[jboss-svn-commits] JBL Code SVN: r23459 - in labs/jbossesb/branches/JBESB_4_4_GA_CP/product: docs and 22 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Wed Oct 15 06:21:54 EDT 2008
Author: beve
Date: 2008-10-15 06:21:54 -0400 (Wed, 15 Oct 2008)
New Revision: 23459
Added:
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertCallbackHandler.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModule.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigTestUtil.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModuleUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/certtestKeystore
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/roles.properties
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/deployment.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbm-queue-service.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbmq-queue-service.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jboss-esb.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jndi.properties
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/keystore
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/log4j.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/roles.properties
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/PrintSubjectAction.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/SendMessage.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_01.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_02.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/webservice/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/webservice/GoodbyeWorldWS.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/resources/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/resources/WEB-INF/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/resources/WEB-INF/web.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/view/
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/view/index.jsp
Modified:
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.project
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.odt
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.pdf
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
Log:
Work for https://jira.jboss.org/jira/browse/JBESB-2119 "Create a CertificateLoginModule"
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath 2008-10-15 07:12:26 UTC (rev 23458)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath 2008-10-15 10:21:54 UTC (rev 23459)
@@ -1,90 +1,145 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
- <classpathentry kind="lib" path="build/jbossesb/lib/jbossesb-config-model-1.0.1.jar"/>
<classpathentry excluding="**/.svn/" kind="src" path="rosetta/src"/>
- <classpathentry kind="src" path="services/jbossesb/src/main/java"/>
- <classpathentry kind="src" path="services/jbrules/src/main/java"/>
- <classpathentry kind="src" path="services/jbossesb/src/test/java"/>
- <classpathentry kind="src" path="services/jbpm/src/test/java"/>
- <classpathentry kind="src" path="services/jbrules/src/test/java"/>
- <classpathentry kind="src" path="services/jbpm/src/main/java"/>
- <classpathentry kind="src" path="services/smooks/src/test/java"/>
- <classpathentry kind="src" path="services/smooks/src/main/java"/>
- <classpathentry kind="src" path="services/slsb/src/main/java"/>
- <classpathentry kind="src" path="build/schema-model/src"/>
<classpathentry excluding="**/.svn/" kind="src" path="rosetta/tests/src"/>
- <classpathentry kind="src" path="services/soap/src/main/java"/>
- <classpathentry kind="src" path="services/soap/src/test/java"/>
- <classpathentry kind="lib" path="etc/test/resources/log4j/dev"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
- <classpathentry kind="lib" path="lib/ext/activation.jar"/>
- <classpathentry kind="lib" path="lib/ext/antlr-2.7.6.jar"/>
- <classpathentry kind="lib" path="lib/ext/commons-collections-3.2.jar"/>
- <classpathentry kind="lib" path="lib/ext/commons-lang-2.1.jar"/>
- <classpathentry kind="lib" path="lib/ext/commons-codec-1.3.jar"/>
- <classpathentry kind="lib" path="lib/ext/emma_ant.jar"/>
- <classpathentry kind="lib" path="lib/ext/emma.jar"/>
- <classpathentry kind="lib" path="lib/ext/groovy-all-1.0.jar"/>
- <classpathentry kind="lib" path="lib/ext/hsqldb.jar"/>
- <classpathentry kind="lib" path="lib/ext/jbossall-client.jar"/>
- <classpathentry kind="lib" path="lib/ext/jboss-system.jar"/>
- <classpathentry kind="lib" path="lib/ext/jbossts-common.jar"/>
- <classpathentry kind="lib" path="lib/ext/jsch-0.1.jar"/>
- <classpathentry kind="lib" path="lib/ext/juddi-2.0rc5.jar"/>
- <classpathentry kind="lib" path="lib/ext/juddi-client-2.0rc5.jar"/>
- <classpathentry kind="lib" path="lib/ext/junit-4.1.jar"/>
- <classpathentry kind="lib" path="lib/ext/log4j.jar"/>
- <classpathentry kind="lib" path="lib/ext/mail.jar"/>
- <classpathentry kind="lib" path="lib/ext/mockejb.jar"/>
- <classpathentry kind="lib" path="lib/ext/ognl-2.6.9.jar"/>
- <classpathentry kind="lib" path="lib/ext/opencsv-1.6.jar"/>
- <classpathentry kind="lib" path="lib/ext/properties-plugin.jar"/>
- <classpathentry kind="lib" path="lib/ext/stax-api-1.0.1.jar"/>
- <classpathentry kind="lib" path="lib/ext/xalan-2.7.0.jar"/>
- <classpathentry kind="lib" path="lib/ext/xbean.jar"/>
- <classpathentry kind="lib" path="lib/ext/xercesImpl-2.7.1.jar"/>
- <classpathentry kind="lib" path="lib/ext/xml-apis-1.3.02.jar"/>
- <classpathentry kind="lib" path="lib/ext/xmlpublic.jar"/>
- <classpathentry kind="lib" path="lib/ext/xstream-1.2.2.jar"/>
- <classpathentry kind="lib" path="lib/ext/jboss.jar"/>
- <classpathentry kind="lib" path="lib/ext/commons-io-1.3.jar"/>
- <classpathentry kind="lib" path="lib/ext/edtftpj-1.5.4.jar"/>
- <classpathentry kind="lib" path="ftp/lib/backport-util-concurrent-2.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/activation-1.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/antlr-2.7.7.jar"/>
+ <classpathentry kind="lib" path="build/lib/asm-1.5.3.jar"/>
+ <classpathentry kind="lib" path="build/lib/avalon-framework-4.1.3.jar"/>
+ <classpathentry kind="lib" path="build/lib/bsf-2.3.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/bsh-1.3.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/cglib-nodep-2.1_3.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-beanutils-1.6.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-beanutils-bean-collections-1.7.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-codec-1.3.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-collections-3.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-dbcp-1.2.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-digester-1.7.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-discovery-0.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-httpclient-3.0.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-io-1.3.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-lang-2.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-logging-1.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/commons-pool-1.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/dom4j-1.6.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/groovy-all-1.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/h2-1.0.68.jar"/>
+ <classpathentry kind="lib" path="build/lib/hibernate3-3.2.4.SP1.jar"/>
+ <classpathentry kind="lib" path="build/lib/javassist-3.6.0.GA.jar"/>
+ <classpathentry kind="lib" path="build/lib/jaxb-xjc-2.1.4.jar"/>
+ <classpathentry kind="lib" path="build/lib/jaxen-1.1-beta-8.jar"/>
+ <classpathentry kind="lib" path="build/lib/jaxr-api-1.0rc2.jar"/>
+ <classpathentry kind="lib" path="build/lib/jaxws-rt-2.1.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/jaxws-tools-2.1.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/jboss-4.2.2.GA.jar"/>
+ <classpathentry kind="lib" path="build/lib/jboss-aop-jdk50-1.5.6.GA.jar"/>
+ <classpathentry kind="lib" path="build/lib/jboss-cache-1.2.4.SP2.jar"/>
+ <classpathentry kind="lib" path="build/lib/jboss-system-4.2.2.GA.jar"/>
+ <classpathentry kind="lib" path="build/lib/jbossall-client-4.2.2.GA.jar"/>
+ <classpathentry kind="lib" path="build/lib/jcr-1.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/jdom-1.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/jettison-1.0-RC1.jar"/>
+ <classpathentry kind="lib" path="build/lib/jgroups-2.4.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/jmock-1.0.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/joda-time-1.2.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/jsch-0.1.38.jar"/>
+ <classpathentry kind="lib" path="build/lib/juddi-2.0rc5.jar"/>
+ <classpathentry kind="lib" path="build/lib/juddi-client-2.0rc5.jar"/>
+ <classpathentry kind="lib" path="build/lib/junit-3.8.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/jzlib-1.0.7.jar"/>
+ <classpathentry kind="lib" path="build/lib/log4j-1.2.14.jar"/>
+ <classpathentry kind="lib" path="build/lib/logkit-1.0.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/mail-1.4.jar"/>
+ <classpathentry kind="lib" path="build/lib/milyn-commons-1.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/milyn-smooks-core-1.0.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/milyn-smooks-javabean-1.0.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/mvel-1.3.3-java1.5.jar"/>
+ <classpathentry kind="lib" path="build/lib/ognl-2.6.9.jar"/>
+ <classpathentry kind="lib" path="build/lib/quartz-1.5.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/scout-1.0rc2.jar"/>
+ <classpathentry kind="lib" path="build/lib/servlet-api-2.4.jar"/>
+ <classpathentry kind="lib" path="build/lib/stax-1.2.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/stax-api-1.0.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/stringtemplate-3.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/wstx-asl-3.2.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/xalan-2.7.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/xbean-2.2.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/xercesImpl-2.8.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/xml-writer-0.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/xmlParserAPIs-2.6.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/xmlpublic-2.2.0.jar"/>
+ <classpathentry kind="lib" path="build/lib/xom-1.1.jar"/>
+ <classpathentry kind="lib" path="build/lib/xpp3_min-1.1.3.4.O.jar"/>
