[jboss-svn-commits] JBL Code SVN: r29549 - in labs/jbossesb/trunk: product/docs and 18 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Oct 8 01:38:25 EDT 2009
Author: beve
Date: 2009-10-08 01:38:25 -0400 (Thu, 08 Oct 2009)
New Revision: 29549
Added:
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java
labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java
labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/esb.password
labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/wsproxysecurity.password
Modified:
labs/jbossesb/trunk/product/.classpath
labs/jbossesb/trunk/product/docs/ServicesGuide.odt
labs/jbossesb/trunk/product/ivy.xml
labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/dependencies/JuddiRMIService.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java
labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
labs/jbossesb/trunk/product/samples/quickstarts/conf/base-build.xml
labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/build.xml
labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/deployment.xml
labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/jboss-esb.xml
labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/readme.txt
labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/build.xml
labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties
labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml
labs/jbossesb/trunk/qa/test.properties
Log:
Work for https://jira.jboss.org/jira/browse/JBESB-2766 "Requesting mechanism to encrypt keystore password in jbr-provider, http-provider, soapproxy, and httprouter"
Modified: labs/jbossesb/trunk/product/.classpath
===================================================================
--- labs/jbossesb/trunk/product/.classpath 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/.classpath 2009-10-08 05:38:25 UTC (rev 29549)
@@ -97,6 +97,7 @@
<classpathentry kind="lib" path="build/lib/xercesImpl-2.8.0.jar"/>
<classpathentry kind="lib" path="build/lib/xmlpublic-2.2.0.jar"/>
<classpathentry kind="lib" path="build/lib/xstream-1.2.2.jar"/>
+ <classpathentry kind="lib" path="build/lib/jbosssx-4.2.3.GA.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftplet-api-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftpserver-core-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="lib/ext/commons-net-2.0.0-652071.jar"/>
Modified: labs/jbossesb/trunk/product/docs/ServicesGuide.odt
===================================================================
(Binary files differ)
Modified: labs/jbossesb/trunk/product/ivy.xml
===================================================================
--- labs/jbossesb/trunk/product/ivy.xml 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/ivy.xml 2009-10-08 05:38:25 UTC (rev 29549)
@@ -156,6 +156,7 @@
<dependency org="javax.xml.bind" name="jaxb-api" rev="2.1"/>
<dependency org="org.jboss.security" name="jboss-security-spi" rev="2.1.0.20090318"/>
+ <dependency org="jboss" name="jbosssx" rev="4.2.3.GA"/>
</dependencies>
</ivy-module>
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/dependencies/JuddiRMIService.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/dependencies/JuddiRMIService.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/dependencies/JuddiRMIService.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -51,6 +51,10 @@
private static final String JUDDI_PROPERTIES_RESOURCE_FILE = "esb.juddi.properties";
private static final String JUDDI_PROPERTY_FILE_COMMENTS = "Auto generated property file, do not edit" ;
+ public static final String PROPNAME_JAVA_NAMING_FACTORY_INITIAL = "java.naming.factory.initial";
+ public static final String PROPNAME_JAVA_NAMING_PROVIDER_URL = "java.naming.provider.url";
