[jboss-cvs] JBossAS SVN: r88672 - in branches/Branch_5_x: messaging/src/etc/deploy/common and 23 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon May 11 16:49:48 EDT 2009
Author: anil.saldhana at jboss.com
Date: 2009-05-11 16:49:47 -0400 (Mon, 11 May 2009)
New Revision: 88672
Added:
branches/Branch_5_x/security/src/etc/bin/
branches/Branch_5_x/security/src/etc/bin/password/
branches/Branch_5_x/security/src/etc/bin/password/password.keystore
branches/Branch_5_x/security/src/etc/bin/password_tool.sh
branches/Branch_5_x/security/src/main/org/jboss/security/integration/JNDIBindingBean.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/DocumentUtil.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/Password.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordTool.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/SecurityActions.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java
branches/Branch_5_x/testsuite/imports/config/tests-password-mask.xml
branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/
branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/
branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java
branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/
branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java
branches/Branch_5_x/testsuite/src/resources/security/password-mask/
branches/Branch_5_x/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_keystore_pass.dat
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/password.keystore
Removed:
branches/Branch_5_x/security/src/etc/bin/password/
branches/Branch_5_x/security/src/etc/bin/password/password.keystore
branches/Branch_5_x/security/src/etc/bin/password_tool.sh
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/DocumentUtil.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/Password.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordTool.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/SecurityActions.java
branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java
branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/
branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java
branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java
branches/Branch_5_x/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_keystore_pass.dat
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat
branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/password.keystore
Modified:
branches/Branch_5_x/build/build-distr.xml
branches/Branch_5_x/messaging/src/etc/deploy/common/messaging-jboss-beans.xml
branches/Branch_5_x/security/.classpath
branches/Branch_5_x/security/build.xml
branches/Branch_5_x/security/pom.xml
branches/Branch_5_x/security/src/assembly/client.xml
branches/Branch_5_x/security/src/etc/deploy/security-jboss-beans.xml
branches/Branch_5_x/server/src/etc/deployers/security-deployer-jboss-beans.xml
branches/Branch_5_x/testsuite/imports/config/configs.xml
branches/Branch_5_x/testsuite/imports/sections/security.xml
branches/Branch_5_x/testsuite/imports/server-config.xml
Log:
JBAS-6857: password masking in xml files backported Merge in rev. 87587, 87588, 8759
Modified: branches/Branch_5_x/build/build-distr.xml
===================================================================
--- branches/Branch_5_x/build/build-distr.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/build/build-distr.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -923,7 +923,6 @@
<property name="_module.name" value="security" override="true"/>
<property name="_module.output" override="true" value="${project.root}/${_module.name}/output"/>
-
<!-- Copy the generated libraries -->
<mkdir dir="${install.all.lib}"/>
<copy todir="${install.all.lib}" filtering="no">
@@ -949,6 +948,19 @@
<include name="*-jboss-beans.xml"/>
</fileset>
</copy>
+
+ <!-- Install JBoss Security Password batch scripts -->
+ <mkdir dir="${install.bin}/password"/>
+ <copy todir="${install.bin}" flatten="true" overwrite="true">
+ <fileset dir="${_module.output}/etc/bin">
+ <include name="password_tool.*"/>
+ </fileset>
+ </copy>
+ <copy todir="${install.bin}/password" flatten="true" overwrite="true">
+ <fileset dir="${_module.output}/etc/bin/password">
+ <include name="*"/>
+ </fileset>
+ </copy>
</target>
<target name="_module-security-all" depends="_module-security-most">
Modified: branches/Branch_5_x/messaging/src/etc/deploy/common/messaging-jboss-beans.xml
===================================================================
--- branches/Branch_5_x/messaging/src/etc/deploy/common/messaging-jboss-beans.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/messaging/src/etc/deploy/common/messaging-jboss-beans.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -32,6 +32,9 @@
<property name="securityManagement"><inject bean="JNDIBasedSecurityManagement"/></property>
<!-- @JMX annotation to export the management view of this bean -->
<annotation>@org.jboss.aop.microcontainer.aspects.jmx.JMX(name="jboss.messaging:service=SecurityStore",exposedInterface=org.jboss.jms.server.jbosssx.JBossASSecurityMetadataStoreMBean.class)</annotation>
+ <!-- Password Annotation to inject the password from the common password utility
+ <annotation>@org.jboss.security.integration.password.Password(securityDomain="messaging",methodName="setSuckerPassword")</annotation>
+ -->
</bean>
<bean name="MessagingDeploymentTemplateInfoFactory"
Modified: branches/Branch_5_x/security/.classpath
===================================================================
--- branches/Branch_5_x/security/.classpath 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/security/.classpath 2009-05-11 20:49:47 UTC (rev 88672)
@@ -13,5 +13,12 @@
<classpathentry kind="lib" path="/thirdparty/jboss/microcontainer/lib/jboss-dependency.jar" sourcepath="/thirdparty/jboss/microcontainer/lib/jboss-dependency-sources.jar"/>
<classpathentry kind="lib" path="/thirdparty/jboss/microcontainer/lib/jboss-kernel.jar" sourcepath="/thirdparty/jboss/microcontainer/lib/jboss-kernel-sources.jar"/>
<classpathentry kind="lib" path="/thirdparty/jboss/security/lib/jbossxacml.jar" sourcepath="/thirdparty/jboss/security/lib/jbossxacml-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/identity/jboss-identity-xmlsec-model/1.0.0.alpha2-SNAPSHOT/jboss-identity-xmlsec-model-1.0.0.alpha2-20090326.171101-2.jar"/>
+ <classpathentry kind="lib" path="/thirdparty/stax-api/lib/stax-api.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/apache/xmlsec/1.4.2/xmlsec-1.4.2.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-logging/commons-logging-api/1.0.3/commons-logging-api-1.0.3.jar"/>
+ <classpathentry kind="lib" path="/thirdparty/apache-xalan/lib/xalan.jar"/>
+ <classpathentry kind="lib" path="/thirdparty/jboss/jboss-mdr/lib/jboss-mdr.jar" sourcepath="/thirdparty/jboss/jboss-mdr/lib/jboss-mdr-sources.jar"/>
+ <classpathentry kind="lib" path="/thirdparty/jboss/aop/lib/jboss-aop.jar" sourcepath="/thirdparty/jboss/aop/lib/jboss-aop-sources.jar"/>
<classpathentry kind="output" path="output/eclipse-classes"/>
</classpath>
Modified: branches/Branch_5_x/security/build.xml
===================================================================
--- branches/Branch_5_x/security/build.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/security/build.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -74,6 +74,7 @@
<path id="library.classpath">
<path refid="apache.log4j.classpath"/>
<path refid="javassist.classpath"/>
+ <path refid="org.apache.classpath"/>
<path refid="sun.jaxb.classpath"/>
</path>
@@ -87,6 +88,7 @@
<!-- The combined dependent module classpath -->
<path id="dependentmodule.classpath">
+ <path refid="jboss.aop.classpath"/>
<path refid="jboss.common.core.classpath"/>
<path refid="jboss.common.logging.spi.classpath"/>
<path refid="jboss.common.logging.log4j.classpath"/>
@@ -227,7 +229,7 @@
<!-- Compile manifests -->
<target name="compile-etc" depends="init">
<mkdir dir="${build.etc}"/>
- <copy todir="${build.etc}" filtering="yes">
+ <copy todir="${build.etc}" >
<fileset dir="${source.etc}">
<include name="**"/>
</fileset>
@@ -286,6 +288,7 @@
<include name="org/jboss/security/srp/jaas/SRPPrincipal.class"/>
<include name="org/jboss/security/ssl/ClientSocketFactory.class"/>
<include name="org/jboss/security/ssl/RMISSLClientSocketFactory.class"/>
+ <include name="org/jboss/security/integration/password/*.class"/>
</fileset>
</jar>
Modified: branches/Branch_5_x/security/pom.xml
===================================================================
--- branches/Branch_5_x/security/pom.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/security/pom.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -22,6 +22,17 @@
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jar-plugin</artifactId>
+ <configuration>
+ <archive>
+ <manifestEntries>
+ <Main-Class>org.jboss.security.integration.password.PM.class</Main-Class>
+ </manifestEntries>
+ </archive>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
@@ -34,6 +45,11 @@
</executions>
<configuration>
<descriptorSourceDirectory>src/assembly</descriptorSourceDirectory>
+ <archive>
+ <manifestEntries>
+ <Main-Class>org.jboss.security.integration.password.PasswordTool</Main-Class>
+ </manifestEntries>
+ </archive>
</configuration>
</plugin>
</plugins>
@@ -105,8 +121,18 @@
<groupId>org.jboss.security</groupId>
<artifactId>jbossxacml</artifactId>
</dependency>
+
+ <dependency>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-mdr</artifactId>
+ </dependency>
<dependency>
+ <groupId>org.apache</groupId>
+ <artifactId>xmlsec</artifactId>
+ </dependency>
+
+ <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
Modified: branches/Branch_5_x/security/src/assembly/client.xml
===================================================================
--- branches/Branch_5_x/security/src/assembly/client.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/security/src/assembly/client.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -32,6 +32,7 @@
<include>org/jboss/security/srp/jaas/SRPPrincipal.class</include>
<include>org/jboss/security/ssl/ClientSocketFactory.class</include>
<include>org/jboss/security/ssl/RMISSLClientSocketFactory.class</include>
+ <include>org/jboss/security/integration/password/*.class</include>
</includes>
<excludes>
<exclude>META-INF/MANIFEST.MF</exclude> <!-- HACK -->
@@ -40,4 +41,4 @@
</excludes>
</fileSet>
</fileSets>
-</assembly>
\ No newline at end of file
+</assembly>
Copied: branches/Branch_5_x/security/src/etc/bin (from rev 87587, trunk/security/src/etc/bin)
Copied: branches/Branch_5_x/security/src/etc/bin/password (from rev 87587, trunk/security/src/etc/bin/password)
Deleted: branches/Branch_5_x/security/src/etc/bin/password/password.keystore
===================================================================
(Binary files differ)
Copied: branches/Branch_5_x/security/src/etc/bin/password/password.keystore (from rev 87587, trunk/security/src/etc/bin/password/password.keystore)
===================================================================
(Binary files differ)
Deleted: branches/Branch_5_x/security/src/etc/bin/password_tool.sh
===================================================================
--- trunk/security/src/etc/bin/password_tool.sh 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/etc/bin/password_tool.sh 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,89 +0,0 @@
-#!/bin/sh
-#
-# JBoss Password Tool
-#
-################################
-
-DIRNAME=`dirname $0`
-PROGNAME=`basename $0`
-
-# OS specific support (must be 'true' or 'false').
-cygwin=false;
-case "`uname`" in
- CYGWIN*)
- cygwin=true
- ;;
-esac
-
-# For Cygwin, ensure paths are in UNIX format before anything is touched
-if $cygwin ; then
- [ -n "$JBOSS_HOME" ] &&
- JBOSS_HOME=`cygpath --unix "$JBOSS_HOME"`
- [ -n "$JAVA_HOME" ] &&
- JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
-fi
-
-# Setup JBOSS_HOME
-if [ "x$JBOSS_HOME" = "x" ]; then
- # get the full path (without any relative bits)
- JBOSS_HOME=`cd $DIRNAME/..; pwd`
-fi
-export JBOSS_HOME
-
-# Setup the JVM
-if [ "x$JAVA" = "x" ]; then
- if [ "x$JAVA_HOME" != "x" ]; then
- JAVA="$JAVA_HOME/bin/java"
- else
- JAVA="java"
- fi
-fi
-
-#JPDA options. Uncomment and modify as appropriate to enable remote debugging .
-#JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=y $JAVA_OPTS"
-
-# Setup JBoss sepecific properties
-JAVA_OPTS="$JAVA_OPTS"
-
-# Setup the java endorsed dirs
-JBOSS_ENDORSED_DIRS="$JBOSS_HOME/lib/endorsed"
-
-###
-# Setup the jboss password tool classpath
-###
-
-# Shared libs
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JAVA_HOME/lib/tools.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/commons-logging.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jboss-logging-spi.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/lib/endorsed/xalan.jar"
-
-# Shared jaxb libs
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/activation.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jaxb-api.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jaxb-impl.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/stax-api.jar"
-
-# Specific dependencies
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/xmlsec.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jbosssx-client.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jbosssx-as-client.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/common/lib/jbosssx.jar"
-JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/common/lib/log4j.jar"
-
-###
-# Execute the JVM
-###
-
-# For Cygwin, switch paths to Windows format before running java
-if $cygwin; then
- JBOSS_HOME=`cygpath --path --windows "$JBOSS_HOME"`
- JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
- JBOSSPASS_CLASSPATH=`cygpath --path --windows "$JBOSSPASS_CLASSPATH"`
- JBOSS_ENDORSED_DIRS=`cygpath --path --windows "$JBOSS_ENDORSED_DIRS"`
-fi
-
-"$JAVA" $JAVA_OPTS \
- -Djava.endorsed.dirs="$JBOSS_ENDORSED_DIRS" \
- -classpath "$JBOSSPASS_CLASSPATH" \
- org.jboss.security.integration.password.PasswordTool "$@"
Copied: branches/Branch_5_x/security/src/etc/bin/password_tool.sh (from rev 87587, trunk/security/src/etc/bin/password_tool.sh)
===================================================================
--- branches/Branch_5_x/security/src/etc/bin/password_tool.sh (rev 0)
+++ branches/Branch_5_x/security/src/etc/bin/password_tool.sh 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,89 @@
+#!/bin/sh
+#
+# JBoss Password Tool
+#
+################################
+
+DIRNAME=`dirname $0`
+PROGNAME=`basename $0`
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false;
+case "`uname`" in
+ CYGWIN*)
+ cygwin=true
+ ;;
+esac
+
+# For Cygwin, ensure paths are in UNIX format before anything is touched
+if $cygwin ; then
+ [ -n "$JBOSS_HOME" ] &&
+ JBOSS_HOME=`cygpath --unix "$JBOSS_HOME"`
+ [ -n "$JAVA_HOME" ] &&
+ JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
+fi
+
+# Setup JBOSS_HOME
+if [ "x$JBOSS_HOME" = "x" ]; then
+ # get the full path (without any relative bits)
+ JBOSS_HOME=`cd $DIRNAME/..; pwd`
+fi
+export JBOSS_HOME
+
+# Setup the JVM
+if [ "x$JAVA" = "x" ]; then
+ if [ "x$JAVA_HOME" != "x" ]; then
+ JAVA="$JAVA_HOME/bin/java"
+ else
+ JAVA="java"
+ fi
+fi
+
+#JPDA options. Uncomment and modify as appropriate to enable remote debugging .
