passwordHash = Base64Encoder.encode(hash);
+ }
+ catch(Exception e)
+ {
+ log.error("Password hash calculation failed ", e);
+ }
+ return passwordHash;
+ }
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -119,7 +119,7 @@
}
}
- public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException
+ public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, boolean digest, boolean useNonce, boolean useTimestamp)
throws WSSecurityException
{
Element envelope = message.getDocumentElement();
XMLSignature sig;
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -39,7 +39,7 @@
this.store = store;
}
- public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException
+ public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, boolean digest, boolean useNonce, boolean useTimestamp)
throws WSSecurityException
{
Integer ttl = null;
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Util.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Util.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/Util.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -21,11 +21,14 @@
*/
package org.jboss.ws.extensions.security;
+//$Id$
+
import java.util.ArrayList;
import java.util.List;
import javax.xml.namespace.QName;
+import org.jboss.ws.WSException;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -36,7 +39,7 @@
public class Util
{
public static int count = 0;
-
+
public static String assignWsuId(Element element)
{
String id = element.getAttributeNS(Constants.WSU_NS, Constants.ID);
@@ -214,4 +217,22 @@
return id.toString();
}
+
+ @SuppressWarnings("unchecked")
+ public static <T> T loadFactory(Class<T> factoryType, String
factoryClassName, Class<? extends T> defaultFactoryClassName)
+ {
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ String name = factoryClassName != null ? factoryClassName :
System.getProperty(factoryType.getName());
+ if (name == null)
+ name = defaultFactoryClassName.getName();
+ try
+ {
+ Class<T> cl = (Class<T>)loader.loadClass(name);
+ return cl.newInstance();
+ }
+ catch (Exception e)
+ {
+ throw new WSException(e);
+ }
+ }
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -41,6 +41,9 @@
import org.jboss.ws.core.StubExt;
import org.jboss.ws.core.soap.MessageContextAssociation;
import org.jboss.ws.core.soap.SOAPMessageImpl;
+import org.jboss.ws.extensions.security.nonce.DefaultNonceFactory;
+import org.jboss.ws.extensions.security.nonce.NonceFactory;
+import org.jboss.ws.extensions.security.nonce.NonceGenerator;
import org.jboss.ws.metadata.umdm.EndpointMetaData;
import org.jboss.ws.metadata.umdm.OperationMetaData;
import org.jboss.ws.metadata.wsse.Authenticate;
@@ -55,6 +58,7 @@
import org.jboss.ws.metadata.wsse.Requires;
import org.jboss.ws.metadata.wsse.Sign;
import org.jboss.ws.metadata.wsse.Timestamp;
+import org.jboss.ws.metadata.wsse.Username;
import org.jboss.ws.metadata.wsse.WSSecurityConfiguration;
import org.jboss.wsf.common.DOMWriter;
import org.w3c.dom.Element;
@@ -175,7 +179,8 @@
{
SecurityStore securityStore = new SecurityStore(configuration.getKeyStoreURL(),
configuration.getKeyStoreType(), configuration.getKeyStorePassword(),
configuration.getKeyPasswords(), configuration.getTrustStoreURL(),
configuration.getTrustStoreType(), configuration.getTrustStorePassword());
-
+ NonceFactory factory = Util.loadFactory(NonceFactory.class,
configuration.getNonceFactory(), DefaultNonceFactory.class);
+
Authenticate authenticate = null;
if (operationConfig != null)
@@ -183,7 +188,7 @@
authenticate = operationConfig.getAuthenticate();
}
- SecurityDecoder decoder = new SecurityDecoder(securityStore,
configuration.getTimestampVerification(), authenticate);
+ SecurityDecoder decoder = new SecurityDecoder(securityStore, factory,
configuration.getTimestampVerification(), authenticate);
decoder.decode(message.getSOAPPart(), secHeaderElement);
@@ -310,7 +315,6 @@
//we fall back to the port wsse config (if available) or the default config.
Config portConfig = port.getDefaultConfig();
return (portConfig == null) ? configuration.getDefaultConfig() : portConfig;
-
}
return operation.getConfig();
}
@@ -380,7 +384,9 @@
operations.add(new
OperationDescription<EncodingOperation>(TimestampOperation.class, null, null,
timestamp.getTtl(), null));
}
- if (opConfig.getUsername() != null)
+ NonceGenerator nonceGenerator = null;
+ Username username = opConfig.getUsername();
+ if (username != null)
{
Object user = ctx.get(Stub.USERNAME_PROPERTY);
Object pass = ctx.get(Stub.PASSWORD_PROPERTY);
@@ -393,9 +399,12 @@
if (user != null && pass != null)
{
- operations.add(new
OperationDescription<EncodingOperation>(SendUsernameOperation.class, null,
user.toString(), pass.toString(), null));
+ operations.add(new
OperationDescription<EncodingOperation>(SendUsernameOperation.class, null,
user.toString(), pass.toString(), null,username.isDigestPassword(), username.isUseNonce(),
username.isUseCreated()));
ctx.put(StubExt.PROPERTY_AUTH_TYPE, StubExt.PROPERTY_AUTH_TYPE_WSSE);
}
+
+ NonceFactory factory = Util.loadFactory(NonceFactory.class,
config.getNonceFactory(), DefaultNonceFactory.class);
+ nonceGenerator = factory.getGenerator();
}
Sign sign = opConfig.getSign();
@@ -430,7 +439,7 @@
try
{
SecurityStore securityStore = new SecurityStore(config.getKeyStoreURL(),
config.getKeyStoreType(), config.getKeyStorePassword(), config.getKeyPasswords(),
- config.getTrustStoreURL(), config.getTrustStoreType(),
config.getTrustStorePassword());
+ config.getTrustStoreURL(), config.getTrustStoreType(),
config.getTrustStorePassword(), nonceGenerator);
SecurityEncoder encoder = new SecurityEncoder(operations, securityStore);
encoder.encode(soapMessage.getSOAPPart());
}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/auth)
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/auth/callback)