+ public static final String PROPNAME_JAVA_NAMING_FACTORY_URL_PKGS = "java.naming.factory.url.pkgs";
+
private String propertiesResourceFile ;
private String propertiesFileDir;
@@ -122,6 +126,19 @@
}
System.setProperty("juddi.propertiesFile", juddiPropertyFile.getAbsolutePath());
System.setProperty("javax.xml.registry.ConnectionFactoryClass","org.apache.ws.scout.registry.ConnectionFactoryImpl");
+ // Read properties from file and if they exist - pass them on to juddi as system properties
+ String factoryInitial = xmlProperties.getProperty(PROPNAME_JAVA_NAMING_FACTORY_INITIAL, null);
+ String providerURL = xmlProperties.getProperty(PROPNAME_JAVA_NAMING_PROVIDER_URL, null);
+ String factoryURLPkgs = xmlProperties.getProperty(PROPNAME_JAVA_NAMING_FACTORY_URL_PKGS, null);
+ if (factoryInitial != null) {
+ System.setProperty(PROPNAME_JAVA_NAMING_FACTORY_INITIAL, factoryInitial);
+ }
+ if (providerURL != null) {
+ System.setProperty(PROPNAME_JAVA_NAMING_PROVIDER_URL, providerURL);
+ }
+ if (factoryURLPkgs != null) {
+ System.setProperty(PROPNAME_JAVA_NAMING_FACTORY_URL_PKGS, factoryURLPkgs);
+ }
JNDIRegistration.register();
}
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/persistence/manager/StandaloneConnectionManager.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -28,6 +28,7 @@
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.persistence.manager.ConnectionManager;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import com.mchange.v2.c3p0.ComboPooledDataSource;
@@ -84,7 +85,12 @@
pooledDS.setDriverClass(Configuration.getStoreDriver());
pooledDS.setJdbcUrl(Configuration.getStoreUrl());
pooledDS.setUser(Configuration.getStoreUser());
- pooledDS.setPassword(Configuration.getStorePwd());
+ String password = Configuration.getStorePwd();
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ password = new PasswordUtil(password).getPasswordAsString();
+ }
+ pooledDS.setPassword(password);
pooledDS.setMinPoolSize(Integer.valueOf(Configuration
.getStorePoolMinSize()));
pooledDS.setInitialPoolSize(Integer.valueOf(Configuration
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/rosetta/pooling/JmsConnectionPool.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -21,6 +21,8 @@
*/
package org.jboss.internal.soa.esb.rosetta.pooling;
+import java.io.IOException;
+import java.net.URL;
import java.sql.SQLException;
import java.util.*;
import java.util.concurrent.Callable;
@@ -50,6 +52,8 @@
import org.jboss.soa.esb.common.TransactionStrategyException;
import org.jboss.soa.esb.helpers.NamingContextException;
import org.jboss.soa.esb.helpers.NamingContextPool;
+import org.jboss.soa.esb.services.security.PasswordUtil;
+import org.jboss.soa.esb.util.JmsUtil;
import com.arjuna.common.util.propertyservice.PropertyManager;
@@ -759,10 +763,15 @@
logger.debug("Creating a JMS Connection for poolKey : " + poolKey);
final Object factoryConnection = getFactoryConnection() ;
final String username = poolKey.get( JMSEpr.JMS_SECURITY_PRINCIPAL_TAG );
- final String password = poolKey.get( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG );
- boolean useJMSSecurity = (username != null && password != null);
+ String password = poolKey.get( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG );
+ boolean useJMSSecurity = JmsUtil.isSecurityConfigured(username, password);
logger.debug( "JMS Security principal [" + username + "] using JMS Security : " + useJMSSecurity );
+ if (useJMSSecurity)
+ {
+ password = JmsUtil.getPasswordFromFile(password);
+ }
+
if (isXAAware)
{
final XAConnectionFactory factory = (XAConnectionFactory)factoryConnection ;
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/internal/soa/esb/services/registry/JAXRConnectionFactory.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -23,11 +23,14 @@