+ <classpathentry kind="lib" path="build/lib/xstream-1.2.2.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb/lib/jbossesb.sar/lib/jbossesb-config-model-1.0.1.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb/lib/jbossesb.sar/lib/jbossesb-rosetta.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb/lib/ext/jbossts-common.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb/lib/jbossesb.esb/c3p0-0.9.1-pre9.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/javassist.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jaxb-api.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jaxb-impl.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jaxb-xjc.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jaxws-rt.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jaxws-tools.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-aop-jdk50-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-aspect-jdk50-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-common-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-deployment.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-iiop-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-j2ee.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-jaxrpc.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-jaxws.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-jsr77-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-messaging-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-remoting.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-saaj.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-serialization.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-srp-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-system-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-transaction-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jboss-xml-binding.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossall-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbosscx-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossha-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossjmx-ant.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossmq-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbosssx-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossws-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossws-common.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossws-framework.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossws-jboss42.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jbossws-spi.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jmx-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jmx-invoker-adaptor-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/jnp-client.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/log4j.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/policy.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/stax-ex.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/streambuffer.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/trove.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb-server-4.4.GA/client/wsdl4j.jar"/>
+ <classpathentry kind="lib" path="lib/ext/commons-net-2.0.0-652071.jar"/>
+ <classpathentry kind="lib" path="lib/ext/commons-ssl-0.3.4.jar"/>
+ <classpathentry kind="lib" path="lib/ext/jboss-jaxws.jar"/>
+ <classpathentry kind="lib" path="lib/ext/jbossws-core.jar"/>
+ <classpathentry kind="lib" path="lib/ext/jbossws-spi.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/emma.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/emma_ant.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/hsqldb.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/jakarta-oro-2.0.8.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/jboss-jaxb-intros.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/jboss-remoting.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/jbossweb.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/junit-4.1.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/mockejb.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/opencsv-1.6.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/properties-plugin.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/wsdl4j-1.6.2.jar"/>
+ <classpathentry kind="lib" path="/opt/jboss/esb/JBESB_4_4_GA_CP/testlib/xalan-2.7.0.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftplet-api-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftpserver-admin-gui-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftpserver-core-1.0-incubator-SNAPSHOT.jar"/>
- <classpathentry kind="lib" path="ftp/lib/mina-core-1.0.2.jar"/>
- <classpathentry kind="lib" path="ftp/lib/mina-filter-ssl-1.0.2.jar"/>
- <classpathentry kind="lib" path="ftp/lib/slf4j-api-1.3.0.jar"/>
- <classpathentry kind="lib" path="ftp/lib/slf4j-log4j12-1.3.0.jar"/>
- <classpathentry kind="lib" path="services/jbpm/lib/ext/asm.jar"/>
- <classpathentry kind="lib" path="services/jbpm/lib/ext/dom4j.jar"/>
- <classpathentry kind="lib" path="services/jbpm/lib/ext/jbpm-identity.jar"/>
- <classpathentry kind="lib" path="services/jbpm/lib/ext/jbpm-jpdl.jar"/>
- <classpathentry kind="lib" path="lib/ext/jgroups-all.jar"/>
- <classpathentry kind="lib" path="lib/ext/cache.jar"/>
- <classpathentry kind="lib" path="lib/ext/standalone/c3p0-0.9.1-pre9.jar"/>
- <classpathentry kind="lib" path="lib/ext/antlr-3.0b7.jar"/>
- <classpathentry kind="lib" path="lib/ext/asm.jar"/>
- <classpathentry kind="lib" path="lib/ext/cglib-2.1_3.jar"/>
- <classpathentry kind="lib" path="lib/ext/commons-httpclient.jar"/>
- <classpathentry kind="lib" path="lib/ext/commons-logging-1.0.4.jar"/>
- <classpathentry kind="lib" path="lib/ext/hibernate3.jar"/>
- <classpathentry kind="lib" path="lib/ext/javassist.jar"/>
- <classpathentry kind="lib" path="lib/ext/jboss-aop-jdk50.jar"/>
- <classpathentry kind="lib" path="lib/ext/jboss-messaging-client.jar"/>
- <classpathentry kind="lib" path="lib/ext/jboss-remoting.jar"/>
- <classpathentry kind="lib" path="lib/ext/jbossweb.jar"/>
- <classpathentry kind="lib" path="lib/ext/stringtemplate-3.0.jar"/>
- <classpathentry kind="lib" path="lib/ext/trove.jar"/>
- <classpathentry kind="lib" path="lib/ext/jakarta-oro-2.0.8.jar"/>
- <classpathentry kind="lib" path="lib/ext/commons-ssl-0.3.4.jar"/>
- <classpathentry kind="lib" path="services/jbrules/lib/ext/antlr-runtime-3.0.jar"/>
- <classpathentry kind="lib" path="lib/ext/mvel14-1.2rc4rv908.jar"/>
- <classpathentry kind="lib" path="lib/ext/quartz-1.5.2.jar"/>
- <classpathentry kind="lib" path="lib/ext/jaxr-api-1.0rc1.jar"/>
- <classpathentry kind="lib" path="lib/ext/jboss-jaxb-intros.jar"/>
- <classpathentry kind="lib" path="lib/ext/scout-1.0rc1.jar"/>
- <classpathentry kind="lib" path="services/soap/lib/ext/Wise-core.jar"/>
<classpathentry kind="output" path="bin"/>
</classpath>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.project
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.project 2008-10-15 07:12:26 UTC (rev 23458)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.project 2008-10-15 10:21:54 UTC (rev 23459)
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
- <name>JBossESB</name>
+ <name>JBossESB-CP4.4_NEW</name>
<comment></comment>
<projects>
</projects>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.odt
===================================================================
(Binary files differ)
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.pdf
===================================================================
(Binary files differ)
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java 2008-10-15 07:12:26 UTC (rev 23458)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -49,13 +49,11 @@
builder.rolesAllowed(securityFragment.getAttribute(ListenerTagNames.ROLES_ALLOWED));
builder.callBackhandler(securityFragment.getAttribute(ListenerTagNames.CALLBACK_HANDLER_TAG));
- final Map<String,String> properties = new HashMap<String, String>();
ConfigTree[] children = securityFragment.getChildren("property");
for (ConfigTree configTree : children)
{
String propertyName = configTree.getAttribute("name");
String propertyValue = configTree.getAttribute("value");
- System.out.println(propertyName + " " + propertyValue);
builder.property(propertyName, propertyValue);
}
return builder.build();
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertCallbackHandler.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertCallbackHandler.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertCallbackHandler.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,83 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.login;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.jboss.internal.soa.esb.services.security.EsbCallbackHandler;
+import org.jboss.security.auth.callback.ObjectCallback;
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+
+public class CertCallbackHandler implements EsbCallbackHandler
+{
+ private String keyStoreAlias;
+ private char[] keyPassword;
+ private AuthenticationRequest authRequest;
+
+ public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException
+ {
+ for (int i = 0; i < callbacks.length; i++)
+ {
+ if (callbacks[i] instanceof NameCallback)
+ {
+ NameCallback nameCallback = (NameCallback) callbacks[i];
+ nameCallback.setName(keyStoreAlias);
+ }
+ else if (callbacks[i] instanceof PasswordCallback)
+ {
+ PasswordCallback passwordCallback = (PasswordCallback) callbacks[i];
+ passwordCallback.setPassword(keyPassword);
+ }
+ else if (callbacks[i] instanceof ObjectCallback)
+ {
+ ObjectCallback objectCallback = (ObjectCallback) callbacks[i];
+ objectCallback.setCredential(authRequest.getCredentials());
+ }
+ }
+ }
+
+ public void setAuthenticationRequest(AuthenticationRequest authRequest)
+ {
+ this.authRequest = authRequest;
+ }
+
+ public void setSecurityConfig(final SecurityConfig config)
+ {
+ if (config != null)
+ {
+ Map<String, String> properties = config.getProperties();
+ this.keyStoreAlias = properties.get("alias");
+
+ String keyPass = properties.get("keyPassword");
+ if (keyPass != null)
+ this.keyPassword = keyPass.toCharArray();
+
+ keyPass = null;
+ }
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModule.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModule.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModule.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,483 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.login;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.InvalidKeyException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Principal;
+import java.security.SignatureException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.apache.log4j.Logger;
+import org.jboss.security.auth.callback.ObjectCallback;
+import org.jboss.soa.esb.services.security.principals.Group;
+import org.jboss.soa.esb.services.security.principals.Role;
+import org.jboss.soa.esb.services.security.principals.User;
+import org.jboss.soa.esb.util.ClassUtil;
+
+/**
+ * A JAAS Login module that performs authentication by verifying that the
+ * certificate that is passed to the ESB by the calling client can be verified
+ * against a certificate in a local keystore.
+ * <p/>
+ *
+ * Usage:
+ * <pre>
+ * CertLogin {
+ * org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule required keyStoreURL="file://keystore" keyStorePassword="jbossesb" rolesPropertiesFile="file://roles.properties";
+ * };
+ * </pre>
+ *
+ * Option description:
+ * <lu>
+ * <li>keyStoreURL - URL or simply a path to a file on the local file system or on the classpath</li>
+ * <li>keyStorePassword - password for the above keystore</li>
+ * <li>rolesPropertiesFile - URL or simply a path to a file on the local file sytem of on the classpath that contains user to role mappings:
+ * user=role1,role2
+ * </li>
+ * </lu>
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public class CertificateLoginModule implements LoginModule
+{
+ public static final String KEYSTORE_URL = "keyStoreURL";
+ public static final String KEYSTORE_PASSWORD = "keyStorePassword";
+ public static final String KEYSTORE_TYPE = "keyStoreType";
+ public static final String ROLE_PROPERTIES = "rolesPropertiesFile";
+
+ private Logger log = Logger.getLogger(CertificateLoginModule.class);
+
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private Map<String, ?> options;
+ private X509Certificate verifiedCertificate;
+
+ /**
+ * Initialized this login module. Simple stores the passed in fields and also validates the options.