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,117 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.ws.extensions.security.auth.callback;
-
-//$Id$
-
-import java.io.UnsupportedEncodingException;
-import java.security.MessageDigest;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-
-import org.jboss.crypto.digest.DigestCallback;
-import org.jboss.security.Base64Encoder;
-import org.jboss.security.auth.callback.MapCallback;
-import org.jboss.util.Base64;
-import org.jboss.ws.WSException;
-
-/**
- * An implementation of DigestCallback that generates password
- * digests according to the UsernameTokenProfile 1.0 specification.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- *
- */
-public class UsernameTokenCallback implements DigestCallback
-{
- public static final String NONCE = "nonce";
- public static final String CREATED = "created";
-
- private MapCallback info;
-
- @SuppressWarnings("unchecked")
- public void init(Map options)
- {
- //System.out.println("Chiamato init!!!");
- // Ask for MapCallback to obtain the digest parameters
- info = new MapCallback();
- Callback[] callbacks = { info };
- options.put("callbacks", callbacks);
- }
-
- public void preDigest(MessageDigest digest)
- {
- //System.out.println("Chiamato pre!!!");
- try
- {
- String nonce = (String)info.getInfo(NONCE);
- if (nonce != null)
- {
- byte[] rawNonce = Base64.decode(nonce);
- digest.update(rawNonce);
- }
- String created = (String)info.getInfo(CREATED);
- if (created != null)
- digest.update(created.getBytes("UTF-8"));
- }
- catch (UnsupportedEncodingException e)
- {
- throw new WSException(e);
- }
- }
-
- public void postDigest(MessageDigest digest)
- {
-// System.out.println("Chiamato post!!!");
- }
-
- @SuppressWarnings("unchecked")
- public static void main(String[] args) throws Exception
- {
- if (args.length != 3)
- {
- System.err.println("Usage: UsernameTokenCallback nonce created
password");
- System.err.println(" - nonce : the nonce");
- System.err.println(" - created : the creation timestamp");
- System.err.println(" - password : the plain text password");
- System.exit(1);
- }
- String nonce = args[0];
- String created = args[1];
- String password = args[2];
-
- MessageDigest digest = MessageDigest.getInstance("SHA");
- UsernameTokenCallback utc = new UsernameTokenCallback();
- Map options = new HashMap();
- utc.init(options);
- CallbackHandler cbh = new UsernameTokenCallbackHandler(nonce, created);
- cbh.handle((Callback[])options.get("callbacks"));
- utc.preDigest(digest);
- byte[] result = digest.digest(password.getBytes("UTF-8"));
- System.out.println("UsernameToken password digest: " +
Base64Encoder.encode(result));
- }
-
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,117 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.extensions.security.auth.callback;
+
+//$Id$
+
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.jboss.crypto.digest.DigestCallback;
+import org.jboss.security.Base64Encoder;
+import org.jboss.security.auth.callback.MapCallback;
+import org.jboss.util.Base64;
+import org.jboss.ws.WSException;
+
+/**
+ * An implementation of DigestCallback that generates password
+ * digests according to the UsernameTokenProfile 1.0 specification.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public class UsernameTokenCallback implements DigestCallback
+{
+ public static final String NONCE = "nonce";
+ public static final String CREATED = "created";
+
+ private MapCallback info;
+
+ @SuppressWarnings("unchecked")
+ public void init(Map options)
+ {
+ //System.out.println("Chiamato init!!!");
+ // Ask for MapCallback to obtain the digest parameters
+ info = new MapCallback();
+ Callback[] callbacks = { info };
+ options.put("callbacks", callbacks);
+ }
+
+ public void preDigest(MessageDigest digest)
+ {
+ //System.out.println("Chiamato pre!!!");
+ try
+ {
+ String nonce = (String)info.getInfo(NONCE);
+ if (nonce != null)
+ {
+ byte[] rawNonce = Base64.decode(nonce);
+ digest.update(rawNonce);
+ }
+ String created = (String)info.getInfo(CREATED);
+ if (created != null)
+ digest.update(created.getBytes("UTF-8"));
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new WSException(e);
+ }
+ }
+
+ public void postDigest(MessageDigest digest)
+ {
+// System.out.println("Chiamato post!!!");
+ }
+
+ @SuppressWarnings("unchecked")
+ public static void main(String[] args) throws Exception
+ {
+ if (args.length != 3)
+ {
+ System.err.println("Usage: UsernameTokenCallback nonce created
password");
+ System.err.println(" - nonce : the nonce");
+ System.err.println(" - created : the creation timestamp");
+ System.err.println(" - password : the plain text password");
+ System.exit(1);
+ }
+ String nonce = args[0];
+ String created = args[1];
+ String password = args[2];
+
+ MessageDigest digest = MessageDigest.getInstance("SHA");
+ UsernameTokenCallback utc = new UsernameTokenCallback();
+ Map options = new HashMap();
+ utc.init(options);
+ CallbackHandler cbh = new UsernameTokenCallbackHandler(nonce, created);
+ cbh.handle((Callback[])options.get("callbacks"));
+ utc.preDigest(digest);
+ byte[] result = digest.digest(password.getBytes("UTF-8"));
+ System.out.println("UsernameToken password digest: " +
Base64Encoder.encode(result));
+ }
+
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,79 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.ws.extensions.security.auth.callback;
-
-//$Id$
-
-import java.io.IOException;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import org.jboss.security.auth.callback.MapCallback;
-
-/**
- * A callback handler to be used to pass parameters to the
- * UsernameTokenCallback.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- *
- */
-public class UsernameTokenCallbackHandler implements CallbackHandler
-{
- private String nonce;
- private String created;
-
