Author: darran.lofthouse(a)jboss.com
Date: 2010-06-16 12:29:42 -0400 (Wed, 16 Jun 2010)
New Revision: 12488
Added:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
Removed:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/UsernamePwdDigestTestCase.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/samples/wssecurity/username-digest/
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-jars-jaxws.xml
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-samples-jaxws.xml
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/Util.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/resources/schema/jboss-ws-security_1_0.xsd
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java
Log:
Backport of 5924 and 5925
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-jars-jaxws.xml
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-jars-jaxws.xml 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-jars-jaxws.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -552,6 +552,25 @@
</webinf>
</war>
+ <!-- jaxws-jbws1988 -->
+ <jar destfile="${tests.output.dir}/libs/jaxws-jbws1988.jar">
+ <fileset dir="${tests.output.dir}/classes">
+ <include name="org/jboss/test/ws/jaxws/jbws1988/*.class"/>
+ <exclude
name="org/jboss/test/ws/jaxws/jbws1988/*TestCase.class"/>
+ </fileset>
+ <metainf
dir="${tests.output.dir}/resources/jaxws/jbws1988/META-INF">
+ <include name="jboss-wsse-server.xml"/>
+ </metainf>
+ </jar>
+ <jar jarfile="${tests.output.dir}/libs/jaxws-jbws1988.sar">
+ <metainf
dir="${tests.output.dir}/resources/jaxws/jbws1988/META-INF">
+ <include name="jboss-service.xml"/>
+ <include name="login-config.xml"/>
+ <include name="jbossws-users.properties"/>
+ <include name="jbossws-roles.properties"/>
+ </metainf>
+ </jar>
+
<!-- jaxws-jbws1999 -->
<war warfile="${tests.output.dir}/libs/jaxws-jbws1999.war"
webxml="${tests.output.dir}/resources/jaxws/jbws1999/WEB-INF/web.xml">
<classes dir="${tests.output.dir}/classes">
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-samples-jaxws.xml
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-samples-jaxws.xml 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/ant-import-tests/build-samples-jaxws.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -174,18 +174,6 @@
<include name="jboss-wsse-server.xml"/>
</webinf>
</war>
-
- <!-- jaxws-samples-wssecurity-username-digest -->
- <war
warfile="${tests.output.dir}/libs/jaxws-samples-wssecurity-username-digest.war"
webxml="${tests.output.dir}/resources/jaxws/samples/wssecurity/username-digest/WEB-INF/web.xml">
- <classes dir="${tests.output.dir}/classes">
- <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/UsernameEndpoint.class"/>
- <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/UsernameBean.class"/>
- </classes>
- <webinf
dir="${tests.output.dir}/resources/jaxws/samples/wssecurity/username-digest/WEB-INF">
- <include name="jboss-web.xml"/>
- <include name="jboss-wsse-server.xml"/>
- </webinf>
- </war>
<!-- jaxws-samples-wssecurityAnnotatedpolicy-encrypt -->
<war
warfile="${tests.output.dir}/libs/jaxws-samples-wssecurityAnnotatedpolicy-encrypt.war"
webxml="${tests.output.dir}/resources/jaxws/samples/wssecurityAnnotatedpolicy/WEB-INF/web.xml">
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -23,6 +23,8 @@
// $Id$
+import java.util.Calendar;
+
import javax.security.auth.callback.CallbackHandler;
import org.jboss.security.auth.callback.CallbackHandlerPolicyContextHandler;
@@ -30,27 +32,37 @@
import org.jboss.ws.extensions.security.element.SecurityHeader;
import org.jboss.ws.extensions.security.element.Token;
import org.jboss.ws.extensions.security.element.UsernameToken;
+import org.jboss.ws.extensions.security.nonce.NonceStore;
import org.jboss.wsf.spi.SPIProvider;
import org.jboss.wsf.spi.SPIProviderResolver;
import org.jboss.wsf.spi.invocation.SecurityAdaptor;
import org.jboss.wsf.spi.invocation.SecurityAdaptorFactory;
+import org.jboss.xb.binding.SimpleTypeBindings;
import org.w3c.dom.Document;
public class ReceiveUsernameOperation implements TokenOperation
{
private SecurityHeader header;
private SecurityStore store;
+ private NonceStore nonceStore;
+ private static final int TIMESTAMP_FRESHNESS_THRESHOLD = 300;
private SecurityAdaptorFactory secAdapterfactory;
- public ReceiveUsernameOperation(SecurityHeader header, SecurityStore store)
+ public ReceiveUsernameOperation(SecurityHeader header, SecurityStore store, NonceStore
nonceStore)
{
this.header = header;
this.store = store;
+ this.nonceStore = nonceStore;
SPIProvider spiProvider = SPIProviderResolver.getInstance().getProvider();
secAdapterfactory = spiProvider.getSPI(SecurityAdaptorFactory.class);
}
+
+ public ReceiveUsernameOperation(SecurityHeader header, SecurityStore store)
+ {
+ this(header, store, null);
+ }
public void process(Document message, Token token) throws WSSecurityException
{
@@ -59,10 +71,30 @@
if (user.isDigest())
{
+ verifyUsernameToken(user);
CallbackHandler handler = new UsernameTokenCallbackHandler(user.getNonce(),
user.getCreated());
CallbackHandlerPolicyContextHandler.setCallbackHandler(handler);
}
securityAdaptor.setPrincipal(new SimplePrincipal(user.getUsername()));