+ *
+ * @param subject The subject to authenticate/populate.
+ * @param callbackHandler The callbackhandler that will gather information required by this login module.
+ * @param sharedState State that is shared with other login modules. Used when modules are chained/stacked.
+ * @param options The options that were specified for this login module. See "Usage" section of this types javadoc.
+ */
+ public void initialize(final Subject subject, final CallbackHandler callbackHandler, final Map<String, ?> sharedState, final Map<String, ?> options)
+ {
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ this.options = options;
+ }
+
+ /**
+ * Login performs the verification of the callers certificate against the alias
+ * that that is provided by the callback handler.
+ *
+ * @return true If the login was successful otherwise false.
+ * @throws LoginException If an error occurs while trying to perform the authentication.
+ */
+ public boolean login() throws LoginException
+ {
+ assertOptions(options);
+ assertCallbackHandler(callbackHandler);
+
+ final NameCallback aliasCallback = new NameCallback("Key Alias: ");
+ final PasswordCallback passwordCallback = new PasswordCallback("Key Password", false);
+ final ObjectCallback objectCallback = new ObjectCallback("Certificate: ");
+
+ try
+ {
+ // get information from caller
+ callbackHandler.handle(new Callback[]{aliasCallback, passwordCallback, objectCallback});
+ }
+ catch (final IOException e)
+ {
+ throw new LoginException("Failed to invoke callback: "+ e.toString());
+ }
+ catch (final UnsupportedCallbackException e)
+ {
+ throw new LoginException("CallbackHandler does not support: " + e.getCallback());
+ }
+
+ final X509Certificate callerCert = getCallerCertificate(objectCallback);
+ final String alias = getAlias(aliasCallback);
+ final KeyStore keyStore = loadKeyStore();
+ try
+ {
+ // get the certificate that matches the alias from the keystore
+ final Certificate esbCertificate = keyStore.getCertificate(alias);
+ if (esbCertificate == null)
+ {
+ throw new LoginException("No certificate found in keystore for alias '" + alias + "'");
+ }
+ // verify that the caller supplied certificate was signed using the public key in our keystore.
+ callerCert.verify(esbCertificate.getPublicKey());
+
+ // set the verified certificate. Will be used in commit to add principals to the subject.
+ this.verifiedCertificate = callerCert;
+ return true;
+ }
+ catch (final KeyStoreException e)
+ {
+ throw new LoginException("KeystoreException : " + e.getMessage());
+ }
+ catch (final NoSuchAlgorithmException e)
+ {
+ throw new LoginException("NoSuchAlgorithmException : " + e.getMessage());
+ }
+ catch (final InvalidKeyException e)
+ {
+ throw new LoginException("InvalidKeyExcpetion : " + e.getMessage());
+ }
+ catch (final NoSuchProviderException e)
+ {
+ throw new LoginException("NoSuchProviderException : " + e.getMessage());
+ }
+ catch (final SignatureException e)
+ {
+ throw new LoginException("SignatureException : " + e.getMessage());
+ }
+ catch (final CertificateException e)
+ {
+ throw new LoginException("CertificateException : " + e.getMessage());
+ }
+ }
+
+ /**
+ * If the login was successful this method adds principals and roles to the subject.
+ * When adding a Principal we simply use the Common Name(CN) from the Distinguished Name(DN).
+ *
+ */
+ public boolean commit() throws LoginException
+ {
+ if (verifiedCertificate == null)
+ {
+ return false;
+ }
+ else
+ {
+ final Set<Principal> principals = subject.getPrincipals();
+ String name = verifiedCertificate.getSubjectX500Principal().getName();
+ // get the CN from the DN.
+ name = name.substring(name.indexOf('=') + 1, name.indexOf(','));
+ final User authenticatedPrincipal = new User(name);
+ principals.add(authenticatedPrincipal);
+
+ addRoles(subject, authenticatedPrincipal, verifiedCertificate, Collections.unmodifiableMap(options));
+ return true;
+ }
+ }
+
+ public boolean abort() throws LoginException
+ {
+ return false;
+ }
+
+ public boolean logout() throws LoginException
+ {
+ verifiedCertificate = null;
+ return false;
+ }
+
+ /**
+ * The addRoles method add roles to the authenticated subject.
+ * This method is protected to let users easliy override only this method if they
+ * need a different behaviour.
+ *
+ * @param subject The subject
+ * @param principal The authenticated principal
+ * @param cert The certificate that of the authenticated principal
+ * @param options The options that were specified to this login module.
+ * @throws LoginException
+ */
+ protected void addRoles(final Subject subject, final Principal principal, final X509Certificate cert, final Map<String, ?> options) throws LoginException
+ {
+ final String roleProperties = (String) options.get(ROLE_PROPERTIES);
+ if (roleProperties == null)
+ {
+ log.warn("No " + ROLE_PROPERTIES + " was specified hence no roles will be added.");
+ }
+ else
+ {
+ InputStream resourceAsStream = getResourceAsStream(roleProperties, getClass());
+ try
+ {
+ resourceAsStream = getResourceAsStream(roleProperties, getClass());
+ if (resourceAsStream == null )
+ {
+ throw new LoginException(ROLE_PROPERTIES + " was specified as '" + roleProperties + "' but could not be located on the local file system or on the classpath. Please check the configuration.");
+ }
+ final Properties roles = new Properties();
+ // load the roles properties file
+ roles.load(resourceAsStream);
+
+ // get the list of roles specified for the authenticated principal
+ final String listOfRoles = (String)roles.get(principal.getName());
+ if (listOfRoles != null )
+ {
+ log.debug("Roles for " + principal.getName() + " [" + listOfRoles + "]");
+ for (String role : listOfRoles.split(","))
+ {
+ addRole(role, subject);
+ }
+ }
+ }
+ catch (final IOException e)
+ {
+ throw new LoginException("IOException while trying to read properties from '" + roleProperties + "'");
+ }
+ finally
+ {
+ try { resourceAsStream.close(); } catch (final IOException ignore) { log.error(ignore.getMessage(), ignore);}
+ }
+ }
+ }
+
+ private void addRole(final String roleName, final Subject subject )
+ {
+ if (roleName != null)
+ {
+ final Role role = new Role(roleName);
+ final Set<Group> principals = subject.getPrincipals(Group.class);
+ if ( principals.isEmpty() )
+ {
+ final Group group = new Group("Roles");
+ group.addMember(role);
+ subject.getPrincipals().add(group);
+ }
+ else
+ {
+ for (Group groups : principals)
+ {
+ if ( "Roles".equals(groups.getName()) )
+ {
+ groups.addMember(role);
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * Assert that the required options have been specified for this login module.
+ * Mandatory options are:
+ * <lu>
+ * <li>keyStoreURL</li>
+ * <li>keyStorePassword</li>
+ * </lu>
+ * @param options The options that were specified.
+ * @throws LoginException If a mandatory option was missing.
+ */
+ void assertOptions(final Map<String, ?> options) throws LoginException
+ {
+ if (options == null || options.isEmpty() || !options.containsKey(KEYSTORE_URL) || !options.containsKey(KEYSTORE_PASSWORD))
+ {
+ throw new LoginException(getMissingRequiredOptionString(options));
+ }
+ }
+
+ private KeyStore loadKeyStore() throws LoginException
+ {
+ final String keyStorePath = (String)options.get(KEYSTORE_URL);
+ KeyStore keystore = null;
+ InputStream in = null;
+ try
+ {
+ String keyStoreType = (String)options.get(KEYSTORE_TYPE);
+ if (keyStoreType == null)
+ {
+ keyStoreType = KeyStore.getDefaultType();
+ }
+
+ keystore = KeyStore.getInstance(keyStoreType);
+ in = getResourceAsStream(keyStorePath, getClass());
+ if (in == null)
+ {
+ throw new LoginException("Could not open a stream to the keystore '" + keyStorePath + "'");
+ }
+ keystore.load(in, ((String)options.get(KEYSTORE_PASSWORD)).toCharArray());
+
+ log.info("Successfully loaded keystore: '" + keyStorePath + "'");
+ }
+ catch (final KeyStoreException e)
+ {
+ throw new LoginException("KeyStoreException while trying to load keystore '" + keyStorePath + "': " + e.getMessage());
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ throw new LoginException("NoSuchAlgorithm while trying to load keystore '" + keyStorePath + "': " + e.getMessage());
+ }
+ catch (CertificateException e)
+ {
+ throw new LoginException("CertificateException while trying to load keystore '" + keyStorePath + "': " + e.getMessage());
+ }
+ catch (IOException e)
+ {
+ throw new LoginException("IOException while trying to load keystore '" + keyStorePath + "': " + e.getMessage());
+ }
+ finally
+ {
+ if (in != null) { try { in.close(); } catch (final IOException e) { log.error("Error while closing stream to keystore '" + keyStorePath + "'", e); } }
+ }
+ return keystore;
+ }
+
+ /**
+ * Get an string contain the options that were missing in the configuration
+ * for this login module.
+ *
+ * @param options The map of options that were specified for this login module.