import org.apache.log4j.Logger;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.ConfigurationException;
import javax.xml.registry.Connection;
import javax.xml.registry.ConnectionFactory;
import javax.xml.registry.JAXRException;
+
+import java.io.IOException;
import java.net.PasswordAuthentication;
import java.util.HashSet;
import java.util.Properties;
@@ -79,6 +82,17 @@
}
String user = Configuration.getRegistryUser();
String password = Configuration.getRegistryPassword();
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ password = new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (IOException e)
+ {
+ throw new ConfigurationException("Could not retrieve password from file", e);
+ }
+ }
if(user != null && password != null) {
PasswordAuthentication passwdAuth = new PasswordAuthentication(user, password.toCharArray());
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/actions/routing/JMSRouter.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -55,6 +55,7 @@
import org.jboss.soa.esb.notification.jms.DefaultJMSPropertiesSetter;
import org.jboss.soa.esb.notification.jms.JMSPropertiesSetter;
import org.jboss.soa.esb.util.ClassUtil;
+import org.jboss.soa.esb.util.JmsUtil;
import org.jboss.soa.esb.util.JndiUtil;
import org.jboss.soa.esb.util.Util;
@@ -259,11 +260,16 @@
}
final String securityPrincipal = properties.getAttribute(SECURITY_PRINCIPAL);
- final String securityCredential = properties.getAttribute(SECURITY_CREDITIAL);
+ String securityCredential = properties.getAttribute(SECURITY_CREDITIAL);
+ boolean useJMSSecurity = JmsUtil.isSecurityConfigured(securityPrincipal, securityCredential);
if ( securityPrincipal != null && securityCredential == null )
throw new ConfigurationException("'" + SECURITY_PRINCIPAL + "' must be accompanied by a '" + SECURITY_CREDITIAL + "'");
else if ( securityCredential != null && securityPrincipal == null )
throw new ConfigurationException("'" + SECURITY_CREDITIAL + "' must be accompanied by a '" + SECURITY_PRINCIPAL + "'");
+ if (useJMSSecurity)
+ {
+ securityCredential = JmsUtil.getPasswordFromFile(securityCredential);
+ }
// Extract and environment properties given as properties in the config.
environment = JndiUtil.parseEnvironmentProperties(propertiesTree);
@@ -271,7 +277,7 @@
environment.setProperty(Context.INITIAL_CONTEXT_FACTORY, jndiContextFactory);
environment.setProperty(Context.URL_PKG_PREFIXES, jndiPkgPrefix);
try {
- pool = ( securityPrincipal != null ) ?
+ pool = ( useJMSSecurity ) ?
JmsConnectionPoolContainer.getPool(environment, connectionFactory, securityPrincipal, securityCredential) :
JmsConnectionPoolContainer.getPool(environment, connectionFactory );
} catch (final ConnectionException ce) {
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/helpers/Email.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -53,6 +53,7 @@
import org.jboss.internal.soa.esb.assertion.AssertArgument;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.util.Util;
/**
@@ -208,7 +209,14 @@
*/
public Email(final String host, final int port, final String username, final String password, final boolean auth) throws AddressException, MessagingException {
AssertArgument.isNotNullAndNotEmpty(host, "host");
- this.oMailSess = initMailServerSession(host, port, username, password, auth);
+ try
+ {
+ this.oMailSess = initMailServerSession(host, port, username, password, auth);
+ }
+ catch (IOException e)
+ {
+ throw new MessagingException(e.getMessage(), e);
+ }
}
@@ -464,12 +472,14 @@
* @param auth If true will attempt to authenticate the user using the AUTH command. This will set the property 'mail.smtp.auth'.
*
* @return The {@link javax.mail.Session}.
