[jboss-svn-commits] JBL Code SVN: r21595 - in labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb: services/security and 3 other directories.

[jboss-svn-commits at lists.jboss.org]

Author: beve
Date: 2008-08-18 03:42:43 -0400 (Mon, 18 Aug 2008)
New Revision: 21595

Modified:
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
Log:
Minor updates


Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java	2008-08-18 07:27:55 UTC (rev 21594)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java	2008-08-18 07:42:43 UTC (rev 21595)
@@ -355,7 +355,7 @@
 		 *  might represent an id or a SSO Token that can be used for authentication.
 		 *  If a SubjectContext does not exist then create one to drive the authentication.
 		 */
-		SecurityContext securityContext = (SecurityContext) message.getProperties().getProperty( SecurityService.CONTEXT );
+		SecurityContext securityContext = SecurityContext.getContext(message);
 		LOGGER.debug("Security Context before authentication : " + securityContext);
 		
 		if ( securityContext == null )

Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java	2008-08-18 07:27:55 UTC (rev 21594)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityContext.java	2008-08-18 07:42:43 UTC (rev 21595)
@@ -30,6 +30,8 @@
 
 import javax.security.auth.Subject;
 
+import org.jboss.soa.esb.message.Message;
+
 /**
  * Security Context contains security related information that 
  * is not sensitive.
@@ -43,7 +45,7 @@
  * @since 4.4
  *
  */
-public class SecurityContext implements Serializable
+public final class SecurityContext implements Serializable
 {
 	private static final long serialVersionUID = 1L;
 	
@@ -99,4 +101,14 @@
 		return subject.getPrincipals();
 	}
 	
+	/**
+	 * Will retrieve the SecurityContext from the passed in Message.
+	 * @param message - the message from which the SecurityContext should be retreieved
+	 * @return SecuirtyContext - the currently set SecurityContext or null if none has been set.
+	 */
+	public static SecurityContext getContext( final Message message )
+	{
+		return (SecurityContext) message.getProperties().getProperty( SecurityService.CONTEXT );
+	}
+	
 }

Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java	2008-08-18 07:27:55 UTC (rev 21594)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java	2008-08-18 07:42:43 UTC (rev 21595)
@@ -38,6 +38,13 @@
  * This action can be placed before an action that calls out the a 
  * JBossAS instance, for example an EJB call.
  * 
+ * Example config:
+ * <pre>{@code
+ * <action name="propagate" class="org.jboss.soa.esb.services.security.actions.JBossSecurityPropagator">
+ *  <property name="runAs" value="adminRole"/>
+ *   </action>
+ * }</pre>
+ * 
  * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
  *
  */

Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java	2008-08-18 07:27:55 UTC (rev 21594)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/SecurityInfoExtractor.java	2008-08-18 07:42:43 UTC (rev 21595)
@@ -30,5 +30,12 @@
  */
 public interface SecurityInfoExtractor<T>
 {
+	/**
+	 * Extracts security related information from type T and
+	 * populates a {@link AuthenticationRequest}.
+	 * 
+	 * @param t - the type from which security information is to be extracted
+	 * @return - and instance of {@link AuthenticationRequest}
+	 */
 	AuthenticationRequest extractSecurityInfo( final T t );
 }
\ No newline at end of file

Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java	2008-08-18 07:27:55 UTC (rev 21594)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/BinarySecurityToken.java	2008-08-18 07:42:43 UTC (rev 21595)
@@ -40,6 +40,7 @@
 	private String encodingType;
 	private String valueType;
 	private Certificate cert;
+	private enum EncodingType { Base64Binary, HexBinary }
 	
 	public String getEncodingType()
 	{
@@ -66,8 +67,6 @@
 		return cert;
 	}
 	
-	private enum EncodingType { Base64Binary, HexBinary }
-	
 	public void setKey(final String key)
 	{
 		try

Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java	2008-08-18 07:27:55 UTC (rev 21594)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java	2008-08-18 07:42:43 UTC (rev 21595)
@@ -37,25 +37,55 @@
 import org.xml.sax.SAXException;
 
 /**
+ * WSSecurityInfoExtractor extracts security related information from
+ * a SOAP security header. 
+ * </p>
+ * If the security element contains a 'UsernameToken' element this will be
+ * extraced into a principal with the username and a credential being the
+ * password represented as a character array.
  * 
+ * 
  * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
  *
  */
 public class WSSecurityInfoExtractor implements SecurityInfoExtractor<String>
 {
+	/**
+	 * Smooks configuration file which specified the extraction
+	 */
 	private static final String SMOOK_CONFIG_FILE = "smooks-ws-security.xml";
+	/**
+	 * Smooks instance the will perform the extraction
+	 */
 	private Smooks smooks;
 	
+	/**
+	 * Creates an instance using the default Smooks config file.
+	 */
 	public WSSecurityInfoExtractor()
 	{
 		createSmooks( SMOOK_CONFIG_FILE );
 	}
 
+	/**
+	 * Creates an instance of Smooks using the passed in config file.  
+	 * 
+	 * @param configFile - the Smooks config file to use.
+	 */
 	public WSSecurityInfoExtractor(final String configFile)
 	{
 		createSmooks(configFile);
 	}
 	
+	/**
+	 * Extracts UsernameToken element is one exists and creates
+	 * a Principal with the username and sets a Credential using
+	 * the password. The type of the Credential is a character array.
+	 * If the SOAP message contains a BinarySecurityToken this will be
+	 * extracted and added as a Credential.
+	 * @param soap - the soap message represented as a String
+	 * @return {@link AuthenticationRequest}
+	 */
 	public AuthenticationRequest extractSecurityInfo(final String soap)
 	{
 		final JavaResult javaResult = new JavaResult();