+ * @return String A string that contains only the options that were not specified.
+ */
+ private String getMissingRequiredOptionString(final Map<String, ?> options)
+ {
+
+ final StringBuilder sb = new StringBuilder();
+ sb.append("Options missing [");
+
+ if (options == null || !options.containsKey(KEYSTORE_URL))
+ {
+ sb.append(KEYSTORE_URL).append(", ");
+ }
+
+ if (options == null || !options.containsKey(KEYSTORE_PASSWORD))
+ {
+ sb.append(KEYSTORE_PASSWORD).append(",");
+ }
+
+ sb.append("]");
+
+ return sb.toString();
+ }
+
+ private void assertCallbackHandler(final CallbackHandler handler) throws LoginException
+ {
+ if (callbackHandler == null)
+ {
+ throw new LoginException("No callback handler was specified for CertificateLoginModule.");
+ }
+ }
+
+ private X509Certificate getCallerCertificate(final ObjectCallback objectCallback) throws LoginException
+ {
+ final Set<?> credentials = (Set<?>) objectCallback.getCredential();
+ if (credentials == null || credentials.isEmpty())
+ {
+ throw new LoginException("No X509Certificate was passed to the login module");
+ }
+
+ X509Certificate callerCert = null;
+ for (Object object : credentials)
+ {
+ if (object instanceof X509Certificate)
+ {
+ callerCert = (X509Certificate) object;
+ break;
+ }
+ }
+
+ if (callerCert == null)
+ {
+ throw new LoginException("No X509Certificate was passed to the login module");
+ }
+
+ return callerCert;
+ }
+
+ private String getAlias(final NameCallback callback) throws LoginException
+ {
+ final String alias = callback.getName();
+ if (alias == null)
+ {
+ throw new LoginException("No X509Certificate was passed to the login module");
+ }
+ else
+ {
+ return callback.getName();
+ }
+ }
+
+ /**
+ * Get the specified resource as a stream. First try the resource as a file
+ * from the file system, and if not found try the classpath.
+ * <p/>
+ * The method performs the file system search but delegates the classpath
+ * lookup to {@link ClassUtil}.
+ *
+ * @param resourceName The name of the class to load.
+ * @param caller The class of the caller.
+ * @return The input stream for the resource or null if not found.
+ */
+ private InputStream getResourceAsStream(final String resourceName, final Class<?> caller)
+ {
+ URL fileUrl = null;
+ File file = null;
+ try
+ {
+ // try to parse the resouceName as an url.
+ fileUrl = new URL(resourceName);
+ file = new File(fileUrl.getFile());
+ }
+ catch (MalformedURLException ignored)
+ {
+ file = new File(resourceName);
+ }
+
+ if (file.exists() && file.isFile())
+ {
+ try
+ {
+ return new FileInputStream(file);
+ }
+ catch (final FileNotFoundException ignore)
+ {
+ // will revert to looking for the resource using the classpath
+ }
+ }
+ return ClassUtil.getResourceAsStream(resourceName, caller);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigTestUtil.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigTestUtil.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigTestUtil.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,78 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import org.jboss.soa.esb.helpers.ConfigTree;
+import org.jboss.soa.esb.listeners.ListenerTagNames;
+
+/**
+ * Util methods for help creating ConfigTree instances.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public final class SecurityConfigTestUtil
+{
+ private SecurityConfigTestUtil()
+ {
+ }
+
+ public static ConfigTree createSecurityFragment(
+ final String runAs,
+ final String callerIdentity,
+ final String moduleName)
+ {
+ final ConfigTree securityElement = new ConfigTree(ListenerTagNames.SECURITY_TAG);
+ securityElement.setAttribute(ListenerTagNames.RUN_AS_TAG, runAs);
+ securityElement.setAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG, callerIdentity);
+ securityElement.setAttribute(ListenerTagNames.MODULE_NAME_TAG, moduleName);
+ return securityElement;
+ }
+
+ public static ConfigTree createSecurityFragment(
+ final String runAs,
+ final String callerIdentity,
+ final String moduleName,
+ final String alias)
+ {
+ final ConfigTree securityElement = createSecurityFragment(runAs, callerIdentity, moduleName);
+ if ( alias != null )
+ {
+ ConfigTree property = new ConfigTree("property", securityElement);
+ property.setAttribute("name", "alias");
+ property.setAttribute("value", alias);
+ }
+ return securityElement;
+ }
+
+ public static ConfigTree createSecurityFragment(
+ final String runAs,
+ final String rolesAllowed,
+ final String callerIdentity,
+ final String moduleName,
+ final String alias)
+ {
+ final ConfigTree securityElement = createSecurityFragment(runAs, callerIdentity, moduleName, alias);
+ securityElement.setAttribute("rolesAllowed", rolesAllowed);
+ return securityElement;
+ }
+
+}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-10-15 07:12:26 UTC (rev 23458)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -20,8 +20,9 @@
*/
package org.jboss.soa.esb.services.security;
-import static org.junit.Assert.*;
+import static org.jboss.soa.esb.services.security.SecurityConfigTestUtil.createSecurityFragment;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
@@ -30,7 +31,6 @@
import junit.framework.JUnit4TestAdapter;
import org.jboss.soa.esb.helpers.ConfigTree;
-import org.jboss.soa.esb.listeners.ListenerTagNames;
import org.junit.Test;
/**
@@ -111,45 +111,4 @@
{
return new JUnit4TestAdapter(SecurityConfigUtilUnitTest.class);
}
-
- private ConfigTree createSecurityFragment(
- final String runAs,
- final String callerIdentity,
- final String moduleName)
- {
- final ConfigTree securityElement = new ConfigTree(ListenerTagNames.SECURITY_TAG);
- securityElement.setAttribute(ListenerTagNames.RUN_AS_TAG, runAs);
- securityElement.setAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG, callerIdentity);
- securityElement.setAttribute(ListenerTagNames.MODULE_NAME_TAG, moduleName);
- return securityElement;
- }
-
- private ConfigTree createSecurityFragment(
- final String runAs,
- final String callerIdentity,
- final String moduleName,
- final String alias)
- {
- final ConfigTree securityElement = createSecurityFragment(runAs, callerIdentity, moduleName);
- if ( alias != null )
- {
- ConfigTree property = new ConfigTree("property", securityElement);
- property.setAttribute("name", "alias");
- property.setAttribute("value", alias);
- }
- return securityElement;
- }
-
- private ConfigTree createSecurityFragment(
- final String runAs,
- final String rolesAllowed,
- final String callerIdentity,
- final String moduleName,
- final String alias)
- {
- final ConfigTree securityElement = createSecurityFragment(runAs, callerIdentity, moduleName, alias);
- securityElement.setAttribute("rolesAllowed", rolesAllowed);
- return securityElement;
- }
-
}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModuleUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModuleUnitTest.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/CertificateLoginModuleUnitTest.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,256 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth.login;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.helpers.ConfigTree;
+import org.jboss.soa.esb.services.security.SecurityConfig;
+import org.jboss.soa.esb.services.security.SecurityConfigTestUtil;
+import org.jboss.soa.esb.services.security.SecurityConfigUtil;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
+import org.jboss.soa.esb.services.security.principals.Group;
+import org.jboss.soa.esb.services.security.principals.Role;
+import org.jboss.soa.esb.services.security.principals.User;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.Test;
+
+/**
+ * Unit test for {@link CertificateLoginModule}
+ * <p/>
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public class CertificateLoginModuleUnitTest
+{
+ private CertificateLoginModule module = new CertificateLoginModule();
+
+ private String keyStorePath = "certtestKeystore";
+ private String keyStorePassword = "storepassword";
+ private String keyAlias = "certtest";
+
+ @Test (expected = LoginException.class )
+ public void shouldThrowIfOptionsWereNull() throws LoginException
+ {
+ module.assertOptions(null);
+ }
+
+ @Test (expected = LoginException.class )
+ public void shouldThrowIfNoOptionsWereSpecified() throws LoginException
+ {
+ final HashMap<String, ?> options = new HashMap<String, Object>();
+ module.assertOptions(options);
+ }
+
+ @Test (expected = LoginException.class )
+ public void shouldThrowIfNoKeyStoreUrlWasSpecified() throws LoginException
+ {
+ final Map<String, Object> options = getAllOptions();
+ options.remove(CertificateLoginModule.KEYSTORE_URL);
+ module.assertOptions(options);
+ }
+
+ @Test (expected = LoginException.class )
+ public void shouldThrowIfNoKeyStorePasswordWasSpecified() throws LoginException
+ {
+ final Map<String, Object> options = getAllOptions();
+ options.remove(CertificateLoginModule.KEYSTORE_PASSWORD);
+ module.assertOptions(options);
+ }
+
+ @Test
+ public void login() throws LoginException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
+ {
+ final Certificate callerCert = getCertificate(keyStorePath, keyAlias);
+
+ // create the authentication request using the callers certificate as the credential
+ final AuthenticationRequest authRequest = getAuthenticationRequest(callerCert);
+
+ // create and setup the esb callback handler
+ final CertCallbackHandler certCallbackHandler = new CertCallbackHandler();
+ certCallbackHandler.setAuthenticationRequest(authRequest);
+ certCallbackHandler.setSecurityConfig(getSecurityConfig(keyAlias));
+
+ // initialize and login
+ final Subject subject = new Subject();
+ final Map<String, Object> options = getAllOptions();
+ options.put(CertificateLoginModule.ROLE_PROPERTIES, "roles.properties");
+ module.initialize(subject, certCallbackHandler, null, options);
+ boolean login = module.login();
+ assertTrue(login);
+
+ module.commit();
+ final Principal principal = subject.getPrincipals().iterator().next();
+ assertTrue(principal instanceof User);
+ assertEquals(principal.getName(), "Daniel Bevenius");
+
+ final Set<Group> principals = subject.getPrincipals(Group.class);
+ assertTrue(principals.iterator().next().isMember(new Role("worker")));
+ assertTrue(principals.iterator().next().isMember(new Role("esbrole")));
+ }
+
+ @Test (expected = LoginException.class)
+ public void shouldThrowIsAliasIsNotFound() throws LoginException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
+ {
+ final Certificate callerCert = getCertificate(keyStorePath, keyAlias);
+
+ // create the authentication request using the callers certificate as the credential