securityAdaptor.setCredential(user.getPassword());
}
+
+ private void verifyUsernameToken(UsernameToken token) throws WSSecurityException
+ {
+ if (token.getCreated() != null)
+ {
+ Calendar cal = SimpleTypeBindings.unmarshalDateTime(token.getCreated());
+ Calendar ref = Calendar.getInstance();
+ ref.add(Calendar.SECOND, -TIMESTAMP_FRESHNESS_THRESHOLD);
+ if (ref.after(cal))
+ throw new WSSecurityException("Request rejected since a stale timestamp
has been provided: " + token.getCreated());
+ }
+ String nonce = token.getNonce();
+ if (nonce != null)
+ {
+ if (nonceStore.hasNonce(nonce))
+ throw new WSSecurityException("Request rejected since a message with the
same nonce has been recently received; nonce = " + nonce);
+ nonceStore.putNonce(nonce);
+ }
+ }
}
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityDecoder.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -34,6 +34,7 @@
import org.jboss.ws.extensions.security.element.Timestamp;
import org.jboss.ws.extensions.security.element.Token;
import org.jboss.ws.extensions.security.element.UsernameToken;
+import org.jboss.ws.extensions.security.nonce.NonceFactory;
import org.jboss.ws.metadata.wsse.Authenticate;
import org.jboss.ws.metadata.wsse.TimestampVerification;
import org.w3c.dom.Document;
@@ -54,6 +55,8 @@
private SecurityHeader header;
private Document message;
+
+ private NonceFactory nonceFactory;
private SecurityStore store;
@@ -65,10 +68,12 @@
private HashSet<String> encryptedIds = new HashSet<String>();
- public SecurityDecoder(SecurityStore store, TimestampVerification
timestampVerification, Authenticate authenticate)
+
+ public SecurityDecoder(SecurityStore store, NonceFactory nonceFactory,
TimestampVerification timestampVerification, Authenticate authenticate)
{
org.apache.xml.security.Init.init();
this.store = store;
+ this.nonceFactory = nonceFactory;
this.timestampVerification = timestampVerification;
this.authenticate = authenticate;
}
@@ -80,10 +85,9 @@
* @param SecurityStore the security store that contains key and trust information
* @param now The timestamp to use as the current time when validating a message
expiration
*/
-
- public SecurityDecoder(SecurityStore store, Calendar now, TimestampVerification
timestampVerification, Authenticate authenticate)
+ public SecurityDecoder(SecurityStore store, Calendar now, NonceFactory nonceFactory,
TimestampVerification timestampVerification, Authenticate authenticate)
{
- this(store, timestampVerification, authenticate);
+ this(store, nonceFactory, timestampVerification, authenticate);
this.now = now;
}
@@ -117,8 +121,8 @@
for (Token token : header.getTokens())
{
if (token instanceof UsernameToken)
- new ReceiveUsernameOperation(header, store).process(message, token);
- }
+ new ReceiveUsernameOperation(header, store, (nonceFactory != null ?
nonceFactory.getStore() : null)).process(message, token);
+ }
}
signedIds.clear();
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SecurityStore.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -51,6 +51,7 @@
import java.util.StringTokenizer;
import org.jboss.logging.Logger;
+import org.jboss.ws.extensions.security.nonce.NonceGenerator;
/**
* <code>SecurityStore</code> holds and loads the keystore and truststore
required for encyption and signing.
@@ -73,6 +74,8 @@
private HashMap<String, String> keyPasswords;
+ private NonceGenerator nonceGenerator;
+
public SecurityStore() throws WSSecurityException
{
this(null, null, null, null, null, null, null);
@@ -80,17 +83,30 @@
public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords) throws WSSecurityException
{
+ this(keyStoreURL, keyStoreType, keyStorePassword, keyPasswords, null);
+ }
+
+ public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords, NonceGenerator nonceGenerator) throws
WSSecurityException
+ {
loadKeyStore(keyStoreURL, keyStoreType, keyStorePassword);
loadTrustStore(keyStoreURL, keyStoreType, keyStorePassword);
this.keyPasswords = keyPasswords;
+ this.nonceGenerator = nonceGenerator;
}
public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords, URL trustStoreURL, String trustStoreType,
String trustStorePassword)
+ throws WSSecurityException
+ {
+ this(keyStoreURL, keyStoreType, keyStorePassword, keyPasswords, trustStoreURL,
trustStoreType, trustStorePassword, null);
+ }
+
+ public SecurityStore(URL keyStoreURL, String keyStoreType, String keyStorePassword,
HashMap<String, String> keyPasswords, URL trustStoreURL, String trustStoreType,
String trustStorePassword, NonceGenerator nonceGenerator)
throws WSSecurityException
{
loadKeyStore(keyStoreURL, keyStoreType, keyStorePassword);
loadTrustStore(trustStoreURL, trustStoreType, trustStorePassword);
this.keyPasswords = keyPasswords;
+ this.nonceGenerator = nonceGenerator;
}
private void loadKeyStore(URL keyStoreURL, String keyStoreType, String
keyStorePassword) throws WSSecurityException
@@ -525,4 +541,10 @@
throw new WSSecurityException("Problems setting up certificate
validation", e);
}
}
+
+ public NonceGenerator getNonceGenerator()
+ {
+ return nonceGenerator;
+ }
+
}
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -50,7 +50,7 @@
private SecurityHeader header;