+#JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=y $JAVA_OPTS"
+
+# Setup JBoss sepecific properties
+JAVA_OPTS="$JAVA_OPTS"
+
+# Setup the java endorsed dirs
+JBOSS_ENDORSED_DIRS="$JBOSS_HOME/lib/endorsed"
+
+###
+# Setup the jboss password tool classpath
+###
+
+# Shared libs
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JAVA_HOME/lib/tools.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/commons-logging.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jboss-logging-spi.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/lib/endorsed/xalan.jar"
+
+# Shared jaxb libs
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/activation.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jaxb-api.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jaxb-impl.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/stax-api.jar"
+
+# Specific dependencies
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/xmlsec.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jbosssx-client.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/client/jbosssx-as-client.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/common/lib/jbosssx.jar"
+JBOSSPASS_CLASSPATH="$JBOSSPASS_CLASSPATH:$JBOSS_HOME/common/lib/log4j.jar"
+
+###
+# Execute the JVM
+###
+
+# For Cygwin, switch paths to Windows format before running java
+if $cygwin; then
+ JBOSS_HOME=`cygpath --path --windows "$JBOSS_HOME"`
+ JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
+ JBOSSPASS_CLASSPATH=`cygpath --path --windows "$JBOSSPASS_CLASSPATH"`
+ JBOSS_ENDORSED_DIRS=`cygpath --path --windows "$JBOSS_ENDORSED_DIRS"`
+fi
+
+"$JAVA" $JAVA_OPTS \
+ -Djava.endorsed.dirs="$JBOSS_ENDORSED_DIRS" \
+ -classpath "$JBOSSPASS_CLASSPATH" \
+ org.jboss.security.integration.password.PasswordTool "$@"
Modified: branches/Branch_5_x/security/src/etc/deploy/security-jboss-beans.xml
===================================================================
--- branches/Branch_5_x/security/src/etc/deploy/security-jboss-beans.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/security/src/etc/deploy/security-jboss-beans.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -6,6 +6,40 @@
<annotation>@org.jboss.managed.api.annotation.ManagementDeployment(description="JBossSX Security Beans")</annotation>
+ <!-- Password Mask Management Bean-->
+ <bean name="JBossSecurityPasswordMaskManagement"
+ class="org.jboss.security.integration.password.PasswordMaskManagement" >
+ <property name="keyStoreLocation">password/password.keystore</property>
+ </bean>
+
+ <!-- Support for @Password -->
+ <lifecycle-configure xmlns="urn:jboss:aop-beans:1.0"
+ name="PasswordRegistrationAdvice"
+ class="org.jboss.security.integration.password.PasswordLifecycleCallback"
+ classes="@org.jboss.security.integration.password.Password"
+ manager-bean="AspectManager"
+ manager-property="aspectManager">
+ <property name="passwordManagement"><inject bean="JBossSecurityPasswordMaskManagement"/></property>
+ </lifecycle-configure>
+
+ <lifecycle-create xmlns="urn:jboss:aop-beans:1.0"
+ name="PasswordCreateDestroyAdvice"
+ class="org.jboss.security.integration.password.PasswordLifecycleCallback"
+ classes="@org.jboss.security.integration.password.Password"
+ manager-bean="AspectManager"
+ manager-property="aspectManager">
+ <property name="passwordManagement"><inject bean="JBossSecurityPasswordMaskManagement"/></property>
+ </lifecycle-create>
+
+ <lifecycle-install xmlns="urn:jboss:aop-beans:1.0"
+ name="PasswordStartStopAdvice"
+ class="org.jboss.security.integration.password.PasswordLifecycleCallback"
+ classes="@org.jboss.security.integration.password.Password"
+ manager-bean="AspectManager"
+ manager-property="aspectManager">
+ <property name="passwordManagement"><inject bean="JBossSecurityPasswordMaskManagement"/></property>
+ </lifecycle-install>
+
<!-- Establish the basic XML Based Configuration-->
<bean name="XMLLoginConfig" class="org.jboss.security.auth.login.XMLLoginConfig">
<property name="configResource">login-config.xml</property>
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/JNDIBindingBean.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/JNDIBindingBean.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/JNDIBindingBean.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/JNDIBindingBean.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,92 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration;
+
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+
+import org.apache.log4j.Logger;
+
+/**
+ * Bind into JNDI a bean
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 17, 2009
+ */
+public class JNDIBindingBean
+{
+ private Logger log = Logger.getLogger(JNDIBindingBean.class);
+
+ private String ctx = null;
+ private Object beanObject = null;
+
+ public void setBean(Object bean)
+ {
+ this.beanObject = bean;
+ }
+
+ public void setJNDIContext(String ctx)
+ {
+ this.ctx = ctx;
+ }
+
+ public void start()
+ {
+ if(beanObject == null)
+ throw new RuntimeException("Bean is null");
+ if(ctx == null)
+ throw new RuntimeException("JNDI Ctx name is null");
+ try
+ {
+ InitialContext ic = new InitialContext();
+ ic.bind(ctx, this.beanObject);
+ log.debug("Bound in JNDI:" + this.beanObject.getClass().getCanonicalName()
+ + " in JNDI at " +ctx);
+ }
+ catch (NamingException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public void create()
+ {
+ }
+
+ public void destroy()
+ {
+ }
+
+ public void stop()
+ {
+ try
+ {
+ InitialContext ic = new InitialContext();
+ ic.unbind(ctx);
+ log.debug("Unbound in JNDI:" + this.beanObject.getClass().getCanonicalName()
+ + " in JNDI at " +ctx);
+ }
+ catch (NamingException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password)
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/DocumentUtil.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/DocumentUtil.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/DocumentUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,217 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.InputStream;
-import java.io.Reader;
-import java.io.StringReader;
-import java.io.StringWriter;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.transform.OutputKeys;
-import javax.xml.transform.Result;
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamResult;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.xml.sax.InputSource;
-
-/**
- * Utility dealing with DOM
- * @author Anil.Saldhana at redhat.com
- * @since Jan 14, 2009
- */
-public class DocumentUtil
-{
- /**
- * Create a new document
- * @return
- * @throws Exception
- */
- public static Document createDocument() throws Exception
- {
- DocumentBuilderFactory factory = getFactory();
- DocumentBuilder builder = factory.newDocumentBuilder();
- return builder.newDocument();
- }
-
- /**
- * Parse a document from the string
- * @param docString
- * @return
- * @throws Exception
- */
- public static Document getDocument(String docString) throws Exception
- {
- return getDocument(new StringReader(docString));
- }
-
- /**
- * Parse a document from a reader
- * @param reader
- * @return
- * @throws Exception
- */
- public static Document getDocument(Reader reader) throws Exception
- {
- DocumentBuilderFactory factory = getFactory();
- DocumentBuilder builder = factory.newDocumentBuilder();
- return builder.parse(new InputSource(reader));
- }
-
- /**
- * Get Document from a file
- * @param file
- * @return
- * @throws Exception
- */
- public static Document getDocument(File file) throws Exception
- {
- DocumentBuilderFactory factory = getFactory();
- DocumentBuilder builder = factory.newDocumentBuilder();
-
- builder.setErrorHandler(new SysOutErrorHandler());
- return builder.parse(file);
- }
-
- /**
- * Get Document from an inputstream
- * @param is
- * @return
- * @throws Exception
- */
- public static Document getDocument(InputStream is) throws Exception
- {
- DocumentBuilderFactory factory = getFactory();
- DocumentBuilder builder = factory.newDocumentBuilder();
-
- builder.setErrorHandler(new SysOutErrorHandler());
- return builder.parse(is);
- }
-
- /**
- * Marshall a document into a String
- * @param signedDoc
- * @return
- * @throws Exception
- */
- public static String getDocumentAsString(Document signedDoc) throws Exception
- {
- Source source = new DOMSource(signedDoc);
- StringWriter sw = new StringWriter();
-
- Result streamResult = new StreamResult(sw);
- // Write the DOM document to the stream
- Transformer xformer = TransformerFactory.newInstance().newTransformer();
- xformer.transform(source, streamResult);
-
- return sw.toString();
- }
-
- /**
- * Marshall a DOM Element as string
- * @param element
- * @return
- * @throws Exception
- */
- public static String getDOMElementAsString(Element element) throws Exception
- {
- Source source = new DOMSource(element);
- StringWriter sw = new StringWriter();
-
- Result streamResult = new StreamResult(sw);
- // Write the DOM document to the file
- Transformer xformer = TransformerFactory.newInstance().newTransformer();
- xformer.transform(source, streamResult);
-
- return sw.toString();
- }
-
- /**
- * Stream a DOM Node as an input stream
- * @param node
- * @return
- * @throws Exception
- */
- public static InputStream getNodeAsStream(Node node) throws Exception
- {
- Source source = new DOMSource(node);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
- Result streamResult = new StreamResult(baos);
- // Write the DOM document to the stream
- Transformer transformer = TransformerFactory.newInstance().newTransformer();
- transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
- transformer.transform(source, streamResult);
-
- ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
-
- return bis;
- }
-
- private static DocumentBuilderFactory getFactory()
- {
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- return factory;
- }
-
- /**
- * Error handler for validating parser.
- */
- private static class SysOutErrorHandler implements org.xml.sax.ErrorHandler {
- /**
- * Report the warning to the console.
- */
- public void warning ( org.xml.sax.SAXParseException ex )
- throws org.xml.sax.SAXException {
- System.out.println ( "Warning: " + ex.getMessage ( ) ) ;
- }
-
-
- /**
- * Report the error to the console.
- */
- public void error ( org.xml.sax.SAXParseException ex )
- throws org.xml.sax.SAXException {
- System.out.println ( "Error: " + ex.getMessage ( ) ) ;
- }
-
-
- /**
- * Report the fatal error to the console.
- */
- public void fatalError ( org.xml.sax.SAXParseException ex )
- throws org.xml.sax.SAXException {
- System.out.println ( "Fatal error: " + ex.getMessage ( ) ) ;
- }
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/DocumentUtil.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/DocumentUtil.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/DocumentUtil.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/DocumentUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,217 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.InputStream;
+import java.io.Reader;
+import java.io.StringReader;
+import java.io.StringWriter;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.transform.OutputKeys;
+import javax.xml.transform.Result;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.xml.sax.InputSource;
+
+/**
+ * Utility dealing with DOM
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 14, 2009
+ */
+public class DocumentUtil
+{
+ /**
+ * Create a new document
+ * @return
+ * @throws Exception
+ */
+ public static Document createDocument() throws Exception
+ {
+ DocumentBuilderFactory factory = getFactory();
+ DocumentBuilder builder = factory.newDocumentBuilder();
+ return builder.newDocument();
+ }
+
+ /**
+ * Parse a document from the string
+ * @param docString
+ * @return
+ * @throws Exception
+ */
+ public static Document getDocument(String docString) throws Exception
+ {
+ return getDocument(new StringReader(docString));
+ }
+
+ /**
+ * Parse a document from a reader
+ * @param reader
+ * @return
+ * @throws Exception
+ */
+ public static Document getDocument(Reader reader) throws Exception
+ {
+ DocumentBuilderFactory factory = getFactory();
+ DocumentBuilder builder = factory.newDocumentBuilder();
+ return builder.parse(new InputSource(reader));
+ }
+
+ /**
+ * Get Document from a file
+ * @param file
+ * @return
+ * @throws Exception
+ */
+ public static Document getDocument(File file) throws Exception
+ {
+ DocumentBuilderFactory factory = getFactory();
+ DocumentBuilder builder = factory.newDocumentBuilder();
+
+ builder.setErrorHandler(new SysOutErrorHandler());
+ return builder.parse(file);
+ }
+
+ /**
+ * Get Document from an inputstream
+ * @param is
+ * @return
+ * @throws Exception
+ */
+ public static Document getDocument(InputStream is) throws Exception
+ {
+ DocumentBuilderFactory factory = getFactory();
+ DocumentBuilder builder = factory.newDocumentBuilder();
+
+ builder.setErrorHandler(new SysOutErrorHandler());
+ return builder.parse(is);
+ }
+
+ /**
+ * Marshall a document into a String
+ * @param signedDoc
+ * @return
+ * @throws Exception
+ */
+ public static String getDocumentAsString(Document signedDoc) throws Exception
+ {
+ Source source = new DOMSource(signedDoc);
+ StringWriter sw = new StringWriter();
+
+ Result streamResult = new StreamResult(sw);
+ // Write the DOM document to the stream
+ Transformer xformer = TransformerFactory.newInstance().newTransformer();
+ xformer.transform(source, streamResult);
+
+ return sw.toString();
+ }
+
+ /**
+ * Marshall a DOM Element as string
+ * @param element
+ * @return
+ * @throws Exception
+ */
+ public static String getDOMElementAsString(Element element) throws Exception
+ {
+ Source source = new DOMSource(element);
+ StringWriter sw = new StringWriter();
+
+ Result streamResult = new StreamResult(sw);
+ // Write the DOM document to the file
+ Transformer xformer = TransformerFactory.newInstance().newTransformer();
+ xformer.transform(source, streamResult);
+
+ return sw.toString();
+ }
+
+ /**
+ * Stream a DOM Node as an input stream
+ * @param node
+ * @return
+ * @throws Exception
+ */
+ public static InputStream getNodeAsStream(Node node) throws Exception
+ {
+ Source source = new DOMSource(node);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ Result streamResult = new StreamResult(baos);
+ // Write the DOM document to the stream
+ Transformer transformer = TransformerFactory.newInstance().newTransformer();
+ transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
+ transformer.transform(source, streamResult);
+
+ ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
+
+ return bis;
+ }
+
+ private static DocumentBuilderFactory getFactory()
+ {
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ return factory;
+ }
+
+ /**
+ * Error handler for validating parser.