- public UsernameTokenCallbackHandler(String nonce, String created)
- {
- this.created = created;
- this.nonce = nonce;
- }
-
- public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
- {
- boolean foundCallback = false;
- Callback firstUnknown = null;
- int count = callbacks != null ? callbacks.length : 0;
- for(int n = 0; n < count; n ++)
- {
- Callback c = callbacks[n];
- if( c instanceof MapCallback )
- {
- //set parameters to the MapCallback the UsernameTokenCallback
- //created and set up in the init method
- MapCallback mc = (MapCallback) c;
- mc.setInfo(UsernameTokenCallback.NONCE, nonce);
- mc.setInfo(UsernameTokenCallback.CREATED, created);
- foundCallback = true;
- }
- else if( firstUnknown == null )
- {
- firstUnknown = c;
- }
- }
- if( foundCallback == false )
- throw new UnsupportedCallbackException(firstUnknown, "Unrecognized
Callback");
- }
-
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallbackHandler.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,79 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.ws.extensions.security.auth.callback;
+
+//$Id$
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.jboss.security.auth.callback.MapCallback;
+
+/**
+ * A callback handler to be used to pass parameters to the
+ * UsernameTokenCallback.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public class UsernameTokenCallbackHandler implements CallbackHandler
+{
+ private String nonce;
+ private String created;
+
+ public UsernameTokenCallbackHandler(String nonce, String created)
+ {
+ this.created = created;
+ this.nonce = nonce;
+ }
+
+ public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
+ {
+ boolean foundCallback = false;
+ Callback firstUnknown = null;
+ int count = callbacks != null ? callbacks.length : 0;
+ for(int n = 0; n < count; n ++)
+ {
+ Callback c = callbacks[n];
+ if( c instanceof MapCallback )
+ {
+ //set parameters to the MapCallback the UsernameTokenCallback
+ //created and set up in the init method
+ MapCallback mc = (MapCallback) c;
+ mc.setInfo(UsernameTokenCallback.NONCE, nonce);
+ mc.setInfo(UsernameTokenCallback.CREATED, created);
+ foundCallback = true;
+ }
+ else if( firstUnknown == null )
+ {
+ firstUnknown = c;
+ }
+ }
+ if( foundCallback == false )
+ throw new UnsupportedCallbackException(firstUnknown, "Unrecognized
Callback");
+ }
+
+}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/element/UsernameToken.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/element/UsernameToken.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/element/UsernameToken.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -21,10 +21,15 @@
*/
package org.jboss.ws.extensions.security.element;
+import java.util.Iterator;
+
+import javax.xml.namespace.QName;
+
import org.apache.xml.security.utils.XMLUtils;
import org.jboss.ws.extensions.security.Constants;
import org.jboss.ws.extensions.security.Util;
import org.jboss.ws.extensions.security.WSSecurityException;
+import org.jboss.wsf.common.DOMUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -38,6 +43,12 @@
private String username;
private String password;
+
+ private boolean digest;
+
+ private String nonce;
+
+ private String created;
private Document doc;
@@ -45,13 +56,17 @@
private Element cachedElement;
- public UsernameToken(String username, String password, Document doc)
+ public UsernameToken(String username, String password, Document doc, boolean digest,
String nonce, String created)
{
this.username = username;
this.password = password;
this.doc = doc;
+ this.digest = digest;
+ this.nonce = nonce;
+ this.created = created;
}
+ @SuppressWarnings("unchecked")
public UsernameToken(Element element) throws WSSecurityException
{
this.doc = element.getOwnerDocument();
@@ -70,6 +85,24 @@
throw new WSSecurityException("Password child expected in UsernameToken
element");
this.password = XMLUtils.getFullTextChildrenFromElement(child);
+ String passwordType = child.getAttribute("Type");
+ this.digest = Constants.PASSWORD_DIGEST_TYPE.equals(passwordType);
+
+ Iterator<Element> itNonce = DOMUtils.getChildElements(element, new
QName(Constants.WSSE_NS, "Nonce"));
+ if (itNonce != null && itNonce.hasNext())
+ {
+ Element elem = itNonce.next();
+ String encodingType = elem.getAttribute("EncodingType");
+ if (encodingType != null &&
!Constants.BASE64_ENCODING_TYPE.equalsIgnoreCase(encodingType))
+ throw new WSSecurityException("Unsupported nonce encoding type: " +
encodingType);
+ this.nonce = XMLUtils.getFullTextChildrenFromElement(elem);
+ }
+
+ Iterator<Element> itCreated = DOMUtils.getChildElements(element, new
QName(Constants.WSSE_NS, "Created"));
+ if (itCreated != null && itCreated.hasNext())
+ {
+ this.created = XMLUtils.getFullTextChildrenFromElement(itCreated.next());
+ }
}
public String getId()
@@ -119,8 +152,24 @@
element.appendChild(child);
child = doc.createElementNS(Constants.WSSE_NS, Constants.WSSE_PREFIX +
":" + "Password");
child.appendChild(doc.createTextNode(password));
+ child.setAttribute("Type", digest ? Constants.PASSWORD_DIGEST_TYPE :
Constants.PASSWORD_TEXT_TYPE);
element.appendChild(child);
-
+ if (digest)
+ {
+ if (nonce != null)
+ {
+ child = doc.createElementNS(Constants.WSSE_NS, Constants.WSSE_PREFIX +
":" + "Nonce");
+ child.appendChild(doc.createTextNode(nonce));
+ child.setAttribute("EncodingType",
Constants.BASE64_ENCODING_TYPE);
+ element.appendChild(child);
+ }
+ if (created != null)
+ {
+ child = doc.createElementNS(Constants.WSSE_NS, Constants.WSSE_PREFIX +
":" + "Created");
+ child.appendChild(doc.createTextNode(created));
+ element.appendChild(child);
+ }
+ }
cachedElement = element;
return cachedElement;
}
@@ -129,4 +178,19 @@
{
return null;
}
+
+ public boolean isDigest()
+ {
+ return digest;
+ }
+
+ public String getNonce()
+ {
+ return nonce;
+ }
+
+ public String getCreated()
+ {