private SecurityStore store;
-
+
public SendUsernameOperation(SecurityHeader header, SecurityStore store)
{
this.header = header;
@@ -60,12 +60,11 @@
public void process(Document message, List<Target> targets, String username,
String credential, String algorithm, boolean digest, boolean useNonce, boolean
useTimestamp) throws WSSecurityException
{
String created = useTimestamp ? getCurrentTimestampAsString() : null;
- String nonce = useNonce ? Util.generateNonce() : null;
+ String nonce = useNonce ? store.getNonceGenerator().generateNonce() : null;
String password = digest ? createPasswordDigest(nonce, created, credential) :
credential;
header.addToken(new UsernameToken(username, password, message, digest, nonce,
created));
}
-
private static String getCurrentTimestampAsString()
{
Calendar timestamp = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/Util.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/Util.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/Util.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -23,14 +23,12 @@
//$Id$
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.List;
import javax.xml.namespace.QName;
-import org.jboss.util.Base64;
+import org.jboss.ws.WSException;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -41,20 +39,7 @@
public class Util
{
public static int count = 0;
- private static SecureRandom pseudoRng;
- static
- {
- try
- {
- pseudoRng = SecureRandom.getInstance("SHA1PRNG");
- pseudoRng.setSeed(System.currentTimeMillis());
- }
- catch (NoSuchAlgorithmException e)
- {
- }
- }
-
public static String assignWsuId(Element element)
{
String id = element.getAttributeNS(Constants.WSU_NS, Constants.ID);
@@ -233,10 +218,21 @@
return id.toString();
}
- public static String generateNonce()
+ @SuppressWarnings("unchecked")
+ public static <T> T loadFactory(Class<T> factoryType, String
factoryClassName, Class<? extends T> defaultFactoryClassName)
{
- byte[] bytes = new byte[32];
- pseudoRng.nextBytes(bytes);
- return Base64.encodeBytes(bytes);
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ String name = factoryClassName != null ? factoryClassName :
System.getProperty(factoryType.getName());
+ if (name == null)
+ name = defaultFactoryClassName.getName();
+ try
+ {
+ Class<T> cl = (Class<T>)loader.loadClass(name);
+ return cl.newInstance();
+ }
+ catch (Exception e)
+ {
+ throw new WSException(e);
+ }
}
}
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -38,6 +38,7 @@
import org.jboss.ws.WSException;
import org.jboss.ws.core.CommonMessageContext;
import org.jboss.ws.core.CommonSOAPFaultException;
+<<<<<<< .working
import org.jboss.ws.core.StubExt;
import org.jboss.ws.core.soap.MessageContextAssociation;
import org.jboss.ws.core.soap.SOAPMessageImpl;
@@ -45,6 +46,23 @@
import org.jboss.ws.metadata.umdm.OperationMetaData;
import org.jboss.ws.metadata.wsse.Authenticate;
import org.jboss.ws.metadata.wsse.Authorize;
+=======
+import org.jboss.ws.extensions.security.exception.InvalidSecurityHeaderException;
+import org.jboss.ws.extensions.security.exception.WSSecurityException;
+import org.jboss.ws.extensions.security.nonce.DefaultNonceFactory;
+import org.jboss.ws.extensions.security.nonce.NonceFactory;
+import org.jboss.ws.extensions.security.nonce.NonceGenerator;
+import org.jboss.ws.extensions.security.operation.EncodingOperation;
+import org.jboss.ws.extensions.security.operation.EncryptionOperation;
+//import org.jboss.ws.extensions.security.operation.OperationDescription;
+import org.jboss.ws.extensions.security.operation.RequireEncryptionOperation;
+import org.jboss.ws.extensions.security.operation.RequireOperation;
+import org.jboss.ws.extensions.security.operation.RequireSignatureOperation;
+import org.jboss.ws.extensions.security.operation.RequireTimestampOperation;
+import org.jboss.ws.extensions.security.operation.SendUsernameOperation;
+import org.jboss.ws.extensions.security.operation.SignatureOperation;
+import org.jboss.ws.extensions.security.operation.TimestampOperation;
+>>>>>>> .merge-right.r5945
import org.jboss.ws.metadata.wsse.Config;
import org.jboss.ws.metadata.wsse.Encrypt;
import org.jboss.ws.metadata.wsse.Operation;
@@ -176,7 +194,8 @@
{
SecurityStore securityStore = new SecurityStore(configuration.getKeyStoreURL(),
configuration.getKeyStoreType(), configuration.getKeyStorePassword(),
configuration.getKeyPasswords(), configuration.getTrustStoreURL(),
configuration.getTrustStoreType(), configuration.getTrustStorePassword());
-
+ NonceFactory factory = Util.loadFactory(NonceFactory.class,
configuration.getNonceFactory(), DefaultNonceFactory.class);
+
Authenticate authenticate = null;
if (operationConfig != null)
@@ -184,7 +203,7 @@
authenticate = operationConfig.getAuthenticate();
}
- SecurityDecoder decoder = new SecurityDecoder(securityStore,
configuration.getTimestampVerification(), authenticate);
+ SecurityDecoder decoder = new SecurityDecoder(securityStore, factory,
configuration.getTimestampVerification(), authenticate);
decoder.decode(message.getSOAPPart(), secHeaderElement);
@@ -311,7 +330,6 @@
//we fall back to the port wsse config (if available) or the default config.