+ */
+ private static class SysOutErrorHandler implements org.xml.sax.ErrorHandler {
+ /**
+ * Report the warning to the console.
+ */
+ public void warning ( org.xml.sax.SAXParseException ex )
+ throws org.xml.sax.SAXException {
+ System.out.println ( "Warning: " + ex.getMessage ( ) ) ;
+ }
+
+
+ /**
+ * Report the error to the console.
+ */
+ public void error ( org.xml.sax.SAXParseException ex )
+ throws org.xml.sax.SAXException {
+ System.out.println ( "Error: " + ex.getMessage ( ) ) ;
+ }
+
+
+ /**
+ * Report the fatal error to the console.
+ */
+ public void fatalError ( org.xml.sax.SAXParseException ex )
+ throws org.xml.sax.SAXException {
+ System.out.println ( "Fatal error: " + ex.getMessage ( ) ) ;
+ }
+ }
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,50 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-
-/**
- * Utility to generate symmetric key
- * @author Anil.Saldhana at redhat.com
- * @since Feb 4, 2009
- */
-public class EncryptionKeyUtil
-{
- /**
- * Generate a secret key useful for encryption/decryption
- * @param encAlgo
- * @param keySize Length of the key (if 0, defaults to 128 bits)
- * @return
- * @throws Exception
- */
- public static SecretKey getSecretKey(String encAlgo, int keySize) throws Exception
- {
- KeyGenerator keyGenerator = KeyGenerator.getInstance(encAlgo);
- if(keySize == 0)
- keySize = 128;
- keyGenerator.init(keySize);
- return keyGenerator.generateKey();
- }
-
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/EncryptionKeyUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+
+/**
+ * Utility to generate symmetric key
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 4, 2009
+ */
+public class EncryptionKeyUtil
+{
+ /**
+ * Generate a secret key useful for encryption/decryption
+ * @param encAlgo
+ * @param keySize Length of the key (if 0, defaults to 128 bits)
+ * @return
+ * @throws Exception
+ */
+ public static SecretKey getSecretKey(String encAlgo, int keySize) throws Exception
+ {
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(encAlgo);
+ if(keySize == 0)
+ keySize = 128;
+ keyGenerator.init(keySize);
+ return keyGenerator.generateKey();
+ }
+
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,157 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.cert.Certificate;
-
-/**
- * Utility to handle Java Keystore
- * @author Anil.Saldhana at redhat.com
- * @since Jan 12, 2009
- */
-public class KeyStoreUtil
-{
- /**
- * Create a Keystore
- * @param storePass
- * @throws Exception
- */
- public static void createKeyStore(String path, char[] storePass) throws Exception
- {
- KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
- ks.load(null, storePass); //creates an empty keystore
-
- ks.store(new FileOutputStream(new File(path)), storePass);
- System.out.println("Keystore created");
- }
-
- /**
- * Get the Keystore given the url to the keystore file as a string
- * @param fileURL
- * @param storePass
- * @return
- * @throws GeneralSecurityException
- * @throws IOException
- */
- public static KeyStore getKeyStore(String fileURL, char[] storePass) throws GeneralSecurityException, IOException
- {
- if(fileURL == null)
- throw new IllegalArgumentException("fileURL is null");
-
- File file = new File(fileURL);
- FileInputStream fis = new FileInputStream(file);
- return getKeyStore(fis,storePass);
- }
-
- /**
- * Get the Keystore given the URL to the keystore
- * @param url
- * @param storePass
- * @return
- * @throws GeneralSecurityException
- * @throws IOException
- */
- public static KeyStore getKeyStore(URL url, char[] storePass) throws GeneralSecurityException, IOException
- {
- if(url == null)
- throw new IllegalArgumentException("url is null");
-
- return getKeyStore(url.openStream(), storePass);
- }
-
- /**
- * Get the Key Store
- * <b>Note:</b> This method wants the InputStream to be not null.
- * @param ksStream
- * @param storePass
- * @return
- * @throws GeneralSecurityException
- * @throws IOException
- * @throws IllegalArgumentException if ksStream is null
- */
- public static KeyStore getKeyStore(InputStream ksStream, char[] storePass) throws GeneralSecurityException, IOException
- {
- if(ksStream == null)
- throw new IllegalArgumentException("InputStream for the KeyStore is null");
- KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
- ks.load(ksStream, storePass);
- return ks;
- }
-
- /**
- * Generate a Key Pair
- * @param algo (RSA, DSA etc)
- * @return
- * @throws Exception
- */
- public static KeyPair generateKeyPair(String algo) throws Exception
- {
- KeyPairGenerator kpg = KeyPairGenerator.getInstance(algo);
- return kpg.genKeyPair();
- }
-
- /**
- * Get the Public Key from the keystore
- * @param ks
- * @param alias
- * @param password
- * @return
- * @throws Exception
- */
- public static PublicKey getPublicKey(KeyStore ks, String alias, char[] password) throws Exception
- {
- PublicKey publicKey = null;
-
- // Get private key
- Key key = ks.getKey(alias, password);
- if (key instanceof PrivateKey)
- {
- // Get certificate of public key
- Certificate cert = ks.getCertificate(alias);
-
- // Get public key
- publicKey = cert.getPublicKey();
- }
-
- return publicKey;
- }
-
- public static void storeKeyPair(KeyStore ks, String alias,
- PublicKey publicKey, PrivateKey privateKey, char[] pass)
- throws Exception
- {
- ks.setKeyEntry(alias, privateKey, pass, null);
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/KeyStoreUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,157 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.Key;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.cert.Certificate;
+
+/**
+ * Utility to handle Java Keystore
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 12, 2009
+ */
+public class KeyStoreUtil
+{
+ /**
+ * Create a Keystore
+ * @param storePass
+ * @throws Exception
+ */
+ public static void createKeyStore(String path, char[] storePass) throws Exception
+ {
+ KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ ks.load(null, storePass); //creates an empty keystore
+
+ ks.store(new FileOutputStream(new File(path)), storePass);
+ System.out.println("Keystore created");
+ }
+
+ /**
+ * Get the Keystore given the url to the keystore file as a string
+ * @param fileURL
+ * @param storePass
+ * @return
+ * @throws GeneralSecurityException
+ * @throws IOException
+ */
+ public static KeyStore getKeyStore(String fileURL, char[] storePass) throws GeneralSecurityException, IOException
+ {
+ if(fileURL == null)
+ throw new IllegalArgumentException("fileURL is null");
+
+ File file = new File(fileURL);
+ FileInputStream fis = new FileInputStream(file);
+ return getKeyStore(fis,storePass);
+ }
+
+ /**
+ * Get the Keystore given the URL to the keystore
+ * @param url
+ * @param storePass
+ * @return
+ * @throws GeneralSecurityException
+ * @throws IOException
+ */
+ public static KeyStore getKeyStore(URL url, char[] storePass) throws GeneralSecurityException, IOException
+ {
+ if(url == null)
+ throw new IllegalArgumentException("url is null");
+
+ return getKeyStore(url.openStream(), storePass);
+ }
+
+ /**
+ * Get the Key Store
+ * <b>Note:</b> This method wants the InputStream to be not null.
+ * @param ksStream
+ * @param storePass
+ * @return
+ * @throws GeneralSecurityException
+ * @throws IOException
+ * @throws IllegalArgumentException if ksStream is null
+ */
+ public static KeyStore getKeyStore(InputStream ksStream, char[] storePass) throws GeneralSecurityException, IOException
+ {
+ if(ksStream == null)
+ throw new IllegalArgumentException("InputStream for the KeyStore is null");
+ KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ ks.load(ksStream, storePass);
+ return ks;
+ }
+
+ /**
+ * Generate a Key Pair
+ * @param algo (RSA, DSA etc)
+ * @return
+ * @throws Exception
+ */
+ public static KeyPair generateKeyPair(String algo) throws Exception
+ {
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance(algo);
+ return kpg.genKeyPair();
+ }
+
+ /**
+ * Get the Public Key from the keystore
+ * @param ks
+ * @param alias
+ * @param password
+ * @return
+ * @throws Exception
+ */
+ public static PublicKey getPublicKey(KeyStore ks, String alias, char[] password) throws Exception
+ {
+ PublicKey publicKey = null;
+
+ // Get private key
+ Key key = ks.getKey(alias, password);
+ if (key instanceof PrivateKey)
+ {
+ // Get certificate of public key
+ Certificate cert = ks.getCertificate(alias);
+
+ // Get public key
+ publicKey = cert.getPublicKey();
+ }
+
+ return publicKey;
+ }
+
+ public static void storeKeyPair(KeyStore ks, String alias,
+ PublicKey publicKey, PrivateKey privateKey, char[] pass)
+ throws Exception
+ {
+ ks.setKeyEntry(alias, privateKey, pass, null);
+ }
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/Password.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/Password.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/Password.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,51 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-
-/**
- * @author Anil.Saldhana at redhat.com
- * @since Apr 1, 2009
- */
- at Retention(RetentionPolicy.RUNTIME)
- at Target({ElementType.TYPE, ElementType.METHOD, ElementType.FIELD})
-public @interface Password
-{
- /**
- * Security Domain
- * Defaults to other
- * @return
- */
- String securityDomain() default "other";
-
- /**
- * Name of the method
- * that represents the password
- * @return
- */
- String methodName();
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/Password.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/Password.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/Password.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/Password.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+
+/**
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 1, 2009
+ */
+ at Retention(RetentionPolicy.RUNTIME)
+ at Target({ElementType.TYPE, ElementType.METHOD, ElementType.FIELD})
+public @interface Password
+{
+ /**
+ * Security Domain
+ * Defaults to other
+ * @return
+ */
+ String securityDomain() default "other";
+
+ /**
+ * Name of the method
+ * that represents the password
+ * @return
+ */
+ String methodName();
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,151 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.lang.reflect.Method;
-
-import org.jboss.aop.joinpoint.Invocation;
-import org.jboss.aop.joinpoint.MethodInvocation;
-import org.jboss.dependency.spi.ControllerContext;
-import org.jboss.kernel.spi.dependency.KernelControllerContext;
-import org.jboss.logging.Logger;
-import org.jboss.metadata.spi.MetaData;
-
-/**
- * AOP Lifecycle callback for the @Password annotation
- * @author Anil.Saldhana at redhat.com
- * @since Apr 1, 2009
- */
-public class PasswordLifecycleCallback
-{
- private static final Logger log = Logger.getLogger(PasswordLifecycleCallback.class);
-
- private PasswordMaskManagement passwordManagement = null;
-
- /**
- * Set the Password Mask Management bean
- * @param passwordManagement
- */
- public void setPasswordManagement(PasswordMaskManagement passwordManagement)
- {
- this.passwordManagement = passwordManagement;
- }
-
- /**
- * Bind the target on setKernelControllerContext, unbind on any other method provided that
- * the invocation has a Password annotation.