+ return created;
+ }
}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce)
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,45 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * The default nonce factory
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- */
-public class DefaultNonceFactory implements NonceFactory
-{
-
- public NonceGenerator getGenerator()
- {
- return new DefaultNonceGenerator();
- }
-
- public NonceStore getStore()
- {
- return new DummyNonceStore();
- }
-
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,45 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * The default nonce factory
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ */
+public class DefaultNonceFactory implements NonceFactory
+{
+
+ public NonceGenerator getGenerator()
+ {
+ return new DefaultNonceGenerator();
+ }
+
+ public NonceStore getStore()
+ {
+ return new DummyNonceStore();
+ }
+
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,60 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-
-import org.jboss.util.Base64;
-
-/**
- * A simple nonce generator using a SecureRandom instance.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- */
-public class DefaultNonceGenerator implements NonceGenerator
-{
- private static SecureRandom pseudoRng;
-
- static
- {
- try
- {
- pseudoRng = SecureRandom.getInstance("SHA1PRNG");
- pseudoRng.setSeed(System.currentTimeMillis());
- }
- catch (NoSuchAlgorithmException e)
- {
- }
- }
-
- public String generateNonce()
- {
- byte[] bytes = new byte[32];
- pseudoRng.nextBytes(bytes);
- return Base64.encodeBytes(bytes);
- }
-
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,60 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import org.jboss.util.Base64;
+
+/**
+ * A simple nonce generator using a SecureRandom instance.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ */
+public class DefaultNonceGenerator implements NonceGenerator
+{
+ private static SecureRandom pseudoRng;
+
+ static
+ {
+ try
+ {
+ pseudoRng = SecureRandom.getInstance("SHA1PRNG");
+ pseudoRng.setSeed(System.currentTimeMillis());
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ }
+ }
+
+ public String generateNonce()
+ {
+ byte[] bytes = new byte[32];
+ pseudoRng.nextBytes(bytes);
+ return Base64.encodeBytes(bytes);
+ }
+
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,47 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-import org.jboss.logging.Logger;
-
-//$Id$
-
-/**
- * A dummy nonce store providing no actual
- * security increase against replay attacks.
- *
- * @author alessio.soldano(a)jboss.com
- */
-public class DummyNonceStore implements NonceStore
-{
-
- public boolean hasNonce(String nonce)
- {
- return false;
- }
-
- public void putNonce(String nonce)
- {
- Logger.getLogger(this.getClass()).warn("Please consider using a real nonce
store to increase security against replay attacks.");
- }
-
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,47 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+import org.jboss.logging.Logger;
+
+//$Id$
+
+/**
+ * A dummy nonce store providing no actual
+ * security increase against replay attacks.
+ *
+ * @author alessio.soldano(a)jboss.com
+ */
+public class DummyNonceStore implements NonceStore
+{
+
+ public boolean hasNonce(String nonce)
+ {
+ return false;
+ }
+
+ public void putNonce(String nonce)
+ {
+ Logger.getLogger(this.getClass()).warn("Please consider using a real nonce
store to increase security against replay attacks.");
+ }
+
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,38 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * Generic interface for a factory of nonce generator and nonce store.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- *
- */
-public interface NonceFactory
-{
- public NonceGenerator getGenerator();
-
- public NonceStore getStore();
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,38 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * Generic interface for a factory of nonce generator and nonce store.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public interface NonceFactory
+{
+ public NonceGenerator getGenerator();
+
+ public NonceStore getStore();
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,35 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * Simple interface for a generator of nonces.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- */
-public interface NonceGenerator
-{
- public String generateNonce();
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,35 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * Simple interface for a generator of nonces.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ */
+public interface NonceGenerator
+{
+ public String generateNonce();
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,49 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * A nonce store collects recently used nonces.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- *
- */
-public interface NonceStore
-{
- /**
- * Checks whether the store contains the provided nonce.
- *
- * @param nonce
- * @return True if the provided nonce has been recently put in the store
- */
- public boolean hasNonce(String nonce);
-
- /**
- * Put the given nonce in the store.
- *
- * @param nonce
- */
- public void putNonce(String nonce);
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,49 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * A nonce store collects recently used nonces.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public interface NonceStore
+{
+ /**
+ * Checks whether the store contains the provided nonce.
+ *
+ * @param nonce
+ * @return True if the provided nonce has been recently put in the store
+ */
+ public boolean hasNonce(String nonce);
+
+ /**
+ * Put the given nonce in the store.