+ final AuthenticationRequest authRequest = getAuthenticationRequest(callerCert);
+
+ // create and setup the esb callback handler
+ final CertCallbackHandler certCallbackHandler = new CertCallbackHandler();
+ certCallbackHandler.setAuthenticationRequest(authRequest);
+ certCallbackHandler.setSecurityConfig(getSecurityConfig("bogusAlias"));
+
+ // initialize and login
+ final Subject subject = new Subject();
+ final Map<String, Object> options = getAllOptions();
+ module.initialize(subject, certCallbackHandler, null, options);
+ module.login();
+ }
+
+ @Test (expected = LoginException.class)
+ public void shouldThrowIfCertificateIsNull() throws LoginException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
+ {
+ // create the authentication request using the callers certificate as the credential
+ final AuthenticationRequest authRequest = getAuthenticationRequest(null);
+
+ // create and setup the esb callback handler
+ final CertCallbackHandler certCallbackHandler = new CertCallbackHandler();
+ certCallbackHandler.setAuthenticationRequest(authRequest);
+ certCallbackHandler.setSecurityConfig(getSecurityConfig("bogusAlias"));
+
+ // initialize and login
+ final Subject subject = new Subject();
+ final Map<String, Object> options = getAllOptions();
+ module.initialize(subject, certCallbackHandler, null, options);
+ module.login();
+ }
+
+ @Test (expected = LoginException.class)
+ public void shouldThrowIfCertifcatesDontMatch() throws LoginException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
+ {
+ // using a different certificate
+ final Certificate callerCert = getCertificate(keyStorePath, "certtest2");
+
+ // create the authentication request using the callers certificate as the credential
+ final AuthenticationRequest authRequest = getAuthenticationRequest(callerCert);
+
+ // create and setup the esb callback handler
+ final CertCallbackHandler certCallbackHandler = new CertCallbackHandler();
+ certCallbackHandler.setAuthenticationRequest(authRequest);
+ certCallbackHandler.setSecurityConfig(getSecurityConfig(keyAlias));
+
+ // initialize and login
+ final Subject subject = new Subject();
+ final Map<String, Object> options = getAllOptions();
+ module.initialize(subject, certCallbackHandler, null, options);
+ module.login();
+ }
+
+ @Test
+ public void addRoles() throws LoginException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
+ {
+ final Subject subject = new Subject();
+ final Map<String, Object> options = getAllOptions();
+ options.put(CertificateLoginModule.ROLE_PROPERTIES, "roles.properties");
+
+ // simulates the authenticated principal
+ final Principal principal = new User("Daniel Bevenius");
+ subject.getPrincipals().add(principal);
+
+ // call add roles
+ module.addRoles(subject, principal, null, options);
+
+ final Set<Group> principals = subject.getPrincipals(Group.class);
+ assertTrue(principals.iterator().next().isMember(new Role("worker")));
+ assertTrue(principals.iterator().next().isMember(new Role("esbrole")));
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(CertificateLoginModuleUnitTest.class);
+ }
+
+ private Map<String, Object> getAllOptions()
+ {
+ return getAllOptions(keyStorePath, keyStorePassword);
+ }
+
+ private Map<String, Object> getAllOptions(final String keystoreUrl, final String keyStorePassword)
+ {
+ HashMap<String, Object> options = new HashMap<String, Object>();
+ options.put(CertificateLoginModule.KEYSTORE_URL, keystoreUrl);
+ options.put(CertificateLoginModule.KEYSTORE_PASSWORD, keyStorePassword);
+ return options;
+ }
+
+ private Certificate getCertificate(final String keyStorePath, final String alias) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
+ {
+ final KeyStore keyStore = loadKeyStore(keyStorePath, keyStorePassword);
+ assertTrue("Keystore did not contain the expected alias : " + keyAlias, keyStore.containsAlias(alias));
+ return keyStore.getCertificate(alias);
+ }
+
+ private AuthenticationRequest getAuthenticationRequest(final Certificate callerCert)
+ {
+ // create the authentication request using the callers certificate as the credential
+ return new AuthenticationRequestImpl.Builder(null, Collections.singleton((Object)callerCert)).build();
+ }
+
+ private SecurityConfig getSecurityConfig(final String alias)
+ {
+ final ConfigTree securityFragment = SecurityConfigTestUtil.createSecurityFragment("adminRole", null, null, null, alias);
+ return SecurityConfigUtil.createSecurityConfig(securityFragment);
+ }
+
+
+ private KeyStore loadKeyStore(final String keyStorePath, final String keyStorePassword) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
+ {
+ KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
+ InputStream in = ClassUtil.getResourceAsStream(keyStorePath, this.getClass());
+ keystore.load(in, (keyStorePassword).toCharArray());
+ assertNotNull("Was not able to load keystore: " + keyStorePath, keystore);
+ return keystore;
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/certtestKeystore
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/certtestKeystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/roles.properties
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/roles.properties (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/roles.properties 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,6 @@
+# user=role1,role2,...
+guest=guest
+esbuser=esbrole
+
+# sort of ugly but can be used when a CN contains a space character.
+Daniel\u0020Bevenius=esbrole,worker
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,69 @@
+<project name="Quickstart_Security_Cert" default="deploy" basedir=".">
+
+ <description>
+ ${ant.project.name}
+ ${line.separator}
+ </description>
+
+ <!-- Import the base Ant build script... -->
+ <import file="../conf/base-build.xml"/>
+
+ <target name="quickstart-specific-checks" depends="assert-ws-available"/>
+
+ <target name="quickstart-specific-dependencies">
+ <path id="quickstart-dependencies-classpath">
+ <fileset dir="${org.jboss.esb.server.home}/client" includes="jbossws-client.jar,jboss-remoting.jar" />
+ </path>
+ </target>
+
+ <target name="quickstart-specific-assemblies">
+ <!-- Overriden from the target of the same name in base-build.xml. -->
+ <!-- Called by the "deploy" target. Don't call directly!! -->
+
+ <!-- Build the webservice... -->
+ <war warfile="build/${ant.project.name}.war"
+ webxml="${basedir}/war/resources/WEB-INF/web.xml">
+ <fileset dir="${basedir}/war/view">
+ <include name="**/*"/>
+ </fileset>
+ </war>
+ </target>
+
+ <target name="runtest" depends="compile" description="run tests over jms, http, and socket">
+ <antcall target="saygoodbye_over_http" />
+ </target>
+
+ <target name="saygoodbye_over_http" depends="compile">
+ <echo></echo>
+ <echo>Invoke JBR Gateway with successful login</echo>
+ <java fork="yes" classname="org.jboss.soa.esb.samples.quickstart.securitycert.test.SendMessage" failonerror="true">
+ <arg value="01" />
+ <arg value="8765" />
+ <classpath refid="exec-classpath" />
+ </java>
+ <echo></echo>
+ <echo></echo>
+ <echo>Invoke JBR Gateway with unsuccessful login</echo>
+ <java fork="yes" classname="org.jboss.soa.esb.samples.quickstart.securitycert.test.SendMessage" failonerror="true">
+ <arg value="02" />
+ <arg value="8765" />
+ <classpath refid="exec-classpath" />
+ </java>
+ </target>
+
+ <target name="quickstart-specific-deploys">
+ <echo message="Copy jaas.login to jbossesb.sar" />
+ <copy todir="${org.jboss.esb.server.deploy.dir}/jbossesb.sar" filtering="true" overwrite="true">
+
+ <filterset>
+ <filter token="KEYSTORE_PATH" value="${basedir}/keystore"/>
+ <filter token="ROLES_FILE_PATH" value="${basedir}/roles.properties"/>
+ </filterset>
+ <fileset dir="${basedir}">
+ <include name="jaas.login"/>
+ </fileset>
+ </copy>
+ </target>
+
+
+</project>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/deployment.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/deployment.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/deployment.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,6 @@
+<jbossesb-deployment>
+ <depends>jboss.esb:deployment=soap.esb</depends>
+ <depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_esb</depends>
+ <depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_esb_reply
+ </depends>
+</jbossesb-deployment>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,3 @@
+CertLogin {
+ org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule required keyStoreURL="file://@KEYSTORE_PATH@" keyStorePassword="storepassword" rolesPropertiesFile="file://@ROLES_FILE_PATH@";
+};
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbm-queue-service.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbm-queue-service.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbm-queue-service.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<server>
+ <mbean code="org.jboss.jms.server.destination.QueueService"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_gw"
+ xmbean-dd="xmdesc/Queue-xmbean.xml">
+ <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
+ <depends>jboss.messaging:service=PostOffice</depends>
+ </mbean>
+ <mbean code="org.jboss.jms.server.destination.QueueService"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_esb"
+ xmbean-dd="xmdesc/Queue-xmbean.xml">
+ <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
+ <depends>jboss.messaging:service=PostOffice</depends>
+ </mbean>
+ <mbean code="org.jboss.jms.server.destination.QueueService"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_esb_reply"
+ xmbean-dd="xmdesc/Queue-xmbean.xml">
+ <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
+ <depends>jboss.messaging:service=PostOffice</depends>
+ </mbean>
+</server>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbmq-queue-service.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbmq-queue-service.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbmq-queue-service.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<server>
+ <mbean code="org.jboss.mq.server.jmx.Queue"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_gw">
+ <depends optional-attribute-name="DestinationManager">
+ jboss.mq:service=DestinationManager
+ </depends>
+ </mbean>
+ <mbean code="org.jboss.mq.server.jmx.Queue"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_esb">
+ <depends optional-attribute-name="DestinationManager">
+ jboss.mq:service=DestinationManager
+ </depends>
+ </mbean>
+ <mbean code="org.jboss.mq.server.jmx.Queue"
+ name="jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_cert_esb_reply">
+ <depends optional-attribute-name="DestinationManager">