- *
- * @param invocation the invocation
- * @return the result
- * @throws Throwable for any error
- */
- public Object invoke(Invocation invocation) throws Throwable
- {
- MethodInvocation mi = (MethodInvocation) invocation;
- KernelControllerContext context = (KernelControllerContext) mi.getArguments()[0];
-
- boolean trace = log.isTraceEnabled();
- Password passwordAnnotation = (Password) invocation.resolveClassAnnotation(Password.class);
- if( trace )
- log.trace("Checking method: "+mi.getMethod()+", bindingInfo: "+passwordAnnotation);
-
- // If this is the setKernelControllerContext callback, set the password
- if ("setKernelControllerContext".equals(mi.getMethod().getName()) && passwordAnnotation != null)
- {
- //Get the password
- String securityDomain = passwordAnnotation.securityDomain();
- char[] passwd = this.passwordManagement.getPassword(securityDomain);
-
- Object target = context.getTarget();
- this.setPassword(target, passwordAnnotation, passwd);
- }
- // If this is the unsetKernelControllerContext callback, unbind the target
- else if( passwordAnnotation != null )
- {
- log.trace("Ignoring unsetKernelControllerContext callback");
- }
- else if ( trace )
- {
- log.trace("Ignoring null password info");
- }
-
- return null;
- }
-
- public void install(ControllerContext context) throws Exception
- {
- //Get the password
- Password passwordAnnotation = readPasswordAnnotation(context);
- boolean trace = log.isTraceEnabled();
- if( trace )
- log.trace("Binding into JNDI: " + context.getName() + ", passwordInfo: " + passwordAnnotation);
-
- String securityDomain = passwordAnnotation.securityDomain();
-
- char[] passwd = this.passwordManagement.getPassword(securityDomain);
-
- if(passwd == null)
- log.trace("Password does not exist for security domain=" + securityDomain);
- //The bean in question is the target
- String methodName = passwordAnnotation.methodName();
- Object target = context.getTarget();
- if(trace)
- {
- log.trace("Trying to set password on " + target + " with method :" + methodName);
- }
- this.setPassword(target, passwordAnnotation, passwd);
- }
-
- public void uninstall(ControllerContext context) throws Exception
- {
- //ignore
- }
-
-
- private Password readPasswordAnnotation(ControllerContext context) throws Exception
- {
- MetaData metaData = context.getScopeInfo().getMetaData();
- if (metaData != null)
- return metaData.getAnnotation(Password.class);
- return null;
- }
-
- private void setPassword(Object target, Password passwordAnnotation, char[] passwd) throws Exception
- {
- Class<?> clazz = target.getClass();
- String methodName = passwordAnnotation.methodName();
- if(methodName == null)
- throw new IllegalStateException("methodName " + methodName + " not configured on " +
- "the Password annotation for target:" + clazz);
- Method m = SecurityActions.getMethod(clazz, methodName);
-
- try
- {
- m.invoke(target, new Object[] {passwd});
- }
- catch(Exception e)
- {
- log.trace("Error setting password on " + clazz + ". Will try the string version.");
- m.invoke(target, new Object[] { new String(passwd)} );
- }
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordLifecycleCallback.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,151 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.lang.reflect.Method;
+
+import org.jboss.aop.joinpoint.Invocation;
+import org.jboss.aop.joinpoint.MethodInvocation;
+import org.jboss.dependency.spi.ControllerContext;
+import org.jboss.kernel.spi.dependency.KernelControllerContext;
+import org.jboss.logging.Logger;
+import org.jboss.metadata.spi.MetaData;
+
+/**
+ * AOP Lifecycle callback for the @Password annotation
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 1, 2009
+ */
+public class PasswordLifecycleCallback
+{
+ private static final Logger log = Logger.getLogger(PasswordLifecycleCallback.class);
+
+ private PasswordMaskManagement passwordManagement = null;
+
+ /**
+ * Set the Password Mask Management bean
+ * @param passwordManagement
+ */
+ public void setPasswordManagement(PasswordMaskManagement passwordManagement)
+ {
+ this.passwordManagement = passwordManagement;
+ }
+
+ /**
+ * Bind the target on setKernelControllerContext, unbind on any other method provided that
+ * the invocation has a Password annotation.
+ *
+ * @param invocation the invocation
+ * @return the result
+ * @throws Throwable for any error
+ */
+ public Object invoke(Invocation invocation) throws Throwable
+ {
+ MethodInvocation mi = (MethodInvocation) invocation;
+ KernelControllerContext context = (KernelControllerContext) mi.getArguments()[0];
+
+ boolean trace = log.isTraceEnabled();
+ Password passwordAnnotation = (Password) invocation.resolveClassAnnotation(Password.class);
+ if( trace )
+ log.trace("Checking method: "+mi.getMethod()+", bindingInfo: "+passwordAnnotation);
+
+ // If this is the setKernelControllerContext callback, set the password
+ if ("setKernelControllerContext".equals(mi.getMethod().getName()) && passwordAnnotation != null)
+ {
+ //Get the password
+ String securityDomain = passwordAnnotation.securityDomain();
+ char[] passwd = this.passwordManagement.getPassword(securityDomain);
+
+ Object target = context.getTarget();
+ this.setPassword(target, passwordAnnotation, passwd);
+ }
+ // If this is the unsetKernelControllerContext callback, unbind the target
+ else if( passwordAnnotation != null )
+ {
+ log.trace("Ignoring unsetKernelControllerContext callback");
+ }
+ else if ( trace )
+ {
+ log.trace("Ignoring null password info");
+ }
+
+ return null;
+ }
+
+ public void install(ControllerContext context) throws Exception
+ {
+ //Get the password
+ Password passwordAnnotation = readPasswordAnnotation(context);
+ boolean trace = log.isTraceEnabled();
+ if( trace )
+ log.trace("Binding into JNDI: " + context.getName() + ", passwordInfo: " + passwordAnnotation);
+
+ String securityDomain = passwordAnnotation.securityDomain();
+
+ char[] passwd = this.passwordManagement.getPassword(securityDomain);
+
+ if(passwd == null)
+ log.trace("Password does not exist for security domain=" + securityDomain);
+ //The bean in question is the target
+ String methodName = passwordAnnotation.methodName();
+ Object target = context.getTarget();
+ if(trace)
+ {
+ log.trace("Trying to set password on " + target + " with method :" + methodName);
+ }
+ this.setPassword(target, passwordAnnotation, passwd);
+ }
+
+ public void uninstall(ControllerContext context) throws Exception
+ {
+ //ignore
+ }
+
+
+ private Password readPasswordAnnotation(ControllerContext context) throws Exception
+ {
+ MetaData metaData = context.getScopeInfo().getMetaData();
+ if (metaData != null)
+ return metaData.getAnnotation(Password.class);
+ return null;
+ }
+
+ private void setPassword(Object target, Password passwordAnnotation, char[] passwd) throws Exception
+ {
+ Class<?> clazz = target.getClass();
+ String methodName = passwordAnnotation.methodName();
+ if(methodName == null)
+ throw new IllegalStateException("methodName " + methodName + " not configured on " +
+ "the Password annotation for target:" + clazz);
+ Method m = SecurityActions.getMethod(clazz, methodName);
+
+ try
+ {
+ m.invoke(target, new Object[] {passwd});
+ }
+ catch(Exception e)
+ {
+ log.trace("Error setting password on " + clazz + ". Will try the string version.");
+ m.invoke(target, new Object[] { new String(passwd)} );
+ }
+ }
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,364 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URL;
-import java.security.KeyPair;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-import java.util.Map.Entry;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-
-import org.apache.log4j.Logger;
-import org.jboss.security.plugins.FilePassword;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-/**
- * Manages masking the password for xml configuration files
- * @author Anil.Saldhana at redhat.com
- * @since Mar 26, 2009
- */
-public class PasswordMaskManagement
-{
- private Logger log = Logger.getLogger(PasswordMaskManagement.class);
-
- private Map<String,char[]> passwordMap = new HashMap<String,char[]>();
- private KeyStore keystore;
-
- private String alias = "jboss";
-
- private String passwordEncryptedFileName = "password/jboss_password_enc.dat";
-
- static String keystorePassEncFileName = "password/jboss_keystore_pass.dat";
-
- private String keystoreLocation = "password/password.keystore";
-
- KeyPair kp = null;
- private char[] storePass;
-
-
- public PasswordMaskManagement()
- {
- }
-
- //Public Methods
- public void setKeyStoreDetails(String location, String alias) throws Exception
- {
- if(location == null)
- throw new IllegalArgumentException("location is null");
- this.keystoreLocation = location;
- this.alias = alias;
- this.ensureKeyStore();
- }
- public void setKeyStoreDetails(String location, char[] storePass, String alias) throws Exception
- {
- if(location == null)
- throw new IllegalArgumentException("location is null");
- this.keystore = KeyStoreUtil.getKeyStore(location, storePass);
- this.storePass = storePass;
- this.alias = alias;
- load();
- }
-
- public void setKeyStoreLocation(String location)
- {
- if(location == null)
- throw new IllegalArgumentException("location is null");
- this.keystoreLocation = location;
- }
-
- public void setKeyStoreAlias(String alias)
- {
- if(alias == null)
- throw new IllegalArgumentException("alias is null");
- this.alias = alias;
- }
-
- /**
- * Customize the location where the encrypted
- * password file needs to be stored
- * @param pefn
- */
- public void setPasswordEncryptedFileName(String pefn)
- {
- this.passwordEncryptedFileName = pefn;
- }
-
- /**
- * Customize the location where the encrypted
- * keystore password file is stored
- * @param kpe
- */
- public void setKeyStorePasswordEncryptedFileName(String kpe)
- {
- keystorePassEncFileName = kpe;
- }
-
- //Package protected Methods
-
- /**
- * Whether a security domain exists
- * in the password map
- * @param securityDomain
- * @return
- */
- boolean exists(String securityDomain)
- {
- return this.passwordMap.containsKey(securityDomain);
- }
-
- /**
- * Check whether the keystore exists
- * @return
- */
- boolean keyStoreExists()
- {
- return this.keystore != null;
- }
-
- /**
- * Get the password
- * @param securityDomain
- * @return
- * @throws Exception
- */
- char[] getPassword(String securityDomain) throws Exception
- {
- if(keystore == null)
- {
- if(this.storePass == null)
- this.ensureKeyStore();
- if(passwordMap.size() == 0)
- load();
- }
-
- return passwordMap.get(securityDomain);
- }
-
- void storePassword(String securityDomain, char[] pass)
- {
- this.passwordMap.put(securityDomain, pass);
- }
-
- void removePassword(String domainToRemove)
- {
- this.passwordMap.remove(domainToRemove);
- }
-
- void load() throws Exception
- {
- Document doc = loadPasswordEncryptedDocument();
- if(doc == null)
- {
- log.trace(this.passwordEncryptedFileName + " does not exist");
- return;
- }
- if(keystore == null)
- {
- System.out.println("Keystore is null. Please specify keystore below:");
- return;
- }
-
- PrivateKey privateKey = (PrivateKey) keystore.getKey(this.alias, this.storePass);
-
- if(privateKey == null)
- throw new IllegalStateException("private key not found");
-
- Document decryptedDoc = XMLEncryptionUtil.decrypt(doc, privateKey);
-
- NodeList nl = decryptedDoc.getDocumentElement().getElementsByTagName("entry");
- int len = nl != null ? nl.getLength() : 0;
-
- System.out.println("Loading domains [");
- for(int i = 0; i < len; i++)
- {
- Element n = (Element) nl.item(i);
- String name = n.getAttribute("name");
- System.out.println(name + ",");
- this.passwordMap.put(name, n.getAttribute("pass").toCharArray());
- }
-
- System.out.println("]");
- }
-
- void store() throws Exception
- {
- if(this.keystore == null)
- {
- System.out.println("Keystore is null. Cannot store.");
- return;
- }
- StringBuilder builder = new StringBuilder();
-
- Document doc = DocumentUtil.createDocument();
- Element el = doc.createElementNS(null, "pass-map");
- doc.appendChild(el);
-
- System.out.println("Storing domains [");
- Set<Entry<String,char[]>> entries = this.passwordMap.entrySet();
- for(Entry<String,char[]> e: entries)
- {
- Element entry = doc.createElementNS(null, "entry");
-
- System.out.println(e.getKey()+",");
- entry.setAttributeNS(null, "name", e.getKey());
- entry.setAttributeNS(null, "pass", new String(e.getValue()));
-
- el.appendChild(entry);
- }
- builder.append("</pass-map>");
-
- System.out.println("]");
-
- SecretKey skey = this.getSecretKey("AES", 128);
-
- PublicKey pk = KeyStoreUtil.getPublicKey(keystore, alias, storePass);
- if(pk == null)
- throw new RuntimeException("public key is null");
- XMLEncryptionUtil.encrypt(doc, skey, pk, 128);
-
- storePasswordEncryptedDocument(doc);
- }
-
- void ensurePasswordFile() throws Exception
- {
- try
- {
- this.loadPasswordEncryptedDocument();
- }
- catch(FileNotFoundException e)
- {
- //Just create the file
- File file = new File(passwordEncryptedFileName);
- if(file.exists() == false)
- file.createNewFile();
- }
- }
-
- void ensureKeyStore() throws Exception
- {
- if(keystore == null)
- {
- if(keystoreLocation == null)
- throw new IllegalStateException("KeyStore Location is null");
- //Get the keystore passwd
- FilePassword fp = null;
- try
- {
- fp = new FilePassword(keystorePassEncFileName);
- this.storePass = fp.toCharArray();
- }
- catch(IOException eof)
- {
- //Try the TCL
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- URL resLocation = tcl.getResource(keystorePassEncFileName);
- fp = new FilePassword(resLocation.toExternalForm());
- this.storePass = fp.toCharArray();
- }
-
- if(this.storePass == null)
- throw new IllegalStateException("Keystore password is null");
- this.keystore = KeyStoreUtil.getKeyStore(keystoreLocation, storePass);
- }
- }
-
- /**
- * Generate a secret key useful for encryption/decryption
- * @param encAlgo
- * @param keySize Length of the key (if 0, defaults to 128 bits)
- * @return
- * @throws Exception
- */
- private SecretKey getSecretKey(String encAlgo, int keySize) throws Exception
- {
- KeyGenerator keyGenerator = KeyGenerator.getInstance(encAlgo);
- if(keySize == 0)
- keySize = 128;
- keyGenerator.init(keySize);
- return keyGenerator.generateKey();
- }
-
- private Document loadPasswordEncryptedDocument() throws Exception
- {
- Document doc = null;
- File docFile = new File(this.passwordEncryptedFileName);
-
- if(docFile == null || docFile.exists() == false)