Config portConfig = port.getDefaultConfig();
return (portConfig == null) ? configuration.getDefaultConfig() : portConfig;
-
}
return operation.getConfig();
}
@@ -381,6 +399,7 @@
operations.add(new
OperationDescription<EncodingOperation>(TimestampOperation.class, null, null,
timestamp.getTtl(), null));
}
+ NonceGenerator nonceGenerator = null;
Username username = opConfig.getUsername();
if (username != null)
{
@@ -398,6 +417,9 @@
operations.add(new
OperationDescription<EncodingOperation>(SendUsernameOperation.class, null,
user.toString(), pass.toString(), null,username.isDigestPassword(), username.isUseNonce(),
username.isUseCreated()));
ctx.put(StubExt.PROPERTY_AUTH_TYPE, StubExt.PROPERTY_AUTH_TYPE_WSSE);
}
+
+ NonceFactory factory = Util.loadFactory(NonceFactory.class,
config.getNonceFactory(), DefaultNonceFactory.class);
+ nonceGenerator = factory.getGenerator();
}
Sign sign = opConfig.getSign();
@@ -432,7 +454,7 @@
try
{
SecurityStore securityStore = new SecurityStore(config.getKeyStoreURL(),
config.getKeyStoreType(), config.getKeyStorePassword(), config.getKeyPasswords(),
- config.getTrustStoreURL(), config.getTrustStoreType(),
config.getTrustStorePassword());
+ config.getTrustStoreURL(), config.getTrustStoreType(),
config.getTrustStorePassword(), nonceGenerator);
SecurityEncoder encoder = new SecurityEncoder(operations, securityStore);
encoder.encode(soapMessage.getSOAPPart());
}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce
(from rev 5945, stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce)
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
===================================================================
---
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java 2008-03-12
16:13:36 UTC (rev 5945)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,45 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * The default nonce factory
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- */
-public class DefaultNonceFactory implements NonceFactory
-{
-
- public NonceGenerator getGenerator()
- {
- return new DefaultNonceGenerator();
- }
-
- public NonceStore getStore()
- {
- return new DummyNonceStore();
- }
-
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
(from rev 5945,
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceFactory.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,45 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * The default nonce factory
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ */
+public class DefaultNonceFactory implements NonceFactory
+{
+
+ public NonceGenerator getGenerator()
+ {
+ return new DefaultNonceGenerator();
+ }
+
+ public NonceStore getStore()
+ {
+ return new DummyNonceStore();
+ }
+
+}
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
===================================================================
---
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java 2008-03-12
16:13:36 UTC (rev 5945)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,60 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-
-import org.jboss.util.Base64;
-
-/**
- * A simple nonce generator using a SecureRandom instance.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- */
-public class DefaultNonceGenerator implements NonceGenerator
-{
- private static SecureRandom pseudoRng;
-
- static
- {
- try
- {
- pseudoRng = SecureRandom.getInstance("SHA1PRNG");
- pseudoRng.setSeed(System.currentTimeMillis());
- }
- catch (NoSuchAlgorithmException e)
- {
- }
- }
-
- public String generateNonce()
- {
- byte[] bytes = new byte[32];
- pseudoRng.nextBytes(bytes);
- return Base64.encodeBytes(bytes);
- }
-
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
(from rev 5945,
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DefaultNonceGenerator.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,60 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import org.jboss.util.Base64;
+
+/**
+ * A simple nonce generator using a SecureRandom instance.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ */
+public class DefaultNonceGenerator implements NonceGenerator
+{
+ private static SecureRandom pseudoRng;
+
+ static
+ {
+ try
+ {
+ pseudoRng = SecureRandom.getInstance("SHA1PRNG");
+ pseudoRng.setSeed(System.currentTimeMillis());
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ }
+ }
+
+ public String generateNonce()
+ {
+ byte[] bytes = new byte[32];
+ pseudoRng.nextBytes(bytes);
+ return Base64.encodeBytes(bytes);
+ }
+
+}
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
===================================================================
---
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java 2008-03-12
16:13:36 UTC (rev 5945)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,47 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-import org.jboss.logging.Logger;
-
-//$Id$
-
-/**
- * A dummy nonce store providing no actual
- * security increase against replay attacks.
- *
- * @author alessio.soldano(a)jboss.com
- */
-public class DummyNonceStore implements NonceStore
-{
-
- public boolean hasNonce(String nonce)
- {
- return false;
- }
-
- public void putNonce(String nonce)
- {
- Logger.getLogger(this.getClass()).warn("Please consider using a real nonce
store to increase security against replay attacks.");
- }
-
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
(from rev 5945,
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/DummyNonceStore.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,47 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+import org.jboss.logging.Logger;
+
+//$Id$
+
+/**
+ * A dummy nonce store providing no actual
+ * security increase against replay attacks.