+ jboss.mq:service=DestinationManager
+ </depends>
+ </mbean>
+</server>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jboss-esb.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jboss-esb.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jboss-esb.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,43 @@
+<?xml version = "1.0" encoding = "UTF-8"?>
+<jbossesb
+ xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.0.1.xsd"
+ parameterReloadSecs="5">
+
+ <providers>
+ <jms-provider name="JBossMessageing" connection-factory="ConnectionFactory">
+ <jms-bus busid="quickstartEsbChannel">
+ <jms-message-filter dest-type="QUEUE" dest-name="queue/quickstart_security_cert_esb"/>
+ </jms-bus>
+ </jms-provider>
+
+ <jbr-provider name="JBR-Http" protocol="http" host="localhost">
+ <jbr-bus busid="Http-1" port="8765" />
+ </jbr-provider>
+
+ </providers>
+
+ <services>
+
+ <service category="MyServiceCategory" name="MyWSProducerService" description="WS Frontend speaks natively to the ESB">
+ <security moduleName="CertLogin" rolesAllowed="worker" callbackHandler="org.jboss.soa.esb.services.security.auth.login.CertCallbackHandler">
+ <property name="alias" value="certtest"/>
+ </security>
+
+ <listeners>
+ <jbr-listener name="Http-Gateway" busidref="Http-1" is-gateway="true"/>
+ <jms-listener name="JMS-ESBListener" busidref="quickstartEsbChannel"/>
+ </listeners>
+ <actions>
+
+ <action name="print-before" class="org.jboss.soa.esb.samples.quickstart.securitycert.PrintSubjectAction"/>
+
+ <action name="JBossWSAdapter" class="org.jboss.soa.esb.actions.soap.SOAPProcessor">
+ <property name="jbossws-endpoint" value="GoodbyeWorldWS"/>
+ </action>
+ <action name="testStore" class="org.jboss.soa.esb.actions.TestMessageStore"/>
+ </actions>
+ </service>
+
+ </services>
+
+</jbossesb>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ JBoss, Home of Professional Open Source
+ Copyright 2006, JBoss Inc., and others contributors as indicated
+ by the @authors tag. All rights reserved.
+ See the copyright.txt in the distribution for a
+ full listing of individual contributors.
+ This copyrighted material is made available to anyone wishing to use,
+ modify, copy, or redistribute it subject to the terms and conditions
+ of the GNU Lesser General Public License, v. 2.1.
+ This program is distributed in the hope that it will be useful, but WITHOUT A
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ You should have received a copy of the GNU Lesser General Public License,
+ v.2.1 along with this distribution; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ MA 02110-1301, USA.
+
+ (C) 2005-2006,
+ @author JBoss Inc.
+-->
+<!-- $Id: jbossesb-unittest-properties.xml $ -->
+<!--
+ These options are described in the JBossESB manual.
+ Defaults are provided here for convenience only.
+
+ Please read through this file prior to using the system, and consider
+ updating the specified entries.
+-->
+<esb
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="jbossesb-1_0.xsd">
+ <properties name="core">
+ <property name="org.jboss.soa.esb.jndi.server.context.factory" value="org.jnp.interfaces.NamingContextFactory"/>
+ <property name="org.jboss.soa.esb.jndi.server.url" value="${jboss.esb.bind.address}:1099"/>
+ <property name="org.jboss.soa.esb.persistence.connection.factory" value="org.jboss.internal.soa.esb.persistence.format.MessageStoreFactoryImpl"/>
+ <property name="org.jboss.soa.esb.loadbalancer.policy" value="org.jboss.soa.esb.listeners.ha.RoundRobin"/>
+ <property name="jboss.esb.invm.scope.default" value="NONE"/>
+ </properties>
+ <properties name="security">
+ <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
+ <property name="org.jboss.soa.esb.services.security.configUrl" value="/jaas.login"/>
+ </properties>
+ <properties name="registry">
+ <property name="org.jboss.soa.esb.registry.queryManagerURI" value="org.apache.juddi.registry.local.InquiryService#inquire"/>
+ <property name="org.jboss.soa.esb.registry.lifeCycleManagerURI" value="org.apache.juddi.registry.local.PublishService#publish"/>
+ <property name="org.jboss.soa.esb.registry.implementationClass" value="org.jboss.internal.soa.esb.services.registry.JAXRRegistryImpl"/>
+ <property name="org.jboss.soa.esb.registry.factoryClass" value="org.apache.ws.scout.registry.ConnectionFactoryImpl"/>
+ <property name="org.jboss.soa.esb.registry.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.registry.password" value="password"/>
+ <!-- the following parameter is scout specific to set the type of communication between scout and the UDDI (embedded, rmi, soap) -->
+ <property name="org.jboss.soa.esb.scout.proxy.transportClass" value="org.apache.ws.scout.transport.LocalTransport"/>
+ </properties>
+ <properties name="transports" depends="core">
+ <property name="org.jboss.soa.esb.mail.smtp.host" value="localhost"/>
+ <property name="org.jboss.soa.esb.mail.smtp.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.mail.smtp.password" value=""/>
+ <property name="org.jboss.soa.esb.mail.smtp.port" value="25"/>
+ <property name="org.jboss.soa.esb.mail.smtp.auth" value="true"/>
+ <property name="org.jboss.soa.esb.ftp.localdir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.ftp.remotedir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.jms.connectionPool" value="20"/>
+ <property name="org.jboss.soa.esb.jms.sessionSleep" value="30"/>
+ </properties>
+ <properties name="connection">
+ <property name="min-pool-size" value="5"/>
+ <property name="max-pool=size" value="10"/>
+ <property name="blocking-timeout-millis" value="5000"/>
+ <property name="abandoned-connection-timeout" value="10000"/>
+ <property name="abandoned-connection-time-interval" value="30000"/>
+ </properties>
+ <properties name="dbstore">
+
+ <!-- connection manager type -->
+ <!-- <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.StandaloneConnectionManager"/> -->
+ <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.J2eeConnectionManager"/>
+
+ <!-- this property is only used if using the j2ee connection manager -->
+ <property name="org.jboss.soa.esb.persistence.db.datasource.name" value="java:/JBossESBDS"/>
+
+ <!-- standalone connection pooling settings -->
+ <property name="org.jboss.soa.esb.persistence.db.connection.url" value="jdbc:hsqldb:hsql://localhost:9001/"/>
+ <property name="org.jboss.soa.esb.persistence.db.jdbc.driver" value="org.hsqldb.jdbcDriver"/>
+ <property name="org.jboss.soa.esb.persistence.db.user" value="sa"/>
+ <property name="org.jboss.soa.esb.persistence.db.pwd" value=""/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.initial.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.min.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.max.size" value="5"/>
+ <!--table managed by pool to test for valid connections - created by pool automatically -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.test.table" value="pooltest"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.timeout.millis" value="5000"/>
+
+ </properties>
+ <properties name="filters">
+ <property name="org.jboss.soa.esb.filter.1" value="org.jboss.internal.soa.esb.message.filter.MetaDataFilter"/>
+ <property name="org.jboss.soa.esb.filter.2" value="org.jboss.internal.soa.esb.message.filter.GatewayFilter"/>
+ </properties>
+</esb>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jndi.properties
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jndi.properties (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jndi.properties 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,5 @@
+java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
+java.naming.provider.url=jnp://localhost:1099
+java.naming.factory.url.pkgs=org.jboss.naming
+java.naming.factory.url.pkgs=org.jnp.interfaces
+
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/keystore
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/keystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/log4j.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/log4j.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/log4j.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<!-- ===================================================================== -->
+<!-- -->
+<!-- Log4j Configuration -->
+<!-- -->
+<!-- ===================================================================== -->
+
+<!-- $Id: log4j.xml,v 1.26.2.5 2005/09/15 09:31:02 dimitris Exp $ -->
+
+<!--
+ | For more configuration infromation and examples see the Jakarta Log4j
+ | owebsite: http://jakarta.apache.org/log4j
+ -->
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
+
+ <!-- ============================== -->
+ <!-- Append messages to the console -->
+ <!-- ============================== -->
+
+ <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
+ <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
+ <param name="Target" value="System.out"/>
+
+ <layout class="org.apache.log4j.PatternLayout">
+ <!-- The default pattern: Date Priority [Category] Message\n -->
+ <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%t][%c{1}] %m%n"/>
+ </layout>
+ </appender>
+
+ <!-- ================================= -->
+ <!-- Preserve messages in a local file -->
+ <!-- ================================= -->
+
+ <!-- A size based file rolling appender -->
+ <appender name="FILE" class="org.jboss.logging.appender.RollingFileAppender">
+ <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
+ <param name="File" value="./listener.log"/>
+ <param name="Append" value="false"/>
+ <param name="MaxFileSize" value="500KB"/>
+ <param name="MaxBackupIndex" value="1"/>
+
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d %-5p [%t][%c] %m%n"/>
+ </layout>
+ </appender>
+
+ <!-- ================ -->
+ <!-- Limit categories -->
+ <!-- ================ -->
+
+ <category name="org.jboss">
+ <priority value="WARN"/>
+ </category>
+ <category name="org.jboss.soa.esb">
+ <priority value="ERROR"/>
+ </category>
+ <category name="org.jboss.internal.soa.esb">
+ <priority value="ERROR"/>
+ </category>
+ <category name="org.apache">
+ <priority value="ERROR"/>
+ </category>
+ <category name="quickstart">
+ <priority value="INFO"/>
+ </category>
+ <!-- ======================= -->
+ <!-- Setup the Root category -->
+ <!-- ======================= -->
+
+ <root>
+ <appender-ref ref="CONSOLE"/>
+ <appender-ref ref="FILE"/>
+ </root>
+
+</log4j:configuration>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,100 @@
+Overview:
+
+=========
+
+ This quickstart aims demonstrate how certificate based authentication can be configured in JBossESB.