- {
- //Try the TCL
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- InputStream is = tcl.getResourceAsStream(passwordEncryptedFileName);
- if(is == null)
- throw new FileNotFoundException("Encrypted password file not located");
- doc = DocumentUtil.getDocument(is);
- }
- else
- {
- doc = DocumentUtil.getDocument(docFile);
- }
- return doc;
- }
-
- private void storePasswordEncryptedDocument(Document doc) throws Exception
- {
- byte[] data = DocumentUtil.getDocumentAsString(doc).getBytes();
- FileOutputStream faos = null;
-
- //Try the url route
- try
- {
- URL url = new URL(this.passwordEncryptedFileName);
- File file = new File(url.toString());
- faos = new FileOutputStream(file);
- faos.write(data);
- faos.flush();
- faos.close();
- }
- catch(Exception e)
- {
- if(faos == null)
- faos = new FileOutputStream(new File(passwordEncryptedFileName));
- }
- finally
- {
- if(faos == null)
- throw new RuntimeException("File Output Stream is null");
- faos.write(data);
- faos.flush();
- faos.close();
- }
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordMaskManagement.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,364 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.KeyPair;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+import java.util.Map.Entry;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+
+import org.apache.log4j.Logger;
+import org.jboss.security.plugins.FilePassword;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+/**
+ * Manages masking the password for xml configuration files
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 26, 2009
+ */
+public class PasswordMaskManagement
+{
+ private Logger log = Logger.getLogger(PasswordMaskManagement.class);
+
+ private Map<String,char[]> passwordMap = new HashMap<String,char[]>();
+ private KeyStore keystore;
+
+ private String alias = "jboss";
+
+ private String passwordEncryptedFileName = "password/jboss_password_enc.dat";
+
+ static String keystorePassEncFileName = "password/jboss_keystore_pass.dat";
+
+ private String keystoreLocation = "password/password.keystore";
+
+ KeyPair kp = null;
+ private char[] storePass;
+
+
+ public PasswordMaskManagement()
+ {
+ }
+
+ //Public Methods
+ public void setKeyStoreDetails(String location, String alias) throws Exception
+ {
+ if(location == null)
+ throw new IllegalArgumentException("location is null");
+ this.keystoreLocation = location;
+ this.alias = alias;
+ this.ensureKeyStore();
+ }
+ public void setKeyStoreDetails(String location, char[] storePass, String alias) throws Exception
+ {
+ if(location == null)
+ throw new IllegalArgumentException("location is null");
+ this.keystore = KeyStoreUtil.getKeyStore(location, storePass);
+ this.storePass = storePass;
+ this.alias = alias;
+ load();
+ }
+
+ public void setKeyStoreLocation(String location)
+ {
+ if(location == null)
+ throw new IllegalArgumentException("location is null");
+ this.keystoreLocation = location;
+ }
+
+ public void setKeyStoreAlias(String alias)
+ {
+ if(alias == null)
+ throw new IllegalArgumentException("alias is null");
+ this.alias = alias;
+ }
+
+ /**
+ * Customize the location where the encrypted
+ * password file needs to be stored
+ * @param pefn
+ */
+ public void setPasswordEncryptedFileName(String pefn)
+ {
+ this.passwordEncryptedFileName = pefn;
+ }
+
+ /**
+ * Customize the location where the encrypted
+ * keystore password file is stored
+ * @param kpe
+ */
+ public void setKeyStorePasswordEncryptedFileName(String kpe)
+ {
+ keystorePassEncFileName = kpe;
+ }
+
+ //Package protected Methods
+
+ /**
+ * Whether a security domain exists
+ * in the password map
+ * @param securityDomain
+ * @return
+ */
+ boolean exists(String securityDomain)
+ {
+ return this.passwordMap.containsKey(securityDomain);
+ }
+
+ /**
+ * Check whether the keystore exists
+ * @return
+ */
+ boolean keyStoreExists()
+ {
+ return this.keystore != null;
+ }
+
+ /**
+ * Get the password
+ * @param securityDomain
+ * @return
+ * @throws Exception
+ */
+ char[] getPassword(String securityDomain) throws Exception
+ {
+ if(keystore == null)
+ {
+ if(this.storePass == null)
+ this.ensureKeyStore();
+ if(passwordMap.size() == 0)
+ load();
+ }
+
+ return passwordMap.get(securityDomain);
+ }
+
+ void storePassword(String securityDomain, char[] pass)
+ {
+ this.passwordMap.put(securityDomain, pass);
+ }
+
+ void removePassword(String domainToRemove)
+ {
+ this.passwordMap.remove(domainToRemove);
+ }
+
+ void load() throws Exception
+ {
+ Document doc = loadPasswordEncryptedDocument();
+ if(doc == null)
+ {
+ log.trace(this.passwordEncryptedFileName + " does not exist");
+ return;
+ }
+ if(keystore == null)
+ {
+ System.out.println("Keystore is null. Please specify keystore below:");
+ return;
+ }
+
+ PrivateKey privateKey = (PrivateKey) keystore.getKey(this.alias, this.storePass);
+
+ if(privateKey == null)
+ throw new IllegalStateException("private key not found");
+
+ Document decryptedDoc = XMLEncryptionUtil.decrypt(doc, privateKey);
+
+ NodeList nl = decryptedDoc.getDocumentElement().getElementsByTagName("entry");
+ int len = nl != null ? nl.getLength() : 0;
+
+ System.out.println("Loading domains [");
+ for(int i = 0; i < len; i++)
+ {
+ Element n = (Element) nl.item(i);
+ String name = n.getAttribute("name");
+ System.out.println(name + ",");
+ this.passwordMap.put(name, n.getAttribute("pass").toCharArray());
+ }
+
+ System.out.println("]");
+ }
+
+ void store() throws Exception
+ {
+ if(this.keystore == null)
+ {
+ System.out.println("Keystore is null. Cannot store.");
+ return;
+ }
+ StringBuilder builder = new StringBuilder();
+
+ Document doc = DocumentUtil.createDocument();
+ Element el = doc.createElementNS(null, "pass-map");
+ doc.appendChild(el);
+
+ System.out.println("Storing domains [");
+ Set<Entry<String,char[]>> entries = this.passwordMap.entrySet();
+ for(Entry<String,char[]> e: entries)
+ {
+ Element entry = doc.createElementNS(null, "entry");
+
+ System.out.println(e.getKey()+",");
+ entry.setAttributeNS(null, "name", e.getKey());
+ entry.setAttributeNS(null, "pass", new String(e.getValue()));
+
+ el.appendChild(entry);
+ }
+ builder.append("</pass-map>");
+
+ System.out.println("]");
+
+ SecretKey skey = this.getSecretKey("AES", 128);
+
+ PublicKey pk = KeyStoreUtil.getPublicKey(keystore, alias, storePass);
+ if(pk == null)
+ throw new RuntimeException("public key is null");
+ XMLEncryptionUtil.encrypt(doc, skey, pk, 128);
+
+ storePasswordEncryptedDocument(doc);
+ }
+
+ void ensurePasswordFile() throws Exception
+ {
+ try
+ {
+ this.loadPasswordEncryptedDocument();
+ }
+ catch(FileNotFoundException e)
+ {
+ //Just create the file
+ File file = new File(passwordEncryptedFileName);
+ if(file.exists() == false)
+ file.createNewFile();
+ }
+ }
+
+ void ensureKeyStore() throws Exception
+ {
+ if(keystore == null)
+ {
+ if(keystoreLocation == null)
+ throw new IllegalStateException("KeyStore Location is null");
+ //Get the keystore passwd
+ FilePassword fp = null;
+ try
+ {
+ fp = new FilePassword(keystorePassEncFileName);
+ this.storePass = fp.toCharArray();
+ }
+ catch(IOException eof)
+ {
+ //Try the TCL
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ URL resLocation = tcl.getResource(keystorePassEncFileName);
+ fp = new FilePassword(resLocation.toExternalForm());
+ this.storePass = fp.toCharArray();
+ }
+
+ if(this.storePass == null)
+ throw new IllegalStateException("Keystore password is null");
+ this.keystore = KeyStoreUtil.getKeyStore(keystoreLocation, storePass);
+ }
+ }
+
+ /**
+ * Generate a secret key useful for encryption/decryption
+ * @param encAlgo
+ * @param keySize Length of the key (if 0, defaults to 128 bits)
+ * @return
+ * @throws Exception
+ */
+ private SecretKey getSecretKey(String encAlgo, int keySize) throws Exception
+ {
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(encAlgo);
+ if(keySize == 0)
+ keySize = 128;
+ keyGenerator.init(keySize);
+ return keyGenerator.generateKey();
+ }
+
+ private Document loadPasswordEncryptedDocument() throws Exception
+ {
+ Document doc = null;
+ File docFile = new File(this.passwordEncryptedFileName);
+
+ if(docFile == null || docFile.exists() == false)
+ {
+ //Try the TCL
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream(passwordEncryptedFileName);
+ if(is == null)
+ throw new FileNotFoundException("Encrypted password file not located");
+ doc = DocumentUtil.getDocument(is);
+ }
+ else
+ {
+ doc = DocumentUtil.getDocument(docFile);
+ }
+ return doc;
+ }
+
+ private void storePasswordEncryptedDocument(Document doc) throws Exception
+ {
+ byte[] data = DocumentUtil.getDocumentAsString(doc).getBytes();
+ FileOutputStream faos = null;
+
+ //Try the url route
+ try
+ {
+ URL url = new URL(this.passwordEncryptedFileName);
+ File file = new File(url.toString());
+ faos = new FileOutputStream(file);
+ faos.write(data);
+ faos.flush();
+ faos.close();
+ }
+ catch(Exception e)
+ {
+ if(faos == null)
+ faos = new FileOutputStream(new File(passwordEncryptedFileName));
+ }
+ finally
+ {
+ if(faos == null)
+ throw new RuntimeException("File Output Stream is null");
+ faos.write(data);
+ faos.flush();
+ faos.close();
+ }
+ }
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordTool.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/PasswordTool.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordTool.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,192 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.io.File;
-import java.util.Scanner;
-
-import org.jboss.security.plugins.FilePassword;
-
-/**
- * Command line tool to deal with passwords
- * @author Anil.Saldhana at redhat.com
- * @since Mar 26, 2009
- */
-public class PasswordTool
-{
- private static PasswordMaskManagement pwm = null;
-
- public PasswordTool()
- {
- if(pwm == null)
- {
- pwm = new PasswordMaskManagement();
- ShutdownHook sh = new ShutdownHook(pwm);
- Runtime.getRuntime().addShutdownHook(sh);
- }
- }
- public static void main(String[] args)
- {
- System.out.println("**********************************");
- System.out.println("**** JBoss Password Tool********");
- System.out.println("**********************************");
-
- new PasswordTool();
- try
- {
- pwm.load();
- }
- catch(Exception e)
- {
- System.out.println("Error while trying to load data:"+e.getMessage());
- System.out.println("Maybe it does not exist and need to be created.");
- }
-
- while(true)
- {
- String commandStr = "0: Encrypt Keystore Password " +
- "1:Specify KeyStore " +
- "2:Create Password " +
- "3: Remove a domain " +
- "4:Enquire Domain " +
- "5:Exit";
-
- System.out.println(commandStr);
- Scanner in = new Scanner(System.in);
- int choice = in.nextInt();
- switch(choice)
- {
- case 0: //Encrypt Keystore Password
- System.out.println("Enter Keystore password");
- String passStr = in.next();
- String saltStr ="";
- do
- {
- System.out.println("Enter Salt (String should be at least 8 characters)");
- saltStr = in.next();
- }while(saltStr.length() < 8);
-
- System.out.println("Enter Iterator Count (integer value)");
- int iterationCount = in.nextInt();
-
- String ksPassFileName = PasswordMaskManagement.keystorePassEncFileName;
- String[] filePasswordArgs = new String[]
- {saltStr, iterationCount+""
- , passStr, ksPassFileName};
- try
- {
- //Check if password directory exists
- File passwordDir = new File("password");
- if(passwordDir.exists() == false)
- passwordDir.mkdir();
-
- FilePassword.main(filePasswordArgs);
- }
- catch (Exception e1)
- {
- throw new RuntimeException(e1);
- }
- System.out.println("Keystore Password encrypted into " + ksPassFileName);
- break;
-
- case 1: //Specify keystore
- System.out.println("Enter Keystore location including the file name");
- String loc = in.next();
- System.out.println("Enter Keystore alias");
- String alias = in.next();
- try
- {
- pwm.setKeyStoreDetails(loc, alias);
- }
- catch(Exception e)
- {
- System.out.println("Exception being raised. Try to first encrypt the keystore password.");
- System.out.println("or check the keystore location.");
- }
- break;
- case 2:
- if(pwm.keyStoreExists())
- {
- System.out.println("Enter security domain:");
- String domain = in.next();
- System.out.println("Enter passwd:");
- String p = in.next();
- pwm.storePassword(domain, p.toCharArray());
- }
- else
- System.out.println("Enter Keystore details first");
- break;
- case 3:
- if(pwm.keyStoreExists())
- {
- System.out.println("Enter security domain to be removed:");
- String domainToRemove = in.next();
- pwm.removePassword(domainToRemove);
- }
- else
- System.out.println("Enter Keystore details first");
- break;
- case 4:
- if(pwm.keyStoreExists())
- {
- System.out.println("Enter security domain to enquire:");
- String domainToEnquire = in.next();
- System.out.println("Exists = " + pwm.exists(domainToEnquire));
- }
- else
- System.out.println("Enter Keystore details first");
- break;
- default: System.exit(0);
- }
- }
- }
-
- /**
- * A shutdown hook that
- * stores the password map
- * onto the file
- * @author anil
- *
- */
- private class ShutdownHook extends Thread
- {
- private PasswordMaskManagement pmm;
-
- public ShutdownHook(PasswordMaskManagement pmm)
- {
- this.pmm = pmm;
- }
-
- public void run()
- {
- try
- {
- System.out.println(getClass().getName() + " run called");
- pmm.store();
- }
- catch(Exception e)
- {
- throw new RuntimeException(e);
- }
- }
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordTool.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/PasswordTool.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordTool.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/PasswordTool.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,192 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.io.File;
+import java.util.Scanner;
+
+import org.jboss.security.plugins.FilePassword;
+
+/**
+ * Command line tool to deal with passwords
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 26, 2009
+ */
+public class PasswordTool
+{
+ private static PasswordMaskManagement pwm = null;
+
+ public PasswordTool()
+ {
+ if(pwm == null)
+ {
+ pwm = new PasswordMaskManagement();
+ ShutdownHook sh = new ShutdownHook(pwm);
+ Runtime.getRuntime().addShutdownHook(sh);
+ }
+ }
+ public static void main(String[] args)
+ {
+ System.out.println("**********************************");
+ System.out.println("**** JBoss Password Tool********");
+ System.out.println("**********************************");
+
+ new PasswordTool();
+ try
+ {