+ *
+ * @author alessio.soldano(a)jboss.com
+ */
+public class DummyNonceStore implements NonceStore
+{
+
+ public boolean hasNonce(String nonce)
+ {
+ return false;
+ }
+
+ public void putNonce(String nonce)
+ {
+ Logger.getLogger(this.getClass()).warn("Please consider using a real nonce
store to increase security against replay attacks.");
+ }
+
+}
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
===================================================================
---
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java 2008-03-12
16:13:36 UTC (rev 5945)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,38 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * Generic interface for a factory of nonce generator and nonce store.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- *
- */
-public interface NonceFactory
-{
- public NonceGenerator getGenerator();
-
- public NonceStore getStore();
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
(from rev 5945,
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceFactory.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,38 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * Generic interface for a factory of nonce generator and nonce store.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public interface NonceFactory
+{
+ public NonceGenerator getGenerator();
+
+ public NonceStore getStore();
+}
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
===================================================================
---
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java 2008-03-12
16:13:36 UTC (rev 5945)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,35 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * Simple interface for a generator of nonces.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- */
-public interface NonceGenerator
-{
- public String generateNonce();
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
(from rev 5945,
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceGenerator.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,35 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * Simple interface for a generator of nonces.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ */
+public interface NonceGenerator
+{
+ public String generateNonce();
+}
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
===================================================================
---
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java 2008-03-12
16:13:36 UTC (rev 5945)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,49 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.jboss.ws.extensions.security.nonce;
-
-//$Id$
-
-/**
- * A nonce store collects recently used nonces.
- *
- * @author alessio.soldano(a)jboss.com
- * @since 12-Mar-2008
- *
- */
-public interface NonceStore
-{
- /**
- * Checks whether the store contains the provided nonce.
- *
- * @param nonce
- * @return True if the provided nonce has been recently put in the store
- */
- public boolean hasNonce(String nonce);
-
- /**
- * Put the given nonce in the store.
- *
- * @param nonce
- */
- public void putNonce(String nonce);
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
(from rev 5945,
stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/extensions/security/nonce/NonceStore.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,49 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.ws.extensions.security.nonce;
+
+//$Id$
+
+/**
+ * A nonce store collects recently used nonces.
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 12-Mar-2008
+ *
+ */
+public interface NonceStore
+{
+ /**
+ * Checks whether the store contains the provided nonce.
+ *
+ * @param nonce
+ * @return True if the provided nonce has been recently put in the store
+ */
+ public boolean hasNonce(String nonce);
+
+ /**
+ * Put the given nonce in the store.
+ *
+ * @param nonce
+ */
+ public void putNonce(String nonce);
+}
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityConfiguration.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -47,6 +47,7 @@
private String trustStorePassword;
private HashMap<String, String> keyPasswords = new HashMap<String,
String>();
private TimestampVerification timestampVerification;
+ private String nonceFactory;
public WSSecurityConfiguration()
{
@@ -177,4 +178,14 @@
this.timestampVerification = timestampVerification;
}
+ public String getNonceFactory()
+ {
+ return nonceFactory;
+ }
+
+ public void setNonceFactory(String nonceFactory)
+ {
+ this.nonceFactory = nonceFactory;
+ }
+
}
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -51,7 +51,7 @@
public static String CLIENT_RESOURCE_NAME = "jboss-wsse-client.xml";
- private static HashMap options = new HashMap(6);
+ private static HashMap options = new HashMap(7);
static
{
@@ -61,6 +61,7 @@
options.put("trust-store-file", "setTrustStoreFile");
options.put("trust-store-type", "setTrustStoreType");
options.put("trust-store-password", "setTrustStorePassword");
+ options.put("nonce-factory-class", "setNonceFactory");
}
// provide logging
@@ -147,7 +148,7 @@
if (method == null)
return;
- // Dispatch to propper initializer
+ // Dispatch to proper initializer
try
{
WSSecurityConfiguration.class.getMethod(method, new Class[] { String.class
}).invoke(configuration, new Object[] { value });
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/resources/schema/jboss-ws-security_1_0.xsd
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/resources/schema/jboss-ws-security_1_0.xsd 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/main/resources/schema/jboss-ws-security_1_0.xsd 2010-06-16
16:29:42 UTC (rev 12488)
@@ -53,6 +53,11 @@
<xs:documentation>The WSDL port.</xs:documentation>
</xs:annotation>
</xs:element>
+ <xs:element name="nonce-factory-class" type="xs:string"
minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>This specifies the nonce factory class name. It is
used to get the custom generator and store of nonces.</xs:documentation>
+ </xs:annotation>
+ </xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/MicrosoftInteropTestCase.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -95,7 +95,7 @@
cal.set(Calendar.MINUTE, 22);
cal.set(Calendar.SECOND, 25);
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null,
null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null, null,
null);
decoder.decode(soapEnv.getOwnerDocument());
decoder.complete();
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/RoundTripTestCase.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -55,7 +55,7 @@
/**
* Simple WS-Security round trip test
- *
+ *
* @author <a href="mailto:jason.greene@jboss.com>Jason T. Greene</a>
*/
public class RoundTripTestCase extends JBossWSTest
@@ -92,7 +92,7 @@
env = soapMsg.getSOAPPart().getEnvelope();
doc = env.getOwnerDocument();
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), null, null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), null, null,
null);
decoder.decode(doc);
decoder.verify(buildRequireOperations());
@@ -105,8 +105,6 @@
assertEquals(inputString, DOMWriter.printNode(doc, true));
}
- // WS-Security leaves wsu:id attributes arround on elements which are not cleaned
- // up due to performance reasons. This, however, breaks comparisons, so we manually
// fix this for tests.