+ Authentication is done by verifying that the certificate that is passed to the ESB by the calling client
+
+ can be verified against a certificate in a local keystore.
+ The certifcate to be verified against is specified using an alias which is configured in jboss-esb.xml
+
+
+ When executing this quickstart two calls will be made to the ESB service:
+ 1. This call will use the content of the following file as its payload
+ src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_01.xml
+ soap_messsag_01.xml contains a security header with the certificate of the alias 'certtest'.
+ This certificate matches the certificate in our keystore and this call will succeed.
+
+ 2. This call will use the content of the following file as its payload
+ src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_02.xml
+ soap_messsag_01.xml contains a security header with the certificate of the alias 'certtest2'.
+ This certificate does not match the certificate in our keystore and this call will not succeed.
+
+ The keystore used for this quickstart is named 'keystore' and can be found in the same directory as this
+ readme.txt file.
+
+
+
+Running this quickstart:
+
+========================
+
+ Please refer to 'ant help-quickstarts' for prerequisites about the quickstarts
+
+ and a more detailed descripton of the different ways to run the quickstarts.
+
+
+
+ Note, this quickstart requires an ESB and JBossWS installation into
+
+ JBoss AS 4.2.0.GA. Installation instructions for both can be found in the
+
+ install/readme.txt.
+
+
+
+To Run:
+
+=======
+
+ 1. Type 'ant deploy'.
+
+ 2. Type 'ant runtest'.
+
+ 3. Switch back to Application Server console to see the output from the ESB
+
+ 4. In this folder ("Window1"), type 'ant undeploy'.
+
+
+
+Things to look for in this quickstart:
+
+======================================
+
+ 1.Security configuration in jboss-esb.xml
+
+ <security moduleName="CertLogin" rolesAllowed="worker" callbackHandler="org.jboss.soa.esb.services.security.auth.login.CertCallbackHandler">
+ <property name="alias" value="certtest"/>
+ </security>
+ # 'moduleName' identified the JAAS Login Module to use. This is an index into the file jaas.login.
+ # 'rolesAllowed' lists the roles that are allowed to execute this service. To see how the roles are mapped please see item 3 below.
+ # 'alias' specifies the alias that will be used to identify a certificate in the keystore.
+
+ # 'callbackHandler' is the an ESB implementation of a JAAS Callback handler which provides access to the authentication request and also the above security configuration.
+
+
+
+ 2.JAAS Configuration
+ CertLogin {
+ org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule required keyStoreURL="file://@KEYSTORE_PATH@" keyStorePassword="storepassword" rolesPropertiesFile="file://@ROLES_FILE_PATH@";
+ };
+ # CertificateLoginModule is the login module that will be used.
+ # 'keyStoreURL' is the path to the keystore that will be used to verify the certificates. This can be a file on the local file system or on the classpath.
+ # 'keyStorePassword' is the password to the keystore.
+ # 'rolesPropertiesFile' path to a file containing role mappings. Please see the next item for more information about the roles mapping.
+
+ 3.Role Mapping
+ This file is can be optionally specified in jaas.login by using the 'rolesPropertiesFile'. This can point to a file on the local file system or to
+ a file on the classpath.
+ The is an example of such a file:
+ # user=role1,role2,...
+ guest=guest
+ esbuser=esbrole
+
+ # The current implementation will use the Common Name(CN) specified for the certificate as the
+ # user name. The unicode escape is needed only if your CN contains a space.
+ Daniel\u0020Bevenius=esbrole,worker
+
+
+
+
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/roles.properties
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/roles.properties (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/roles.properties 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,6 @@
+# user=role1,role2,...
+guest=guest
+esbuser=esbrole
+
+# sort of ugly but can be used when a CN contains a space character.
+Daniel\u0020Bevenius=esbrole,worker
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/PrintSubjectAction.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/PrintSubjectAction.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/PrintSubjectAction.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,58 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2006, JBoss Inc., and others contributors as indicated
+ * by the @authors tag. All rights reserved.
+ * See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ * This copyrighted material is made available to anyone wishing to use,
+ * modify, copy, or redistribute it subject to the terms and conditions
+ * of the GNU Lesser General Public License, v. 2.1.
+ * This program is distributed in the hope that it will be useful, but WITHOUT A
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ * You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301, USA.
+ *
+ * (C) 2005-2006,
+ * @author JBoss Inc.
+ */
+package org.jboss.soa.esb.samples.quickstart.securitycert;
+
+
+import java.net.URL;
+import java.io.File;
+import java.io.FilePermission;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.CodeSource;
+import java.security.Permissions;
+import java.security.PermissionCollection;
+import java.security.Policy;
+
+import javax.security.auth.Subject;
+
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.actions.AbstractActionLifecycle;
+import org.jboss.soa.esb.helpers.ConfigTree;
+import org.jboss.soa.esb.message.Message;
+
+public class PrintSubjectAction extends AbstractActionLifecycle
+{
+
+ protected ConfigTree config;
+
+ public PrintSubjectAction(ConfigTree config) throws ConfigurationException
+ {
+ this.config = config;
+ }
+
+ public Message process(Message message) throws Exception
+ {
+ System.out.println("SecurityContext " + message.getProperties().getProperty("org.jboss.soa.esb.services.security.context"));
+ System.out.println("Subject : " + Subject.getSubject(AccessController.getContext()));
+ return message;
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/SendMessage.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/SendMessage.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/SendMessage.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,123 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2006, JBoss Inc., and others contributors as indicated
+ * by the @authors tag. All rights reserved.
+ * See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ * This copyrighted material is made available to anyone wishing to use,
+ * modify, copy, or redistribute it subject to the terms and conditions
+ * of the GNU Lesser General Public License, v. 2.1.
+ * This program is distributed in the hope that it will be useful, but WITHOUT A
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ * You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301, USA.
+ *
+ * (C) 2005-2006,
+ * @author JBoss Inc.
+ */
+package org.jboss.soa.esb.samples.quickstart.securitycert.test;
+
+import org.jboss.internal.soa.esb.util.StreamUtils;
+import org.jboss.remoting.InvokerLocator;
+import org.jboss.remoting.Client;
+
+import javax.jms.JMSException;
+import javax.jms.ObjectMessage;
+import javax.jms.Queue;
+import javax.jms.QueueConnection;
+import javax.jms.QueueConnectionFactory;
+import javax.jms.QueueSender;
+import javax.jms.QueueSession;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import java.net.InetAddress;
+
+import org.jboss.soa.esb.actions.StoreMessageToFile;
+
+public class SendMessage {
+ QueueConnection conn;
+ QueueSession session;
+ Queue que;
+
+ public void sendMessageOverJMS(String message) throws JMSException, NamingException {
+ QueueSender sender = null;
+
+ setupJMSConnection();
+ try {
+ ObjectMessage tm = null;
+
+ sender = session.createSender(que);
+ tm = session.createObjectMessage(message);
+ tm.setStringProperty(StoreMessageToFile.PROPERTY_JBESB_FILENAME, "WebServiceProducerTest.log");
+ sender.send(tm);
+ } finally {
+ if(sender != null) {
+ sender.close();
+ }
+ cleanupJMSConnection();
+ }
+ }
+
+ private void sendMessageToJBRListener(String protocol, int port, String message) throws Throwable {
+ String locatorURI = protocol + "://localhost:" + port;
+ InvokerLocator locator = new InvokerLocator(locatorURI);
+ System.out.println("Calling JBoss Remoting Listener using locator URI: " + locatorURI);
+
+ Client remotingClient = null;
+ try {
+ remotingClient = new Client(locator);
+ remotingClient.connect();
+
+ // Deliver the message to the listener...