+ pwm.load();
+ }
+ catch(Exception e)
+ {
+ System.out.println("Error while trying to load data:"+e.getMessage());
+ System.out.println("Maybe it does not exist and need to be created.");
+ }
+
+ while(true)
+ {
+ String commandStr = "0: Encrypt Keystore Password " +
+ "1:Specify KeyStore " +
+ "2:Create Password " +
+ "3: Remove a domain " +
+ "4:Enquire Domain " +
+ "5:Exit";
+
+ System.out.println(commandStr);
+ Scanner in = new Scanner(System.in);
+ int choice = in.nextInt();
+ switch(choice)
+ {
+ case 0: //Encrypt Keystore Password
+ System.out.println("Enter Keystore password");
+ String passStr = in.next();
+ String saltStr ="";
+ do
+ {
+ System.out.println("Enter Salt (String should be at least 8 characters)");
+ saltStr = in.next();
+ }while(saltStr.length() < 8);
+
+ System.out.println("Enter Iterator Count (integer value)");
+ int iterationCount = in.nextInt();
+
+ String ksPassFileName = PasswordMaskManagement.keystorePassEncFileName;
+ String[] filePasswordArgs = new String[]
+ {saltStr, iterationCount+""
+ , passStr, ksPassFileName};
+ try
+ {
+ //Check if password directory exists
+ File passwordDir = new File("password");
+ if(passwordDir.exists() == false)
+ passwordDir.mkdir();
+
+ FilePassword.main(filePasswordArgs);
+ }
+ catch (Exception e1)
+ {
+ throw new RuntimeException(e1);
+ }
+ System.out.println("Keystore Password encrypted into " + ksPassFileName);
+ break;
+
+ case 1: //Specify keystore
+ System.out.println("Enter Keystore location including the file name");
+ String loc = in.next();
+ System.out.println("Enter Keystore alias");
+ String alias = in.next();
+ try
+ {
+ pwm.setKeyStoreDetails(loc, alias);
+ }
+ catch(Exception e)
+ {
+ System.out.println("Exception being raised. Try to first encrypt the keystore password.");
+ System.out.println("or check the keystore location.");
+ }
+ break;
+ case 2:
+ if(pwm.keyStoreExists())
+ {
+ System.out.println("Enter security domain:");
+ String domain = in.next();
+ System.out.println("Enter passwd:");
+ String p = in.next();
+ pwm.storePassword(domain, p.toCharArray());
+ }
+ else
+ System.out.println("Enter Keystore details first");
+ break;
+ case 3:
+ if(pwm.keyStoreExists())
+ {
+ System.out.println("Enter security domain to be removed:");
+ String domainToRemove = in.next();
+ pwm.removePassword(domainToRemove);
+ }
+ else
+ System.out.println("Enter Keystore details first");
+ break;
+ case 4:
+ if(pwm.keyStoreExists())
+ {
+ System.out.println("Enter security domain to enquire:");
+ String domainToEnquire = in.next();
+ System.out.println("Exists = " + pwm.exists(domainToEnquire));
+ }
+ else
+ System.out.println("Enter Keystore details first");
+ break;
+ default: System.exit(0);
+ }
+ }
+ }
+
+ /**
+ * A shutdown hook that
+ * stores the password map
+ * onto the file
+ * @author anil
+ *
+ */
+ private class ShutdownHook extends Thread
+ {
+ private PasswordMaskManagement pmm;
+
+ public ShutdownHook(PasswordMaskManagement pmm)
+ {
+ this.pmm = pmm;
+ }
+
+ public void run()
+ {
+ try
+ {
+ System.out.println(getClass().getName() + " run called");
+ pmm.store();
+ }
+ catch(Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/SecurityActions.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/SecurityActions.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/SecurityActions.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,74 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * @author Anil.Saldhana at redhat.com
- * @since Apr 1, 2009
- */
-class SecurityActions
-{
- static ClassLoader getContextClassLoader()
- {
- return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
- {
- public ClassLoader run()
- {
- return Thread.currentThread().getContextClassLoader();
- }
- });
- }
-
- static Method getMethod(final Class<?> clazz, final String methodName) throws PrivilegedActionException
- {
- return AccessController.doPrivileged(new PrivilegedExceptionAction<Method>()
- {
- public Method run() throws Exception
- {
- Method m = null;
- try
- {
- m = clazz.getMethod(methodName, new Class[] {String.class});
- }
- catch(Exception ignore)
- {
- }
-
- if(m == null)
- try
- {
- m = clazz.getMethod(methodName, new Class[] {char[].class});
- }
- catch(Exception ignore)
- {
- }
- return m;
- }
- });
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/SecurityActions.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/SecurityActions.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/SecurityActions.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/SecurityActions.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.lang.reflect.Method;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 1, 2009
+ */
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ static Method getMethod(final Class<?> clazz, final String methodName) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Method>()
+ {
+ public Method run() throws Exception
+ {
+ Method m = null;
+ try
+ {
+ m = clazz.getMethod(methodName, new Class[] {String.class});
+ }
+ catch(Exception ignore)
+ {
+ }
+
+ if(m == null)
+ try
+ {
+ m = clazz.getMethod(methodName, new Class[] {char[].class});
+ }
+ catch(Exception ignore)
+ {
+ }
+ return m;
+ }
+ });
+ }
+}
\ No newline at end of file
Deleted: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,274 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration.password;
-
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.crypto.SecretKey;
-
-import org.apache.xml.security.encryption.EncryptedData;
-import org.apache.xml.security.encryption.EncryptedKey;
-import org.apache.xml.security.encryption.XMLCipher;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * XML Encryption Util
- * <b>Note: </b> This utility is currently using Apache XML Security
- * library API. JSR-106 is not yet final. Until that happens,we
- * rely on the non-standard API.
- *
- * @author Anil.Saldhana at redhat.com
- * @since Feb 4, 2009
- */
-public class XMLEncryptionUtil
-{
- public static final String CIPHER_DATA_LOCALNAME = "CipherData";
- public static final String ENCRYPTED_DATA_LOCALNAME = "EncryptedData";
- public static final String ENCRYPTED_KEY_LOCALNAME = "EncryptedKey";
- public static final String DS_KEY_INFO = "ds:KeyInfo";
-
- public static final String XMLNS = "http://www.w3.org/2000/xmlns/";
- public static String XMLSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
- public static String XMLENC_NS = "http://www.w3.org/2001/04/xmlenc#";
-
- private static Map<String,EncryptionAlgorithm> algorithms;
-
- private static class EncryptionAlgorithm
- {
- EncryptionAlgorithm(String jceName, String xmlSecName, int size)
- {
- this.jceName = jceName;
- this.xmlSecName = xmlSecName;
- this.size = size;
- }
-
- public String jceName;
- public String xmlSecName;
- public int size;
- }
-
- static
- {
- algorithms = new HashMap<String, EncryptionAlgorithm>(4);
- algorithms.put("aes-128", new EncryptionAlgorithm("AES", XMLCipher.AES_128, 128));
- algorithms.put("aes-192", new EncryptionAlgorithm("AES", XMLCipher.AES_192, 192));
- algorithms.put("aes-256", new EncryptionAlgorithm("AES", XMLCipher.AES_256, 256));
- algorithms.put("tripledes", new EncryptionAlgorithm("TripleDes", XMLCipher.TRIPLEDES, 168));
-
- //Initialize the Apache XML Security Library
- org.apache.xml.security.Init.init();
- }
-
- /**
- * <p>
- * Encrypt the Key to be transported
- * </p>
- * <p>
- * Data is encrypted with a SecretKey. Then the key needs to be
- * transported to the other end where it is needed for decryption.
- * For the Key transport, the SecretKey is encrypted with the
- * recipient's public key. At the receiving end, the receiver
- * can decrypt the Secret Key using his private key.s
- * </p>
- * @param document
- * @param keyToBeEncrypted Symmetric Key (SecretKey)
- * @param keyUsedToEncryptSecretKey Asymmetric Key (Public Key)
- * @param keySize Length of the key
- * @return
- * @throws Exception
- */
- public static EncryptedKey encryptKey(Document document,
- SecretKey keyToBeEncrypted, PublicKey keyUsedToEncryptSecretKey,
- int keySize) throws Exception
- {
- if(keyToBeEncrypted == null)
- throw new IllegalArgumentException("secret key is null");
-
- XMLCipher keyCipher = null;
- String pubKeyAlg = keyUsedToEncryptSecretKey.getAlgorithm();
-
- String keyWrapAlgo = getXMLEncryptionURLForKeyUnwrap(pubKeyAlg, keySize);
- keyCipher = XMLCipher.getInstance(keyWrapAlgo);
-
- keyCipher.init(XMLCipher.WRAP_MODE, keyUsedToEncryptSecretKey);
- return keyCipher.encryptKey(document, keyToBeEncrypted);
- }
-
- /**
- * Encrypt a document at the root (Use aes-128)
- * @param document
- * @param secretKey
- * @param publicKey
- * @param keySize
- * @return
- * @throws Exception
- */
- public static Document encrypt(Document document, SecretKey secretKey, PublicKey publicKey, int keySize)
- throws Exception
- {
- //Encrypt
- XMLCipher cipher = XMLCipher.getInstance(algorithms.get("aes-128").xmlSecName);
- cipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
-
- //Encrypted Key
- EncryptedKey ekey = XMLEncryptionUtil.encryptKey(document, secretKey, publicKey, keySize);
- //Encrypted Data
- String encryptionAlgorithm = XMLEncryptionUtil.getXMLEncryptionURL(secretKey.getAlgorithm(), keySize);
- //Encrypt the Document
- cipher = XMLCipher.getInstance(encryptionAlgorithm);
- cipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
-
- Document encryptedDoc = cipher.doFinal(document, document.getDocumentElement());
- Element encryptedDocRootElement = encryptedDoc.getDocumentElement();
- // The EncryptedKey element is added
- Element encryptedKeyElement = cipher.martial(document, ekey);
-
- // Outer ds:KeyInfo Element to hold the EncryptionKey
- Element sigElement = encryptedDoc.createElementNS(XMLSIG_NS, DS_KEY_INFO);
- sigElement.setAttributeNS(XMLNS, "xmlns:ds", XMLSIG_NS);
- sigElement.appendChild(encryptedKeyElement);
-
- //Insert the Encrypted key before the CipherData element
- NodeList nodeList = encryptedDocRootElement.getElementsByTagNameNS(XMLENC_NS, CIPHER_DATA_LOCALNAME);
- if (nodeList == null || nodeList.getLength() == 0)
- throw new IllegalStateException("xenc:CipherData Element Missing");
-
- Element cipherDataElement = (Element) nodeList.item(0);
- encryptedDocRootElement.insertBefore(sigElement, cipherDataElement);
- return encryptedDoc;
- }
-
- /**
- * Decrypt a document
- * @param encryptedDoc
- * @param privateKey
- * @return
- * @throws Exception
- */
- public static Document decrypt(Document encryptedDoc, PrivateKey privateKey) throws Exception
- {
- //First look for enc data
- Element docRoot = encryptedDoc.getDocumentElement();
- Node dataEL = null;
- Node keyEL = null;
-
- if(XMLENC_NS.equals(docRoot.getNamespaceURI())
- && ENCRYPTED_DATA_LOCALNAME.equals(docRoot.getLocalName()))
- {
- //we found it
- dataEL = docRoot;
- }
- else
- {
- NodeList childs = docRoot.getElementsByTagNameNS(XMLENC_NS, ENCRYPTED_DATA_LOCALNAME);
- if(childs == null || childs.getLength() == 0)
- throw new IllegalStateException("Encrypted Data not found");
- dataEL = childs.item(0);
- }
-
- NodeList keyList = ((Element)dataEL).getElementsByTagNameNS(XMLENC_NS, ENCRYPTED_KEY_LOCALNAME);
- if(keyList == null || keyList.getLength() == 0)
- throw new IllegalStateException("Encrypted Key not found");
- keyEL = keyList.item(0);
-
- if(dataEL == null)
- throw new IllegalStateException("Encrypted Data not found");
- if(keyEL == null)
- throw new IllegalStateException("Encrypted Key not found");
-
- XMLCipher cipher = XMLCipher.getInstance();
- cipher.init(XMLCipher.DECRYPT_MODE, null);
- EncryptedData encryptedData = cipher.loadEncryptedData(encryptedDoc, (Element)dataEL);
- EncryptedKey encryptedKey = cipher.loadEncryptedKey(encryptedDoc, (Element)keyEL);
-
- Document decryptedDoc = null;
-
- if (encryptedData != null && encryptedKey != null)
- {
- String encAlgoURL = encryptedData.getEncryptionMethod().getAlgorithm();
- XMLCipher keyCipher = XMLCipher.getInstance();
- keyCipher.init(XMLCipher.UNWRAP_MODE, privateKey);
- Key encryptionKey = keyCipher.decryptKey( encryptedKey, encAlgoURL );
- cipher = XMLCipher.getInstance();
- cipher.init(XMLCipher.DECRYPT_MODE, encryptionKey);
- decryptedDoc = cipher.doFinal(encryptedDoc, (Element)dataEL);
- }
- return decryptedDoc;
- }
-
- /**
- * From the secret key, get the W3C XML Encryption URL
- * @param publicKeyAlgo
- * @param keySize
- * @return
- */
- private static String getXMLEncryptionURLForKeyUnwrap(String publicKeyAlgo, int keySize)
- {
- if("AES".equals(publicKeyAlgo))
- {
- switch(keySize)
- {
- case 192: return XMLCipher.AES_192_KeyWrap;
- case 256: return XMLCipher.AES_256_KeyWrap;
- default:
- return XMLCipher.AES_128_KeyWrap;
- }
- }
- if(publicKeyAlgo.contains("RSA"))
- return XMLCipher.RSA_v1dot5;
- if(publicKeyAlgo.contains("DES"))
- return XMLCipher.TRIPLEDES_KeyWrap;
- throw new IllegalArgumentException("unsupported publicKey Algo:" + publicKeyAlgo);
- }
-
- /**
- * From the secret key, get the W3C XML Encryption URL
- * @param secretKey
- * @param keySize
- * @return
- */
- public static String getXMLEncryptionURL(String algo, int keySize)
- {
- if("AES".equals(algo))
- {
- switch(keySize)
- {
- case 192: return XMLCipher.AES_192;
- case 256: return XMLCipher.AES_256;
- default:
- return XMLCipher.AES_128;
- }
- }
- if(algo.contains("RSA"))
- return XMLCipher.RSA_v1dot5;
- if(algo.contains("DES"))
- return XMLCipher.TRIPLEDES_KeyWrap;
- throw new IllegalArgumentException("Secret Key with unsupported algo:" + algo);
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java (from rev 87587, trunk/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java)
===================================================================
--- branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java (rev 0)
+++ branches/Branch_5_x/security/src/main/org/jboss/security/integration/password/XMLEncryptionUtil.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,274 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration.password;
+
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.crypto.SecretKey;
+
+import org.apache.xml.security.encryption.EncryptedData;
+import org.apache.xml.security.encryption.EncryptedKey;
+import org.apache.xml.security.encryption.XMLCipher;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+/**
+ * XML Encryption Util
+ * <b>Note: </b> This utility is currently using Apache XML Security
+ * library API. JSR-106 is not yet final. Until that happens,we
+ * rely on the non-standard API.