private void cleanupWsuIds(Element element)
{
@@ -160,7 +158,7 @@
name = new QName("http://org.jboss.ws/2004", "someHeader");
target = new QNameTarget(name);
targets.add(target);
- //targets.add(new WsuIdTarget("timestamp"));
+ // targets.add(new WsuIdTarget("timestamp"));
LinkedList operations = new LinkedList();
operations.add(new OperationDescription(RequireSignatureOperation.class, targets,
null, null, null));
operations.add(new OperationDescription(RequireEncryptionOperation.class, targets,
null, null, null));
Modified:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxrpc/wsse/SunInteropTestCase.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -72,7 +72,7 @@
cal.set(Calendar.MINUTE, 32);
cal.set(Calendar.SECOND, 25);
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null,
null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null, null,
null);
decoder.decode(doc);
decoder.complete();
@@ -107,7 +107,7 @@
cal.set(Calendar.MINUTE, 8);
cal.set(Calendar.SECOND, 40);
- SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null,
null);
+ SecurityDecoder decoder = new SecurityDecoder(new SecurityStore(), cal, null, null,
null);
decoder.decode(doc);
decoder.complete();
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988
(from rev 5924, stack/native/trunk/src/test/java/org/jboss/test/ws/jaxws/jbws1988)
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
===================================================================
---
stack/native/trunk/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,34 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.jbws1988;
-
-import javax.jws.WebMethod;
-import javax.jws.WebService;
-import javax.jws.soap.SOAPBinding;
-
-@WebService(name = "Hello", targetNamespace =
"http://org.jboss.ws/jbws1988")
-@SOAPBinding(style = SOAPBinding.Style.RPC)
-public interface Hello
-{
- @WebMethod
- public String echo(String par);
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
(from rev 5924,
stack/native/trunk/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/Hello.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,34 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.jbws1988;
+
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+
+@WebService(name = "Hello", targetNamespace =
"http://org.jboss.ws/jbws1988")
+@SOAPBinding(style = SOAPBinding.Style.RPC)
+public interface Hello
+{
+ @WebMethod
+ public String echo(String par);
+}
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
===================================================================
---
stack/native/trunk/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,57 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.jbws1988;
-
-import javax.annotation.Resource;
-import javax.annotation.security.RolesAllowed;
-import javax.ejb.Stateless;
-import javax.jws.WebMethod;
-import javax.jws.WebService;
-import javax.jws.soap.SOAPBinding;
-import javax.xml.ws.WebServiceContext;
-
-import org.jboss.annotation.security.SecurityDomain;
-import org.jboss.logging.Logger;
-import org.jboss.ws.annotation.EndpointConfig;
-import org.jboss.wsf.spi.annotation.WebContext;
-
-
-@Stateless
-@WebService(name = "Hello", serviceName = "HelloService",
targetNamespace = "http://org.jboss.ws/jbws1988")
-@SOAPBinding(style = SOAPBinding.Style.RPC)
-@WebContext(contextRoot = "/jaxws-jbws1988", urlPattern = "/*")
-@EndpointConfig(configName = "Standard WSSecurity Endpoint")
-@SecurityDomain("JBossWSDigest")
-@RolesAllowed({"friend"})
-public class HelloJavaBean
-{
- private Logger log = Logger.getLogger(HelloJavaBean.class);
- @Resource
- private WebServiceContext ctx;
-
- @WebMethod
- public String echo(String par)
- {
- log.info("User principal: " + ctx.getUserPrincipal());
- return par;
- }
-}
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
(from rev 5924,
stack/native/trunk/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/HelloJavaBean.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.jbws1988;
+
+import javax.annotation.Resource;
+import javax.annotation.security.RolesAllowed;
+import javax.ejb.Stateless;
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+import javax.xml.ws.WebServiceContext;
+
+import org.jboss.annotation.security.SecurityDomain;
+import org.jboss.logging.Logger;
+import org.jboss.ws.annotation.EndpointConfig;
+import org.jboss.wsf.spi.annotation.WebContext;
+
+
+@Stateless
+@WebService(name = "Hello", serviceName = "HelloService",
targetNamespace = "http://org.jboss.ws/jbws1988")
+@SOAPBinding(style = SOAPBinding.Style.RPC)
+@WebContext(contextRoot = "/jaxws-jbws1988", urlPattern = "/*")
+@EndpointConfig(configName = "Standard WSSecurity Endpoint")
+@SecurityDomain("JBossWSDigest")
+@RolesAllowed({"friend"})
+public class HelloJavaBean
+{
+ private Logger log = Logger.getLogger(HelloJavaBean.class);
+ @Resource
+ private WebServiceContext ctx;
+
+ @WebMethod
+ public String echo(String par)
+ {
+ log.info("User principal: " + ctx.getUserPrincipal());
+ return par;
+ }
+}
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
===================================================================
---
stack/native/trunk/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,81 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.jbws1988;
-
-import java.io.File;
-import java.net.URL;
-
-import javax.xml.namespace.QName;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Service;
-
-import junit.framework.Test;
-
-import org.jboss.ws.core.StubExt;
-import org.jboss.wsf.test.JBossWSTest;
-import org.jboss.wsf.test.JBossWSTestSetup;
-
-/**
- *
http://jira.jboss.org/jira/browse/JBWS-1988
- * Complete username token profile with digest and nonces
- *
- * @author alessio.soldano(a)jboss.com
- * @since 11-Mar-2008
- */
-public class UsernameAuthTestCase extends JBossWSTest
-{
- private String TARGET_ENDPOINT_ADDRESS = "http://" + getServerHost() +
":8080/jaxws-jbws1988";
-
- public static Test suite() throws Exception
- {
- return new JBossWSTestSetup(UsernameAuthTestCase.class, "jaxws-jbws1988.sar
jaxws-jbws1988.jar");
- }
-
- public void testAuth() throws Exception
- {
- Hello port = getPort();
- ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"kermit");
- ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"therealfrog");
- String msg = "Hi!";
- try
- {
- String result = port.echo(msg);
- assertEquals(msg, result);
- }
- catch (Exception e)
- {
- fail();
- }
- }
-
- private Hello getPort() throws Exception
- {
- URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS + "?wsdl");
- QName serviceName = new QName("http://org.jboss.ws/jbws1988",
"HelloService");
- Hello port = Service.create(wsdlURL, serviceName).getPort(Hello.class);
- URL securityURL = new
File("resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml").toURL();
- ((StubExt)port).setSecurityConfig(securityURL.toExternalForm());
- ((StubExt)port).setConfigName("Standard WSSecurity Client");
- ((BindingProvider)port).getRequestContext().put(StubExt.PROPERTY_AUTH_TYPE,
StubExt.PROPERTY_AUTH_TYPE_WSSE);
- return port;
- }
-}
\ No newline at end of file
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
(from rev 5924,
stack/native/trunk/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/jbws1988/UsernameAuthTestCase.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,81 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.jbws1988;
+
+import java.io.File;
+import java.net.URL;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import junit.framework.Test;
+
+import org.jboss.ws.core.StubExt;
+import org.jboss.wsf.test.JBossWSTest;
+import org.jboss.wsf.test.JBossWSTestSetup;
+
+/**
+ *
http://jira.jboss.org/jira/browse/JBWS-1988
+ * Complete username token profile with digest and nonces
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 11-Mar-2008
+ */
+public class UsernameAuthTestCase extends JBossWSTest
+{
+ private String TARGET_ENDPOINT_ADDRESS = "http://" + getServerHost() +
":8080/jaxws-jbws1988";
+
+ public static Test suite() throws Exception
+ {
+ return new JBossWSTestSetup(UsernameAuthTestCase.class, "jaxws-jbws1988.sar
jaxws-jbws1988.jar");
+ }
+
+ public void testAuth() throws Exception
+ {
+ Hello port = getPort();
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"kermit");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"therealfrog");
+ String msg = "Hi!";
+ try
+ {
+ String result = port.echo(msg);
+ assertEquals(msg, result);
+ }
+ catch (Exception e)
+ {
+ fail();
+ }
+ }
+
+ private Hello getPort() throws Exception
+ {
+ URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS + "?wsdl");
+ QName serviceName = new QName("http://org.jboss.ws/jbws1988",
"HelloService");
+ Hello port = Service.create(wsdlURL, serviceName).getPort(Hello.class);
+ URL securityURL = new
File("resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml").toURL();
+ ((StubExt)port).setSecurityConfig(securityURL.toExternalForm());
+ ((StubExt)port).setConfigName("Standard WSSecurity Client");
+ ((BindingProvider)port).getRequestContext().put(StubExt.PROPERTY_AUTH_TYPE,
StubExt.PROPERTY_AUTH_TYPE_WSSE);
+ return port;
+ }
+}
\ No newline at end of file
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/UsernamePwdDigestTestCase.java
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/UsernamePwdDigestTestCase.java 2010-06-16
14:45:52 UTC (rev 12487)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/UsernamePwdDigestTestCase.java 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,92 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.jboss.test.ws.jaxws.samples.wssecurity;
-
-import java.io.File;
-import java.net.URL;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Service;
-
-import junit.framework.Test;
-
-import org.jboss.ws.core.StubExt;
-import org.jboss.wsf.test.JBossWSTest;
-import org.jboss.wsf.test.JBossWSTestSetup;
-
-/**
- * Test WS-Security for Username Token with password digest
- *
- * @author alessio.soldano(a)jboss.com
- * @since 10-Mar-2008
- */
-public class UsernamePwdDigestTestCase extends JBossWSTest
-{
- private static UsernameEndpoint port;
-
- public static Test suite() throws Exception
- {
- return new JBossWSTestSetup(UsernamePwdDigestTestCase.class,
"jaxws-samples-wssecurity-username-digest.war");
- }
-
- @Override
- protected void setUp() throws Exception
- {
- if (port == null)
- {
- URL wsdlURL = new
File("resources/jaxws/samples/wssecurity/username-digest/META-INF/wsdl/UsernameService.wsdl").toURL();
- URL securityURL = new
File("resources/jaxws/samples/wssecurity/username-digest/META-INF/jboss-wsse-client.xml").toURL();
- QName serviceName = new
QName("http://org.jboss.ws/samples/wssecurity", "UsernameService");
-
- Service service = Service.create(wsdlURL, serviceName);
-
- port = (UsernameEndpoint)service.getPort(UsernameEndpoint.class);
- ((StubExt)port).setSecurityConfig(securityURL.toExternalForm());
- ((StubExt)port).setConfigName("Standard WSSecurity Client");
- }
- }
-
- public void testUsernameTokenNegative() throws Exception
- {
- try
- {
- port.getUsernameToken();
- fail("Server should respond with [401] - Unauthorized");
- }
- catch (Exception ex)
- {
- // this should be ok
- }
- }
-
- public void testUsernameToken() throws Exception
- {
- Map<String, Object> reqContext =
((BindingProvider)port).getRequestContext();
- reqContext.put(BindingProvider.USERNAME_PROPERTY, "kermit");
- reqContext.put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
-
- String retObj = port.getUsernameToken();
- assertEquals("kermit", retObj);
- }
-}
\ No newline at end of file
Copied: stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988
(from rev 5924, stack/native/trunk/src/test/resources/jaxws/jbws1988)
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF
(from rev 5924, stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF)
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
===================================================================
---
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,21 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<server>
- <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
- name="jboss:service=DynamicLoginConfig">
- <attribute
name="AuthConfig">META-INF/login-config.xml</attribute>
- <!-- The service which supports dynamic processing of login-config.xml
- configurations.