+ *
+ * @param nonce
+ */
+ public void putNonce(String nonce);
+}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/Username.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/Username.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/Username.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -27,4 +27,32 @@
public class Username implements Serializable
{
private static final long serialVersionUID = 8273360977250180943L;
+
+ private boolean digestPassword;
+
+ private boolean useNonce;
+
+ private boolean useCreated;
+
+ public Username(boolean digestPassword, boolean useNonce, boolean useCreated)
+ {
+ this.digestPassword = digestPassword;
+ this.useNonce = useNonce;
+ this.useCreated = useCreated;
+ }
+
+ public boolean isDigestPassword()
+ {
+ return digestPassword;
+ }
+
+ public boolean isUseNonce()
+ {
+ return useNonce;
+ }
+
+ public boolean isUseCreated()
+ {
+ return useCreated;
+ }
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -47,6 +47,7 @@
private String trustStorePassword;
private HashMap<String, String> keyPasswords = new HashMap<String,
String>();
private TimestampVerification timestampVerification;
+ private String nonceFactory;
public WSSecurityConfiguration()
{
@@ -177,4 +178,14 @@
this.timestampVerification = timestampVerification;
}
+ public String getNonceFactory()
+ {
+ return nonceFactory;
+ }
+
+ public void setNonceFactory(String nonceFactory)
+ {
+ this.nonceFactory = nonceFactory;
+ }
+
}
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -51,7 +51,7 @@
public static String CLIENT_RESOURCE_NAME = "jboss-wsse-client.xml";
- private static HashMap options = new HashMap(6);
+ private static HashMap options = new HashMap(7);
static
{
@@ -61,6 +61,7 @@
options.put("trust-store-file", "setTrustStoreFile");
options.put("trust-store-type", "setTrustStoreType");
options.put("trust-store-password", "setTrustStorePassword");
+ options.put("nonce-factory-class", "setNonceFactory");
}
// provide logging
@@ -147,7 +148,7 @@
if (method == null)
return;
- // Dispatch to propper initializer
+ // Dispatch to proper initializer
try
{
WSSecurityConfiguration.class.getMethod(method, new Class[] { String.class
}).invoke(configuration, new Object[] { value });
@@ -282,7 +283,25 @@
}
else if ("username".equals(localName))
{
- return new Username();
+ //By default, we do not use password digest
+ Boolean digestPassword = new Boolean(false);
+ String digestPasswordAttr = attrs.getValue("",
"digestPassword");
+ if (digestPasswordAttr != null)
+ digestPassword =
(Boolean)SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME,
digestPasswordAttr, null);
+
+ //if password digest is enabled, we use nonces by default
+ Boolean useNonce = new Boolean(true);
+ String useNonceAttr = attrs.getValue("", "useNonce");
+ if (useNonceAttr != null)
+ useNonce =
(Boolean)SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, useNonceAttr,
null);
+
+ //if password digest is enabled, we use the created element by default
+ Boolean useCreated = new Boolean(true);
+ String useCreatedAttr = attrs.getValue("", "useCreated");
+ if (useCreatedAttr != null)
+ useCreated =
(Boolean)SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, useCreatedAttr,
null);
+
+ return new Username(digestPassword, useNonce, useCreated);
}
else if ("authenticate".equals(localName))
{
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/schema/jboss-ws-security_1_0.xsd
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/schema/jboss-ws-security_1_0.xsd 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/schema/jboss-ws-security_1_0.xsd 2010-06-18
13:39:22 UTC (rev 12505)
@@ -53,6 +53,11 @@
<xs:documentation>The WSDL port.</xs:documentation>
</xs:annotation>
</xs:element>
+ <xs:element name="nonce-factory-class" type="xs:string"
minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>This specifies the nonce factory class name. It is
used to get the custom generator and store of nonces.</xs:documentation>
+ </xs:annotation>
+ </xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
@@ -187,7 +192,21 @@
</xs:attribute>
</xs:complexType>
<xs:complexType name="usernameType">
- <xs:sequence/>
+ <xs:attribute name="digestPassword" type="xs:boolean"
use="optional">
+ <xs:annotation>
+ <xs:documentation>If true a password digest will be used as password
element. The default is false.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="useNonce" type="xs:boolean"
use="optional">
+ <xs:annotation>
+ <xs:documentation>Enables/disables nonce usage in the password digest. The
default is true.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="useCreated" type="xs:boolean"
use="optional">
+ <xs:annotation>
+ <xs:documentation>Enables/disables usage of the Created element in the
password digest. The default is true.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
</xs:complexType>
<xs:complexType name="encryptType">
<xs:sequence>
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -95,7 +95,7 @@
cal.set(Calendar.MINUTE, 22);
cal.set(Calendar.SECOND, 25);
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null,
null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null, null,
null);
decoder.decode(soapEnv.getOwnerDocument());
decoder.complete();
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -55,7 +55,7 @@
/**
* Simple WS-Security round trip test
- *
+ *
* @author <a href="mailto:jason.greene@jboss.com>Jason T. Greene</a>
*/
public class RoundTripTestCase extends JBossWSTest
@@ -92,7 +92,7 @@
env = soapMsg.getSOAPPart().getEnvelope();
doc = env.getOwnerDocument();
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), null, null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), null, null,
null);
decoder.decode(doc);
decoder.verify(buildRequireOperations());
@@ -105,8 +105,6 @@
assertEquals(inputString, DOMWriter.printNode(doc, true));
}
- // WS-Security leaves wsu:id attributes arround on elements which are not cleaned
- // up due to performance reasons. This, however, breaks comparisons, so we manually
// fix this for tests.