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 4, 2009
+ */
+public class XMLEncryptionUtil
+{
+ public static final String CIPHER_DATA_LOCALNAME = "CipherData";
+ public static final String ENCRYPTED_DATA_LOCALNAME = "EncryptedData";
+ public static final String ENCRYPTED_KEY_LOCALNAME = "EncryptedKey";
+ public static final String DS_KEY_INFO = "ds:KeyInfo";
+
+ public static final String XMLNS = "http://www.w3.org/2000/xmlns/";
+ public static String XMLSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
+ public static String XMLENC_NS = "http://www.w3.org/2001/04/xmlenc#";
+
+ private static Map<String,EncryptionAlgorithm> algorithms;
+
+ private static class EncryptionAlgorithm
+ {
+ EncryptionAlgorithm(String jceName, String xmlSecName, int size)
+ {
+ this.jceName = jceName;
+ this.xmlSecName = xmlSecName;
+ this.size = size;
+ }
+
+ public String jceName;
+ public String xmlSecName;
+ public int size;
+ }
+
+ static
+ {
+ algorithms = new HashMap<String, EncryptionAlgorithm>(4);
+ algorithms.put("aes-128", new EncryptionAlgorithm("AES", XMLCipher.AES_128, 128));
+ algorithms.put("aes-192", new EncryptionAlgorithm("AES", XMLCipher.AES_192, 192));
+ algorithms.put("aes-256", new EncryptionAlgorithm("AES", XMLCipher.AES_256, 256));
+ algorithms.put("tripledes", new EncryptionAlgorithm("TripleDes", XMLCipher.TRIPLEDES, 168));
+
+ //Initialize the Apache XML Security Library
+ org.apache.xml.security.Init.init();
+ }
+
+ /**
+ * <p>
+ * Encrypt the Key to be transported
+ * </p>
+ * <p>
+ * Data is encrypted with a SecretKey. Then the key needs to be
+ * transported to the other end where it is needed for decryption.
+ * For the Key transport, the SecretKey is encrypted with the
+ * recipient's public key. At the receiving end, the receiver
+ * can decrypt the Secret Key using his private key.s
+ * </p>
+ * @param document
+ * @param keyToBeEncrypted Symmetric Key (SecretKey)
+ * @param keyUsedToEncryptSecretKey Asymmetric Key (Public Key)
+ * @param keySize Length of the key
+ * @return
+ * @throws Exception
+ */
+ public static EncryptedKey encryptKey(Document document,
+ SecretKey keyToBeEncrypted, PublicKey keyUsedToEncryptSecretKey,
+ int keySize) throws Exception
+ {
+ if(keyToBeEncrypted == null)
+ throw new IllegalArgumentException("secret key is null");
+
+ XMLCipher keyCipher = null;
+ String pubKeyAlg = keyUsedToEncryptSecretKey.getAlgorithm();
+
+ String keyWrapAlgo = getXMLEncryptionURLForKeyUnwrap(pubKeyAlg, keySize);
+ keyCipher = XMLCipher.getInstance(keyWrapAlgo);
+
+ keyCipher.init(XMLCipher.WRAP_MODE, keyUsedToEncryptSecretKey);
+ return keyCipher.encryptKey(document, keyToBeEncrypted);
+ }
+
+ /**
+ * Encrypt a document at the root (Use aes-128)
+ * @param document
+ * @param secretKey
+ * @param publicKey
+ * @param keySize
+ * @return
+ * @throws Exception
+ */
+ public static Document encrypt(Document document, SecretKey secretKey, PublicKey publicKey, int keySize)
+ throws Exception
+ {
+ //Encrypt
+ XMLCipher cipher = XMLCipher.getInstance(algorithms.get("aes-128").xmlSecName);
+ cipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
+
+ //Encrypted Key
+ EncryptedKey ekey = XMLEncryptionUtil.encryptKey(document, secretKey, publicKey, keySize);
+ //Encrypted Data
+ String encryptionAlgorithm = XMLEncryptionUtil.getXMLEncryptionURL(secretKey.getAlgorithm(), keySize);
+ //Encrypt the Document
+ cipher = XMLCipher.getInstance(encryptionAlgorithm);
+ cipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
+
+ Document encryptedDoc = cipher.doFinal(document, document.getDocumentElement());
+ Element encryptedDocRootElement = encryptedDoc.getDocumentElement();
+ // The EncryptedKey element is added
+ Element encryptedKeyElement = cipher.martial(document, ekey);
+
+ // Outer ds:KeyInfo Element to hold the EncryptionKey
+ Element sigElement = encryptedDoc.createElementNS(XMLSIG_NS, DS_KEY_INFO);
+ sigElement.setAttributeNS(XMLNS, "xmlns:ds", XMLSIG_NS);
+ sigElement.appendChild(encryptedKeyElement);
+
+ //Insert the Encrypted key before the CipherData element
+ NodeList nodeList = encryptedDocRootElement.getElementsByTagNameNS(XMLENC_NS, CIPHER_DATA_LOCALNAME);
+ if (nodeList == null || nodeList.getLength() == 0)
+ throw new IllegalStateException("xenc:CipherData Element Missing");
+
+ Element cipherDataElement = (Element) nodeList.item(0);
+ encryptedDocRootElement.insertBefore(sigElement, cipherDataElement);
+ return encryptedDoc;
+ }
+
+ /**
+ * Decrypt a document
+ * @param encryptedDoc
+ * @param privateKey
+ * @return
+ * @throws Exception
+ */
+ public static Document decrypt(Document encryptedDoc, PrivateKey privateKey) throws Exception
+ {
+ //First look for enc data
+ Element docRoot = encryptedDoc.getDocumentElement();
+ Node dataEL = null;
+ Node keyEL = null;
+
+ if(XMLENC_NS.equals(docRoot.getNamespaceURI())
+ && ENCRYPTED_DATA_LOCALNAME.equals(docRoot.getLocalName()))
+ {
+ //we found it
+ dataEL = docRoot;
+ }
+ else
+ {
+ NodeList childs = docRoot.getElementsByTagNameNS(XMLENC_NS, ENCRYPTED_DATA_LOCALNAME);
+ if(childs == null || childs.getLength() == 0)
+ throw new IllegalStateException("Encrypted Data not found");
+ dataEL = childs.item(0);
+ }
+
+ NodeList keyList = ((Element)dataEL).getElementsByTagNameNS(XMLENC_NS, ENCRYPTED_KEY_LOCALNAME);
+ if(keyList == null || keyList.getLength() == 0)
+ throw new IllegalStateException("Encrypted Key not found");
+ keyEL = keyList.item(0);
+
+ if(dataEL == null)
+ throw new IllegalStateException("Encrypted Data not found");
+ if(keyEL == null)
+ throw new IllegalStateException("Encrypted Key not found");
+
+ XMLCipher cipher = XMLCipher.getInstance();
+ cipher.init(XMLCipher.DECRYPT_MODE, null);
+ EncryptedData encryptedData = cipher.loadEncryptedData(encryptedDoc, (Element)dataEL);
+ EncryptedKey encryptedKey = cipher.loadEncryptedKey(encryptedDoc, (Element)keyEL);
+
+ Document decryptedDoc = null;
+
+ if (encryptedData != null && encryptedKey != null)
+ {
+ String encAlgoURL = encryptedData.getEncryptionMethod().getAlgorithm();
+ XMLCipher keyCipher = XMLCipher.getInstance();
+ keyCipher.init(XMLCipher.UNWRAP_MODE, privateKey);
+ Key encryptionKey = keyCipher.decryptKey( encryptedKey, encAlgoURL );
+ cipher = XMLCipher.getInstance();
+ cipher.init(XMLCipher.DECRYPT_MODE, encryptionKey);
+ decryptedDoc = cipher.doFinal(encryptedDoc, (Element)dataEL);
+ }
+ return decryptedDoc;
+ }
+
+ /**
+ * From the secret key, get the W3C XML Encryption URL
+ * @param publicKeyAlgo
+ * @param keySize
+ * @return
+ */
+ private static String getXMLEncryptionURLForKeyUnwrap(String publicKeyAlgo, int keySize)
+ {
+ if("AES".equals(publicKeyAlgo))
+ {
+ switch(keySize)
+ {
+ case 192: return XMLCipher.AES_192_KeyWrap;
+ case 256: return XMLCipher.AES_256_KeyWrap;
+ default:
+ return XMLCipher.AES_128_KeyWrap;
+ }
+ }
+ if(publicKeyAlgo.contains("RSA"))
+ return XMLCipher.RSA_v1dot5;
+ if(publicKeyAlgo.contains("DES"))
+ return XMLCipher.TRIPLEDES_KeyWrap;
+ throw new IllegalArgumentException("unsupported publicKey Algo:" + publicKeyAlgo);
+ }
+
+ /**
+ * From the secret key, get the W3C XML Encryption URL
+ * @param secretKey
+ * @param keySize
+ * @return
+ */
+ public static String getXMLEncryptionURL(String algo, int keySize)
+ {
+ if("AES".equals(algo))
+ {
+ switch(keySize)
+ {
+ case 192: return XMLCipher.AES_192;
+ case 256: return XMLCipher.AES_256;
+ default:
+ return XMLCipher.AES_128;
+ }
+ }
+ if(algo.contains("RSA"))
+ return XMLCipher.RSA_v1dot5;
+ if(algo.contains("DES"))
+ return XMLCipher.TRIPLEDES_KeyWrap;
+ throw new IllegalArgumentException("Secret Key with unsupported algo:" + algo);
+ }
+}
\ No newline at end of file
Modified: branches/Branch_5_x/server/src/etc/deployers/security-deployer-jboss-beans.xml
===================================================================
--- branches/Branch_5_x/server/src/etc/deployers/security-deployer-jboss-beans.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/server/src/etc/deployers/security-deployer-jboss-beans.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -30,5 +30,6 @@
<bean name="XACMLParsingDeployer"
class="org.jboss.security.deployers.XacmlConfigParsingDeployer" />
+ <!-- Deployer for JBossACL Config -->
<bean name="ACLParsingDeployer" class="org.jboss.security.deployers.AclConfigParsingDeployer"/>
</deployment>
Modified: branches/Branch_5_x/testsuite/imports/config/configs.xml
===================================================================
--- branches/Branch_5_x/testsuite/imports/config/configs.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/testsuite/imports/config/configs.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -12,5 +12,6 @@
<import file="tests-clustering.xml"/>
<import file="tests-bootstrap-dependencies.xml"/>
<import file="tests-jts.xml"/>
+<import file="tests-password-mask.xml"/>
</project>
Copied: branches/Branch_5_x/testsuite/imports/config/tests-password-mask.xml (from rev 87588, trunk/testsuite/imports/config/tests-password-mask.xml)
===================================================================
--- branches/Branch_5_x/testsuite/imports/config/tests-password-mask.xml (rev 0)
+++ branches/Branch_5_x/testsuite/imports/config/tests-password-mask.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,53 @@
+<?xml version="1.0"?>
+
+<!--
+ | Targets that run the Password Mask tests
+-->
+
+<!-- $Id: tests-clustering.xml 83440 2009-01-26 21:59:59Z pferraro $ -->
+<project name="main.server.config.password.mask" xmlns:server="http://jboss.org/ns/test/ant/server">
+
+ <!--
+ | Define the Pattern Sets Here
+ -->
+ <patternset id="password.mask.includes">
+ <include name="org/jboss/test/passwordinjection/test/Password*TestCase.class"/>
+ </patternset>
+
+ <!--
+ | Targets
+ -->
+
+ <target name="tests-password-mask"
+ description="Execute tests for password masking in xml configuration files">
+
+ <mkdir dir="${build.reports}"/>
+ <mkdir dir="${build.testlog}"/>
+
+ <!-- Create the Password Mask Config -->
+ <create-config baseconf="default" newconf="password-mask">
+ <patternset>
+ <include name="conf/**"/>
+ <include name="deployers/**"/>
+ <include name="deploy/**"/>
+ <include name="lib/**"/>
+ </patternset>
+ </create-config>
+
+ <server:start name="password-mask"/>
+ <property name="jbosstest.secure" value="true"/>
+ <property name="java.security.auth.login.config"
+ value="${build.resources}/security/auth.conf"/>
+
+ <propertyset id="password-tests-props">
+ <propertyref prefix="java.security.auth"/>
+ <propertyref prefix="jboss.security"/>
+ </propertyset>
+
+ <run-junit junit.patternset="password.mask.includes"
+ junit.configuration="PASSWORD_MASK"
+ junit.syspropertyset="password-tests-props" />
+
+ <server:stop name="password-mask"/>
+ </target>
+</project>
Modified: branches/Branch_5_x/testsuite/imports/sections/security.xml
===================================================================
--- branches/Branch_5_x/testsuite/imports/sections/security.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/testsuite/imports/sections/security.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -506,5 +506,12 @@
</fileset>
</jar>
+ <!-- JBAS-6710: Password Masking in XML -->
+ <jar destfile="${build.lib}/passwordbean.jar">
+ <fileset dir="${build.classes}">
+ <include name="org/jboss/test/security/beans/TestPasswordInjectedBean.class"/>
+ </fileset>
+ </jar>
+
</target>
</project>
Modified: branches/Branch_5_x/testsuite/imports/server-config.xml
===================================================================
--- branches/Branch_5_x/testsuite/imports/server-config.xml 2009-05-11 20:45:09 UTC (rev 88671)
+++ branches/Branch_5_x/testsuite/imports/server-config.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -193,6 +193,15 @@
<sysproperty key="java.endorsed.dirs" value="${jboss.dist}/lib/endorsed" />