- -->
- <depends optional-attribute-name="LoginConfigService">
- jboss.security:service=XMLLoginConfig
- </depends>
- <!-- Optionally specify the security mgr service to use when
- this service is stopped to flush the auth caches of the domains
- registered by this service.
- -->
- <depends optional-attribute-name="SecurityManagerService">
- jboss.security:service=JaasSecurityManager
- </depends>
- </mbean>
-</server>
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
(from rev 5924,
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-service.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<server>
+ <!-- ==================================================================== -->
+ <!-- Dynamic login config to install the login module using digest -->
+ <!-- ==================================================================== -->
+ <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
+ name="jboss:service=DynamicLoginConfig">
+ <attribute
name="AuthConfig">META-INF/login-config.xml</attribute>
+ <!-- The service which supports dynamic processing of login-config.xml
+ configurations.
+ -->
+ <depends optional-attribute-name="LoginConfigService">
+ jboss.security:service=XMLLoginConfig
+ </depends>
+ <!-- Optionally specify the security mgr service to use when
+ this service is stopped to flush the auth caches of the domains
+ registered by this service.
+ -->
+ <depends optional-attribute-name="SecurityManagerService">
+ jboss.security:service=JaasSecurityManager
+ </depends>
+ </mbean>
+</server>
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
===================================================================
---
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
-
- <config>
- <username digestPassword="true"/>
- <timestamp ttl="300"/>
- </config>
-</jboss-ws-security>
\ No newline at end of file
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
(from rev 5924,
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-client.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+
+ <config>
+ <username digestPassword="true"/>
+ <timestamp ttl="300"/>
+ </config>
+</jboss-ws-security>
\ No newline at end of file
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
===================================================================
---
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,10 +0,0 @@
-<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-
xsi:schemaLocation="http://www.jboss.com/ws-security/config
-
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
- <config>
- <timestamp ttl="300"/>
- <requires/>
- </config>
-
-</jboss-ws-security>
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
(from rev 5924,
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jboss-wsse-server.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,10 @@
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
+
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+ <config>
+ <timestamp ttl="300"/>
+ <requires/>
+ </config>
+
+</jboss-ws-security>
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
===================================================================
---
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,2 +0,0 @@
-# A sample roles.properties file for use with the UsersRolesLoginModule
-kermit=friend
\ No newline at end of file
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
(from rev 5924,
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-roles.properties 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,2 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+kermit=friend
\ No newline at end of file
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
===================================================================
---
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,2 +0,0 @@
-# A sample users.properties file for use with the UsersRolesLoginModule
-kermit=therealfrog
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
(from rev 5924,
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/jbossws-users.properties 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,2 @@
+# A sample users.properties file for use with the UsersRolesLoginModule
+kermit=therealfrog
Deleted:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
===================================================================
---
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml 2008-03-12
00:33:29 UTC (rev 5924)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -1,25 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE policy PUBLIC
- "-//JBoss//DTD JBOSS Security Config 3.0//EN"
- "http://www.jboss.org/j2ee/dtd/security_config.dtd">
-
-<policy>
-
- <application-policy name="JBossWSDigest">
- <authentication>
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag="required">
- <module-option
name="usersProperties">META-INF/jbossws-users.properties</module-option>
- <module-option
name="rolesProperties">META-INF/jbossws-roles.properties</module-option>
- <module-option name="hashAlgorithm">SHA</module-option>
- <module-option
name="hashEncoding">BASE64</module-option>
- <module-option
name="hashUserPassword">false</module-option>
- <module-option
name="hashStorePassword">true</module-option>
- <module-option
name="storeDigestCallback">org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback</module-option>
- <module-option
name="unauthenticatedIdentity">anonymous</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
-</policy>
-
Copied:
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
(from rev 5924,
stack/native/trunk/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml)
===================================================================
---
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml
(rev 0)
+++
stack/native/branches/dlofthouse/JBPAPP-4447/src/test/resources/jaxws/jbws1988/META-INF/login-config.xml 2010-06-16
16:29:42 UTC (rev 12488)
@@ -0,0 +1,25 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<policy>
+
+ <application-policy name="JBossWSDigest">
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option
name="usersProperties">META-INF/jbossws-users.properties</module-option>
+ <module-option
name="rolesProperties">META-INF/jbossws-roles.properties</module-option>
+ <module-option name="hashAlgorithm">SHA</module-option>
+ <module-option
name="hashEncoding">BASE64</module-option>
+ <module-option
name="hashUserPassword">false</module-option>
+ <module-option
name="hashStorePassword">true</module-option>
+ <module-option
name="storeDigestCallback">org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback</module-option>
+ <module-option
name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+</policy>
+