private void cleanupWsuIds(Element element)
{
@@ -160,7 +158,7 @@
name = new QName("http://org.jboss.ws/2004", "someHeader");
target = new QNameTarget(name);
targets.add(target);
- //targets.add(new WsuIdTarget("timestamp"));
+ // targets.add(new WsuIdTarget("timestamp"));
LinkedList operations = new LinkedList();
operations.add(new OperationDescription(RequireSignatureOperation.class, targets,
null, null, null));
operations.add(new OperationDescription(RequireEncryptionOperation.class, targets,
null, null, null));
Modified:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java 2010-06-18
13:23:26 UTC (rev 12504)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -72,7 +72,7 @@
cal.set(Calendar.MINUTE, 32);
cal.set(Calendar.SECOND, 25);
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null,
null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null, null,
null);
decoder.decode(doc);
decoder.complete();
@@ -107,7 +107,7 @@
cal.set(Calendar.MINUTE, 8);
cal.set(Calendar.SECOND, 40);
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null,
null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null, null,
null);
decoder.decode(doc);
decoder.complete();
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988)
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,69 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.jbws1988;
-
-import org.jboss.ws.extensions.security.SendUsernameOperation;
-import org.jboss.wsf.test.JBossWSTest;
-
-/**
- * Black box tests of the username token profile digest algorithm
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- */
-public class DigestTestCase extends JBossWSTest
-{
- public void testWithNonceAndCreated() throws Exception
- {
- String password = "taadtaadpstcsm";
- String nonce = "d36e316282959a9ed4c89851497a717f";
- String created = "2003-12-15T14:43:07Z";
- String expectedDigest = "0WSAldY9ogqqVyQo7ubbZxxFU/s=";
- String digest = SendUsernameOperation.createPasswordDigest(nonce, created,
password);
- assertEquals(expectedDigest, digest);
-
- password = "therealfrog";
- nonce = "gHGIdDEWjX1Ay/LiVd3qJ1ua8VbjXis8CJwNDQh1ySA=";
- created = "2008-03-12T17:12:31.310Z";
- expectedDigest = "gx8TcJ9VG2hOFC6ZFmNi/JI2rh4=";
- digest = SendUsernameOperation.createPasswordDigest(nonce, created, password);
- assertEquals(expectedDigest, digest);
- }
-
- public void testWithNonce() throws Exception
- {
- String password = "therealfrog";
- String nonce = "gHGIdDEWjX1Ay/LiVd3qJ1ua8VbjXis8CJwNDQh1ySA=";
- String expectedDigest = "MBqDfskkdh3eEtRlLdkWa79+w58=";
- String digest = SendUsernameOperation.createPasswordDigest(nonce, null, password);
- assertEquals(expectedDigest, digest);
- }
-
- public void testWithCreated() throws Exception
- {
- String password = "therealfrog";
- String created = "2008-03-12T17:12:31.310Z";
- String expectedDigest = "fwt4eF/AjmE0mvY1gI4hkAiSIbk=";
- String digest = SendUsernameOperation.createPasswordDigest(null, created,
password);
- assertEquals(expectedDigest, digest);
- }
-}
\ No newline at end of file
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,69 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.jbws1988;
+
+import org.jboss.ws.extensions.security.SendUsernameOperation;
+import org.jboss.wsf.test.JBossWSTest;
+
+/**
+ * Black box tests of the username token profile digest algorithm
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ */
+public class DigestTestCase extends JBossWSTest
+{
+ public void testWithNonceAndCreated() throws Exception
+ {
+ String password = "taadtaadpstcsm";
+ String nonce = "d36e316282959a9ed4c89851497a717f";
+ String created = "2003-12-15T14:43:07Z";
+ String expectedDigest = "0WSAldY9ogqqVyQo7ubbZxxFU/s=";
+ String digest = SendUsernameOperation.createPasswordDigest(nonce, created,
password);
+ assertEquals(expectedDigest, digest);
+
+ password = "therealfrog";
+ nonce = "gHGIdDEWjX1Ay/LiVd3qJ1ua8VbjXis8CJwNDQh1ySA=";
+ created = "2008-03-12T17:12:31.310Z";
+ expectedDigest = "gx8TcJ9VG2hOFC6ZFmNi/JI2rh4=";
+ digest = SendUsernameOperation.createPasswordDigest(nonce, created, password);
+ assertEquals(expectedDigest, digest);
+ }
+
+ public void testWithNonce() throws Exception
+ {
+ String password = "therealfrog";
+ String nonce = "gHGIdDEWjX1Ay/LiVd3qJ1ua8VbjXis8CJwNDQh1ySA=";
+ String expectedDigest = "MBqDfskkdh3eEtRlLdkWa79+w58=";
+ String digest = SendUsernameOperation.createPasswordDigest(nonce, null, password);
+ assertEquals(expectedDigest, digest);
+ }
+
+ public void testWithCreated() throws Exception
+ {
+ String password = "therealfrog";
+ String created = "2008-03-12T17:12:31.310Z";
+ String expectedDigest = "fwt4eF/AjmE0mvY1gI4hkAiSIbk=";
+ String digest = SendUsernameOperation.createPasswordDigest(null, created,
password);
+ assertEquals(expectedDigest, digest);
+ }
+}
\ No newline at end of file
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,34 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.jbws1988;
-
-import javax.jws.WebMethod;
-import javax.jws.WebService;
-import javax.jws.soap.SOAPBinding;
-
-@WebService(name = "Hello", targetNamespace =
"http://org.jboss.ws/jbws1988")
-@SOAPBinding(style = SOAPBinding.Style.RPC)
-public interface Hello
-{
- @WebMethod
- public String echo(String par);
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,34 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.jbws1988;
+
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+
+@WebService(name = "Hello", targetNamespace =
"http://org.jboss.ws/jbws1988")
+@SOAPBinding(style = SOAPBinding.Style.RPC)
+public interface Hello
+{
+ @WebMethod
+ public String echo(String par);
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,57 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.jbws1988;
-
-import javax.annotation.Resource;
-import javax.annotation.security.RolesAllowed;
-import javax.ejb.Stateless;
-import javax.jws.WebMethod;
-import javax.jws.WebService;
-import javax.jws.soap.SOAPBinding;
-import javax.xml.ws.WebServiceContext;
-
-import org.jboss.annotation.security.SecurityDomain;
-import org.jboss.logging.Logger;
-import org.jboss.ws.annotation.EndpointConfig;
-import org.jboss.wsf.spi.annotation.WebContext;
-
-
-@Stateless
-@WebService(name = "Hello", serviceName = "HelloService",
targetNamespace = "http://org.jboss.ws/jbws1988")
-@SOAPBinding(style = SOAPBinding.Style.RPC)
-@WebContext(contextRoot = "/jaxws-jbws1988", urlPattern = "/*")
-@EndpointConfig(configName = "Standard WSSecurity Endpoint")
-@SecurityDomain("JBossWSDigest")
-@RolesAllowed({"friend"})