<sysproperty key="xb.builder.useUnorderedSequence" value="true" />
</server>
+ <server name="password-mask" host="${node0}">
+ <jvmarg value="-Xms128m" />
+ <jvmarg value="-Xmx256m" />
+ <jvmarg value="-XX:MaxPermSize=512m" />
+ <jvmarg value="${jpda.cmdline}" />
+ <sysproperty key="java.net.preferIPv4Stack" value="true" />
+ <sysproperty key="java.endorsed.dirs" value="${jboss.dist}/lib/endorsed" />
+ <sysproperty key="xb.builder.useUnorderedSequence" value="true" />
+ </server>
<server name="tomcat-sso" host="${node0}">
<jvmarg value="-Xms128m" />
<jvmarg value="-Xmx256m" />
Copied: branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection (from rev 87587, trunk/testsuite/src/main/org/jboss/test/passwordinjection)
Copied: branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test (from rev 87587, trunk/testsuite/src/main/org/jboss/test/passwordinjection/test)
Deleted: branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java
===================================================================
--- trunk/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,88 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.passwordinjection.test;
-
-import javax.naming.InitialContext;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-import org.jboss.test.JBossTestCase;
-import org.jboss.test.JBossTestSetup;
-import org.jboss.test.security.beans.TestPasswordInjectedBean;
-
-/**
- * JBAS-6710: Password masking in xml
- * @author Anil.Saldhana at redhat.com
- * @since Apr 17, 2009
- */
-public class PasswordInjectionUnitTestCase extends JBossTestCase
-{
- public PasswordInjectionUnitTestCase(String name)
- {
- super(name);
- }
-
- public void testPasswordInjection() throws Exception
- {
- InitialContext ic = new InitialContext();
- TestPasswordInjectedBean tp = (TestPasswordInjectedBean) ic.lookup("testJNDIBean");
- assertNotNull("Password Bean is in JNDI", tp);
- assertTrue("Password has been injected", tp.isPasswordSet());
- }
-
- public static Test suite() throws Exception
- {
- TestSuite suite = new TestSuite();
- suite.addTest(new TestSuite(PasswordInjectionUnitTestCase.class));
-
- // Create an initializer for the test suite
- TestSetup wrapper = new JBossTestSetup(suite)
- {
- String passBeans = "test-password-jboss-beans.xml";
- String jarName = "passwordbean.jar";
-
- protected void setUp() throws Exception
- {
- super.setUp();
-
- deploy(jarName);
-
- // deploy the Password Beans
- String url1 = getResourceURL("security/password-mask/" + passBeans);
- deploy(url1);
-
- }
- protected void tearDown() throws Exception
- {
- undeploy(jarName);
-
- // undeploy the Password Beans
- String url1 = getResourceURL("security/password-mask/" + passBeans);
- undeploy(url1);
- super.tearDown();
- }
- };
- return wrapper;
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java (from rev 87587, trunk/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java)
===================================================================
--- branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java (rev 0)
+++ branches/Branch_5_x/testsuite/src/main/org/jboss/test/passwordinjection/test/PasswordInjectionUnitTestCase.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,88 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.passwordinjection.test;
+
+import javax.naming.InitialContext;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+import org.jboss.test.security.beans.TestPasswordInjectedBean;
+
+/**
+ * JBAS-6710: Password masking in xml
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 17, 2009
+ */
+public class PasswordInjectionUnitTestCase extends JBossTestCase
+{
+ public PasswordInjectionUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ public void testPasswordInjection() throws Exception
+ {
+ InitialContext ic = new InitialContext();
+ TestPasswordInjectedBean tp = (TestPasswordInjectedBean) ic.lookup("testJNDIBean");
+ assertNotNull("Password Bean is in JNDI", tp);
+ assertTrue("Password has been injected", tp.isPasswordSet());
+ }
+
+ public static Test suite() throws Exception
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new TestSuite(PasswordInjectionUnitTestCase.class));
+
+ // Create an initializer for the test suite
+ TestSetup wrapper = new JBossTestSetup(suite)
+ {
+ String passBeans = "test-password-jboss-beans.xml";
+ String jarName = "passwordbean.jar";
+
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+
+ deploy(jarName);
+
+ // deploy the Password Beans
+ String url1 = getResourceURL("security/password-mask/" + passBeans);
+ deploy(url1);
+
+ }
+ protected void tearDown() throws Exception
+ {
+ undeploy(jarName);
+
+ // undeploy the Password Beans
+ String url1 = getResourceURL("security/password-mask/" + passBeans);
+ undeploy(url1);
+ super.tearDown();
+ }
+ };
+ return wrapper;
+ }
+}
\ No newline at end of file
Copied: branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans (from rev 87587, trunk/testsuite/src/main/org/jboss/test/security/beans)
Deleted: branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java
===================================================================
--- trunk/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,50 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.beans;
-
-import java.io.Serializable;
-
-/**
- * A bean that will have the @Password
- * annotation injected via the xml config
- * @author Anil.Saldhana at redhat.com
- * @since Apr 17, 2009
- */
-public class TestPasswordInjectedBean implements Serializable
-{
- private static final long serialVersionUID = 1L;
- private char[] mypass = null;
-
- public void setPass(char[] p)
- {
- this.mypass = p;
- }
-
- public boolean isPasswordSet()
- {
- if(mypass != null)
- {
- System.out.println("TEST-PASSWORD-BEAN:" + new String(mypass));
- }
- return mypass != null;
- }
-}
\ No newline at end of file
Copied: branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java (from rev 87587, trunk/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java)
===================================================================
--- branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java (rev 0)
+++ branches/Branch_5_x/testsuite/src/main/org/jboss/test/security/beans/TestPasswordInjectedBean.java 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.beans;
+
+import java.io.Serializable;
+
+/**
+ * A bean that will have the @Password
+ * annotation injected via the xml config
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 17, 2009
+ */
+public class TestPasswordInjectedBean implements Serializable
+{
+ private static final long serialVersionUID = 1L;
+ private char[] mypass = null;
+
+ public void setPass(char[] p)
+ {
+ this.mypass = p;
+ }
+
+ public boolean isPasswordSet()
+ {
+ if(mypass != null)
+ {
+ System.out.println("TEST-PASSWORD-BEAN:" + new String(mypass));
+ }
+ return mypass != null;
+ }
+}
\ No newline at end of file
Copied: branches/Branch_5_x/testsuite/src/resources/security/password-mask (from rev 87587, trunk/testsuite/src/resources/security/password-mask)
Deleted: branches/Branch_5_x/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml
===================================================================
--- trunk/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml 2009-04-20 17:44:24 UTC (rev 87587)
+++ branches/Branch_5_x/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<deployment xmlns="urn:jboss:bean-deployer:2.0">
-
- <bean name="TestPasswordBean" class="org.jboss.test.security.beans.TestPasswordInjectedBean">
- <!-- Password Annotation to inject the password from the common password utility -->
- <annotation>@org.jboss.security.integration.password.Password(securityDomain="test-bean",methodName="setPass")</annotation>
- </bean>
-
- <bean name="TestJNDIBean" class="org.jboss.security.integration.JNDIBindingBean">
- <property name="bean"><inject bean="TestPasswordBean"/></property>
- <property name="JNDIContext">testJNDIBean</property>
- </bean>
-
-</deployment>
Copied: branches/Branch_5_x/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml (from rev 87587, trunk/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml)
===================================================================
--- branches/Branch_5_x/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml (rev 0)
+++ branches/Branch_5_x/testsuite/src/resources/security/password-mask/test-password-jboss-beans.xml 2009-05-11 20:49:47 UTC (rev 88672)
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<deployment xmlns="urn:jboss:bean-deployer:2.0">
+
+ <bean name="TestPasswordBean" class="org.jboss.test.security.beans.TestPasswordInjectedBean">
+ <!-- Password Annotation to inject the password from the common password utility -->
+ <annotation>@org.jboss.security.integration.password.Password(securityDomain="test-bean",methodName="setPass")</annotation>
+ </bean>
+
+ <bean name="TestJNDIBean" class="org.jboss.security.integration.JNDIBindingBean">
+ <property name="bean"><inject bean="TestPasswordBean"/></property>
+ <property name="JNDIContext">testJNDIBean</property>
+ </bean>
+
+</deployment>
Copied: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask (from rev 87588, trunk/testsuite/src/resources/test-configs/password-mask)
Copied: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf (from rev 87588, trunk/testsuite/src/resources/test-configs/password-mask/conf)
Copied: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password (from rev 87588, trunk/testsuite/src/resources/test-configs/password-mask/conf/password)
Deleted: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_keystore_pass.dat
===================================================================
(Binary files differ)
Copied: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_keystore_pass.dat (from rev 87588, trunk/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_keystore_pass.dat)
===================================================================
(Binary files differ)
Deleted: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat
===================================================================
--- trunk/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat 2009-04-20 17:44:59 UTC (rev 87588)
+++ branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat 2009-05-11 20:49:47 UTC (rev 88672)
@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/><xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">bdywvYrvY25KbTMddS75TG6278YqG8rtQe/N37rSDRkC9Ek2ZFLXVM+QL649Ic7MEGuTZi2nfXQz
-hx7D28h+jz2F5Kd0Ds3hSJ9v6vEOExX3t7VgV3xG30hcv0LSeRKFp1Ic1x0cFZIZvnWFGPw0vKXl
-4IZaSDCM9U1dI354oAE=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></ds:KeyInfo><xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">Lj8PdVIP0UaXVF4qA+/kwSu/OnGsDtUijoUFV6SoF8pDOsJ5+rBz2YsL98a2szj+PXqMV8yL3nPi
-W37VQql8OdC8XHLyfF5nDK4kQjpwgGlkooagkKFj4Axc/fNUEVS+</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData>
\ No newline at end of file
Copied: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat (from rev 87588, trunk/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat)
===================================================================
(Binary files differ)
Property changes on: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/jboss_password_enc.dat
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Deleted: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/password.keystore
===================================================================
(Binary files differ)
Copied: branches/Branch_5_x/testsuite/src/resources/test-configs/password-mask/conf/password/password.keystore (from rev 87588, trunk/testsuite/src/resources/test-configs/password-mask/conf/password/password.keystore)
===================================================================
(Binary files differ)
More information about the jboss-cvs-commits
mailing list