+ Object response = remotingClient.invoke(message);
+ System.out.println("JBR Class: " + response.getClass().getName());
+ System.out.println("Response from JBoss Remoting Listener '" + locatorURI + "' was '" + response + "'.");
+ } finally {
+ if(remotingClient != null) {
+ remotingClient.disconnect();
+ }
+ }
+ }
+
+ public void setupJMSConnection() throws JMSException, NamingException
+ {
+ InitialContext iniCtx = new InitialContext();
+ Object tmp = iniCtx.lookup("ConnectionFactory");
+ QueueConnectionFactory qcf = (QueueConnectionFactory) tmp;
+ conn = qcf.createQueueConnection();
+ que = (Queue) iniCtx.lookup("queue/quickstart_security_cert_secured_gw");
+ session = conn.createQueueSession(false, QueueSession.AUTO_ACKNOWLEDGE);
+ conn.start();
+ }
+
+ public void cleanupJMSConnection() throws JMSException
+ {
+ conn.stop();
+ session.close();
+ conn.close();
+ }
+
+ private static String getMessage(String messageNum) {
+ String msg = new String(StreamUtils.readStream(SendMessage.class.getResourceAsStream("soap_message_" + messageNum + ".xml")));
+ return msg;
+ }
+
+ public static void main(String args[]) throws Throwable
+ {
+ SendMessage sm = new SendMessage();
+ String msg = getMessage(args[0]);
+
+ try
+ {
+ sm.sendMessageToJBRListener("http", Integer.parseInt(args[1]), msg);
+ }
+ catch(final Exception e)
+ {
+ System.err.println("Call was not successful. See server.log for details. Exception was:");
+ e.printStackTrace();
+ }
+ }
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_01.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_01.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_01.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,22 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:good="http://security_cert/goodbyeworld">
+ <soapenv:Header>
+ <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'>
+ <wsse:BinarySecurityToken EncodingType='wsse:Base64Binary' ValueType='wsse:X509v3'>MIICVDCCAb0CBEj0PZ4wDQYJKoZIhvcNAQEEBQAwcTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0
+b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRAwDgYDVQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVK
+Qm9zczEYMBYGA1UEAxMPRGFuaWVsIEJldmVuaXVzMB4XDTA4MTAxNDA2MzUxMFoXDTExMDcxMDA2
+MzUxMFowcTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2to
+b2xtMRAwDgYDVQQKEwdSZWQgSGF0MQ4wDAYDVQQLEwVKQm9zczEYMBYGA1UEAxMPRGFuaWVsIEJl
+dmVuaXVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPwfTNhUsBYIi+h5mt/tzcHRl2Uh//
+/alzFsGint0rlFRRa/LJ/6XSwviVbMXitpqUCw3Qknf6e4xRFJpfv35FALqyRJmwMjsgpy9GjWM9
+HHpCXetrpop7sWF3C8etwfv1T/mKk6jcQ4tX2So2Wjv1Lb3zqj/5Pgj8Pcy+oecZfwIDAQABMA0G
+CSqGSIb3DQEBBAUAA4GBADWjrmaDi01ZUAIAHim6hnNbuh9X+uszrkwglSjVDOKkuPjX8lgrlR9i
+jNP7gnwGg2+bQXW4P17BViwN9Kd00+hNkXw9smimPvUnGRAbX/I8ntQqfKs3dq1E3yBT4NZmb3Bc
+h6tJtOWrUv0mEl1pkOGFcDvP5Gsq70jAtwC/9Cge</wsse:BinarySecurityToken>
+ </wsse:Security>
+ </soapenv:Header>
+ <soapenv:Body>
+ <good:sayGoodbye>
+ <message>Goodbye!!</message>
+ </good:sayGoodbye>
+ </soapenv:Body>
+</soapenv:Envelope>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_02.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_02.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/test/soap_message_02.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,21 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:good="http://security_cert/goodbyeworld">
+ <soapenv:Header>
+ <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'>
+ <wsse:BinarySecurityToken EncodingType='wsse:Base64Binary' ValueType='wsse:X509v3'>MIICIjCCAYsCBEj0TGMwDQYJKoZIhvcNAQEEBQAwWDELMAkGA1UEBhMCQkIxDDAKBgNVBAgTA0Jh
+ZDEMMAoGA1UEBxMDQmFkMQwwCgYDVQQKEwNCYWQxDDAKBgNVBAsTA0JhZDERMA8GA1UEAxMIQmFk
+IHVzZXIwHhcNMDgxMDE0MDczODExWhcNMTEwNzEwMDczODExWjBYMQswCQYDVQQGEwJCQjEMMAoG
+A1UECBMDQmFkMQwwCgYDVQQHEwNCYWQxDDAKBgNVBAoTA0JhZDEMMAoGA1UECxMDQmFkMREwDwYD
+VQQDEwhCYWQgdXNlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhlb/SagmAPrp5+CqSexB
+/X/GhdtaYXQHY0rKvyE/E2g5bKsXDcNAUu9ZwHmUHIPoyHTGTdQbYgQVbehOPys2RiyQr7MOP1L7
+X+H2YC6Fce55eydFliIFDKq9+991fmPSOZ6lz/vYnfN4fEwMuw4CbJ2Zlt+vb44AvVVyZHZpZykC
+AwEAATANBgkqhkiG9w0BAQQFAAOBgQB5fMiT7ApyoUoP3dq9rmpjrUxKIxBvbkWCWrR9KyN7kPT6
+/zDcqlmljjhVWZdOEQ6dTOmuA56fvNE8WO1xLq6F+OZZni3IDQ/cPgqEa/REOuv+tFGK08Te0WIe
+3Ff5vodp0s+H/X75X2Sy3ZbZMXCV115q5rASRbOjsxE5fVaRMw==</wsse:BinarySecurityToken>
+ </wsse:Security>
+ </soapenv:Header>
+ <soapenv:Body>
+ <good:sayGoodbyeWithoutResponse>
+ <message>Goodbye!!</message>
+ </good:sayGoodbyeWithoutResponse>
+ </soapenv:Body>
+</soapenv:Envelope>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/webservice/GoodbyeWorldWS.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/webservice/GoodbyeWorldWS.java (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/src/org/jboss/soa/esb/samples/quickstart/securitycert/webservice/GoodbyeWorldWS.java 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,54 @@
+package org.jboss.soa.esb.samples.quickstart.securitycert.webservice;
+
+import javax.jws.WebService;
+import javax.jws.WebMethod;
+import javax.jws.Oneway;
+import javax.jws.WebParam;
+import javax.jws.soap.SOAPBinding;
+
+import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.message.Body;
+import org.jboss.soa.esb.actions.ActionUtils;
+import org.jboss.soa.esb.actions.soap.SOAPProcessor;
+
+/**
+ * @author
+ */
+ at WebService(name = "GoodbyeWorldWS", targetNamespace="http://security_cert/goodbyeworld")
+public class GoodbyeWorldWS {
+
+ @WebMethod
+ public String sayGoodbye(@WebParam(name="message") String message) {
+
+ Message esbMessage = SOAPProcessor.getMessage();
+ if(esbMessage != null) {
+ System.out.println("**** SOAPRequest perhaps mediated by ESB:\n" + esbMessage.getBody().get());
+ // System.out.println("\n" + esbMessage.toString() + "\n");
+ }
+ System.out.println("Web Service Parameter - message=" + message);
+ return "... Ah Goodbye then!!!! - " + message;
+ }
+
+ @WebMethod
+ public String sayAdios(String message) {
+ Message esbMessage = SOAPProcessor.getMessage();
+ if(esbMessage != null) {
+ System.out.println("**** SOAPRequest perhaps mediated by ESB:\n" + esbMessage.getBody().get());
+ // System.out.println("\n" + esbMessage.toString() + "\n");
+ }
+ System.out.println("Web Service Parameter - message=" + message);
+ return "... Adios Amigo!!!! - " + message;
+ }
+
+ @WebMethod
+ @Oneway
+ public void sayGoodbyeWithoutResponse(@WebParam(name="message") String message) {
+
+ Message esbMessage = SOAPProcessor.getMessage();
+ if(esbMessage != null) {
+ System.out.println("**** SOAPRequest perhaps mediated by ESB:\n" + esbMessage.getBody().get());
+ }
+ System.out.println("Web Service Parameter - message=" + message);
+ }
+
+}
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/resources/WEB-INF/web.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/resources/WEB-INF/web.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/resources/WEB-INF/web.xml 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+
+<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
+ version="2.4">
+
+ <servlet>
+ <servlet-name>GoodbyeWorldWS</servlet-name>
+ <servlet-class>org.jboss.soa.esb.samples.quickstart.securitycert.webservice.GoodbyeWorldWS</servlet-class>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>GoodbyeWorldWS</servlet-name>
+ <url-pattern>/GoodbyeWorldWS</url-pattern>
+ </servlet-mapping>
+
+</web-app>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/view/index.jsp
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/view/index.jsp (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/war/view/index.jsp 2008-10-15 10:21:54 UTC (rev 23459)
@@ -0,0 +1,9 @@
+<html>
+ <body>
+ This is just a place holder.<br>
+ Verify the that the WS has been deployed by hitting
+ <a href="http://localhost:8080/jbossws">
+ http://localhost:8080/jbossws
+ </a>
+ </body>
+</html>
\ No newline at end of file
More information about the jboss-svn-commits
mailing list