-public class HelloJavaBean
-{
- private Logger log = Logger.getLogger(HelloJavaBean.class);
- @Resource
- private WebServiceContext ctx;
-
- @WebMethod
- public String echo(String par)
- {
- log.info("User principal: " + ctx.getUserPrincipal());
- return par;
- }
-}
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.jbws1988;
+
+import javax.annotation.Resource;
+import javax.annotation.security.RolesAllowed;
+import javax.ejb.Stateless;
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+import javax.xml.ws.WebServiceContext;
+
+import org.jboss.annotation.security.SecurityDomain;
+import org.jboss.logging.Logger;
+import org.jboss.ws.annotation.EndpointConfig;
+import org.jboss.wsf.spi.annotation.WebContext;
+
+
+@Stateless
+@WebService(name = "Hello", serviceName = "HelloService",
targetNamespace = "http://org.jboss.ws/jbws1988")
+@SOAPBinding(style = SOAPBinding.Style.RPC)
+@WebContext(contextRoot = "/jaxws-jbws1988", urlPattern = "/*")
+@EndpointConfig(configName = "Standard WSSecurity Endpoint")
+@SecurityDomain("JBossWSDigest")
+@RolesAllowed({"friend"})
+public class HelloJavaBean
+{
+ private Logger log = Logger.getLogger(HelloJavaBean.class);
+ @Resource
+ private WebServiceContext ctx;
+
+ @WebMethod
+ public String echo(String par)
+ {
+ log.info("User principal: " + ctx.getUserPrincipal());
+ return par;
+ }
+}
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,98 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.jbws1988;
-
-import java.io.File;
-import java.net.URL;
-
-import javax.xml.namespace.QName;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Service;
-
-import junit.framework.Test;
-
-import org.jboss.ws.core.StubExt;
-import org.jboss.wsf.test.JBossWSTest;
-import org.jboss.wsf.test.JBossWSTestSetup;
-
-/**
- *
http://jira.jboss.org/jira/browse/JBWS-1988
- * Complete username token profile with digest and nonces
- *
- * @author alessio.soldano(a)jboss.com
- * @since 11-Mar-2008
- */
-public class UsernameAuthTestCase extends JBossWSTest
-{
- private String TARGET_ENDPOINT_ADDRESS = "http://" + getServerHost() +
":8080/jaxws-jbws1988";
-
- public static Test suite() throws Exception
- {
- return new JBossWSTestSetup(UsernameAuthTestCase.class, "jaxws-jbws1988.sar
jaxws-jbws1988.jar");
- }
-
- public void testAuth() throws Exception
- {
- Hello port = getPort();
- ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"kermit");
- ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"therealfrog");
- String msg = "Hi!";
- try
- {
- String result = port.echo(msg);
- assertEquals(msg, result);
- }
- catch (Exception e)
- {
- fail();
- }
- }
-
- public void testWrongPasswordAuth() throws Exception
- {
- Hello port = getPort();
- ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"kermit");
- ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"thefrog");
- String msg = "Hi!";
- try
- {
- String result = port.echo(msg);
- fail();
- }
- catch (Exception e)
- {
- //OK
- }
- }
-
- private Hello getPort() throws Exception
- {
- URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS + "?wsdl");
- QName serviceName = new QName("http://org.jboss.ws/jbws1988",
"HelloService");
- Hello port = Service.create(wsdlURL, serviceName).getPort(Hello.class);
- URL securityURL = new
File("resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml").toURL();
- ((StubExt)port).setSecurityConfig(securityURL.toExternalForm());
- ((StubExt)port).setConfigName("Standard WSSecurity Client");
- ((BindingProvider)port).getRequestContext().put(StubExt.PROPERTY_AUTH_TYPE,
StubExt.PROPERTY_AUTH_TYPE_WSSE);
- return port;
- }
-}
\ No newline at end of file
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.jbws1988;
+
+import java.io.File;
+import java.net.URL;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import junit.framework.Test;
+
+import org.jboss.ws.core.StubExt;
+import org.jboss.wsf.test.JBossWSTest;
+import org.jboss.wsf.test.JBossWSTestSetup;
+
+/**
+ *
http://jira.jboss.org/jira/browse/JBWS-1988
+ * Complete username token profile with digest and nonces
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 11-Mar-2008
+ */
+public class UsernameAuthTestCase extends JBossWSTest
+{
+ private String TARGET_ENDPOINT_ADDRESS = "http://" + getServerHost() +
":8080/jaxws-jbws1988";
+
+ public static Test suite() throws Exception
+ {
+ return new JBossWSTestSetup(UsernameAuthTestCase.class, "jaxws-jbws1988.sar
jaxws-jbws1988.jar");
+ }
+
+ public void testAuth() throws Exception
+ {
+ Hello port = getPort();
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"kermit");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"therealfrog");
+ String msg = "Hi!";
+ try
+ {
+ String result = port.echo(msg);
+ assertEquals(msg, result);
+ }
+ catch (Exception e)
+ {
+ fail();
+ }
+ }
+
+ public void testWrongPasswordAuth() throws Exception
+ {
+ Hello port = getPort();
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"kermit");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"thefrog");
+ String msg = "Hi!";
+ try
+ {
+ String result = port.echo(msg);
+ fail();
+ }
+ catch (Exception e)
+ {
+ //OK
+ }
+ }
+
+ private Hello getPort() throws Exception
+ {
+ URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS + "?wsdl");
+ QName serviceName = new QName("http://org.jboss.ws/jbws1988",
"HelloService");
+ Hello port = Service.create(wsdlURL, serviceName).getPort(Hello.class);
+ URL securityURL = new
File("resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml").toURL();
+ ((StubExt)port).setSecurityConfig(securityURL.toExternalForm());
+ ((StubExt)port).setConfigName("Standard WSSecurity Client");
+ ((BindingProvider)port).getRequestContext().put(StubExt.PROPERTY_AUTH_TYPE,
StubExt.PROPERTY_AUTH_TYPE_WSSE);
+ return port;
+ }
+}
\ No newline at end of file
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988 (from
rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988)
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF)
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<server>
- <!-- ==================================================================== -->
- <!-- Dynamic login config to install the login module using digest -->
- <!-- ==================================================================== -->
- <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
- name="jboss:service=DynamicLoginConfig">
- <attribute
name="AuthConfig">META-INF/login-config.xml</attribute>
- <!-- The service which supports dynamic processing of login-config.xml
- configurations.
- -->
- <depends optional-attribute-name="LoginConfigService">
- jboss.security:service=XMLLoginConfig
- </depends>
- <!-- Optionally specify the security mgr service to use when
- this service is stopped to flush the auth caches of the domains
- registered by this service.
- -->
- <depends optional-attribute-name="SecurityManagerService">
- jboss.security:service=JaasSecurityManager
- </depends>
- </mbean>
-</server>
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<server>
+ <!-- ==================================================================== -->
+ <!-- Dynamic login config to install the login module using digest -->
+ <!-- ==================================================================== -->
+ <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
+ name="jboss:service=DynamicLoginConfig">
+ <attribute
name="AuthConfig">META-INF/login-config.xml</attribute>
+ <!-- The service which supports dynamic processing of login-config.xml
+ configurations.
+ -->
+ <depends optional-attribute-name="LoginConfigService">
+ jboss.security:service=XMLLoginConfig
+ </depends>
+ <!-- Optionally specify the security mgr service to use when
+ this service is stopped to flush the auth caches of the domains
+ registered by this service.
+ -->
+ <depends optional-attribute-name="SecurityManagerService">
+ jboss.security:service=JaasSecurityManager
+ </depends>
+ </mbean>
+</server>
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
-
- <config>
- <username digestPassword="true"/>
- <timestamp ttl="300"/>
- </config>
-</jboss-ws-security>
\ No newline at end of file
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+
+ <config>
+ <username digestPassword="true"/>
+ <timestamp ttl="300"/>
+ </config>
+</jboss-ws-security>
\ No newline at end of file
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,10 +0,0 @@
-<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-
xsi:schemaLocation="http://www.jboss.com/ws-security/config
-
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
- <config>
- <timestamp ttl="300"/>
- <requires/>
- </config>
-
-</jboss-ws-security>
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,10 @@
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
+
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+ <config>
+ <timestamp ttl="300"/>
+ <requires/>
+ </config>
+
+</jboss-ws-security>
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,2 +0,0 @@
-# A sample roles.properties file for use with the UsersRolesLoginModule
-kermit=friend
\ No newline at end of file
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,2 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+kermit=friend
\ No newline at end of file
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,2 +0,0 @@
-# A sample users.properties file for use with the UsersRolesLoginModule
-kermit=therealfrog
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,2 @@
+# A sample users.properties file for use with the UsersRolesLoginModule
+kermit=therealfrog
Deleted:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml 2010-06-18
12:53:20 UTC (rev 12503)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -1,25 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE policy PUBLIC
- "-//JBoss//DTD JBOSS Security Config 3.0//EN"
- "http://www.jboss.org/j2ee/dtd/security_config.dtd">
-
-<policy>
-
- <application-policy name="JBossWSDigest">
- <authentication>
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag="required">
- <module-option
name="usersProperties">META-INF/jbossws-users.properties</module-option>
- <module-option
name="rolesProperties">META-INF/jbossws-roles.properties</module-option>
- <module-option name="hashAlgorithm">SHA</module-option>
- <module-option
name="hashEncoding">BASE64</module-option>
- <module-option
name="hashUserPassword">false</module-option>
- <module-option
name="hashStorePassword">true</module-option>
- <module-option
name="storeDigestCallback">org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback</module-option>
- <module-option
name="unauthenticatedIdentity">anonymous</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
-</policy>
-
Copied:
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
(from rev 12503,
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml)
===================================================================
---
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
(rev 0)
+++
stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml 2010-06-18
13:39:22 UTC (rev 12505)
@@ -0,0 +1,25 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<policy>
+
+ <application-policy name="JBossWSDigest">
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option
name="usersProperties">META-INF/jbossws-users.properties</module-option>
+ <module-option
name="rolesProperties">META-INF/jbossws-roles.properties</module-option>
+ <module-option name="hashAlgorithm">SHA</module-option>
+ <module-option
name="hashEncoding">BASE64</module-option>
+ <module-option
name="hashUserPassword">false</module-option>
+ <module-option
name="hashStorePassword">true</module-option>
+ <module-option
name="storeDigestCallback">org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback</module-option>
+ <module-option
name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+</policy>
+