+ * @throws IOException
*/
- private Session initMailServerSession(final String host, final int port, final String username, final String password, final boolean auth) {
+ private Session initMailServerSession(final String host, final int port, final String username, final String password, final boolean auth) throws IOException {
Authenticator authenticator = null;
if (!Util.isNullString(username)) {
- authenticator = new MyAuth(username, password);
+ String pw = new PasswordUtil(password).getPasswordAsString();
+ authenticator = new MyAuth(username, pw);
}
final Properties properties = new Properties();
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/Configurator.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -21,9 +21,11 @@
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.http.HttpClientFactory;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.apache.commons.httpclient.HttpClient;
import java.util.Properties;
+import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
@@ -90,4 +92,20 @@
throw new ConfigurationException(getClass().getSimpleName() + " must be configured with an Integer value for the '" + propertyName + "' property.");
}
}
+
+ protected String getPasswordFromFile(final String password) throws ConfigurationException
+ {
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ return new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (final IOException e)
+ {
+ throw new ConfigurationException(e.getMessage(), e);
+ }
+ }
+ return password;
+ }
}
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthBASIC.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -68,6 +68,8 @@
assertPropertySetAndNotBlank(authScopeHost, "authscope-host");
assertPropertyIsInteger(authScopePort, "authscope-port");
+ password = getPasswordFromFile(password);
+
Credentials creds = new UsernamePasswordCredentials(username, password);
AuthScope authScope;
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/AuthNTLM.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -69,7 +69,9 @@
assertPropertySetAndNotBlank(authScopeHost, "ntauthscope-host");
assertPropertyIsInteger(authScopePort, "ntauthscope-port");
assertPropertySetAndNotBlank(authScopeDomain, "ntauthscope-domain");
-
+
+ password = getPasswordFromFile(password);
+
Credentials creds = new NTCredentials(username, password,
authScopeHost, authScopeDomain);
AuthScope authScope;
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/http/configurators/HttpProtocol.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -156,6 +156,8 @@
String keyStore = properties.getProperty("keystore", "/keystore");
String keyStorePassword = properties.getProperty("keystore-passw", "changeit");
+ keyStorePassword = getPasswordFromFile(keyStorePassword);
+
// Try it as a classpath resource ...
InputStream keyStoreStream = ClassUtil.getResourceAsStream(keyStore, HttpProtocol.class);
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JBossRemotingGatewayListener.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -50,8 +50,6 @@
import org.jboss.soa.esb.message.body.content.BytesBody;
import org.jboss.soa.esb.services.registry.RegistryException;
import org.jboss.soa.esb.services.registry.RegistryFactory;
-import org.jboss.soa.esb.services.security.PublicCryptoUtil;
-import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
import org.jboss.soa.esb.services.security.auth.ExtractorUtil;
@@ -62,7 +60,6 @@
import javax.management.MBeanServer;
import javax.security.auth.login.LoginException;
-import java.io.Serializable;
import java.io.StringWriter;
import java.io.PrintWriter;
import java.net.*;
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/JmsGatewayListener.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -22,6 +22,7 @@
package org.jboss.soa.esb.listeners.gateway;
+import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
@@ -62,7 +63,9 @@
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.services.registry.RegistryException;
import org.jboss.soa.esb.services.registry.ServiceNotFoundException;
+import org.jboss.soa.esb.services.security.PasswordUtil;
import org.jboss.soa.esb.util.ClassUtil;
+import org.jboss.soa.esb.util.JmsUtil;
import org.jboss.soa.esb.util.JndiUtil;
public class JmsGatewayListener extends AbstractThreadedManagedLifecycle {
@@ -382,22 +385,29 @@
String destType = _config.getAttribute(JMSEpr.DESTINATION_TYPE_TAG);
boolean persistent = Boolean.valueOf( _config.getAttribute(JMSEpr.PERSISTENT_TAG));
boolean transacted = Boolean.valueOf( _config.getAttribute(JMSEpr.TRANSACTED_TAG));
+ _logger.debug( "JMSGateway isTransacted = " + transacted );
String acknowledgeMode = _config.getAttribute(JMSEpr.ACKNOWLEDGE_MODE_TAG);
final String username = _config.getAttribute( JMSEpr.JMS_SECURITY_PRINCIPAL_TAG );
+
+ // password can be either a clear text password or a file containting an encrypted password.
final String password = _config.getAttribute( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG );
- if ( username != null && password != null )
+ String decryptedPassword = null;
+ if (JmsUtil.isSecurityConfigured(username, password))
{
environment.put( JMSEpr.JMS_SECURITY_PRINCIPAL_TAG, username );
- environment.put( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG, password );
+ decryptedPassword = JmsUtil.getPasswordFromFile(password);
+ environment.put( JMSEpr.JMS_SECURITY_CREDENTIAL_TAG, decryptedPassword);
}
- _logger.debug( "JMSGateway isTransacted = " + transacted );
+ // When creating the EPR we always use the password as seen in the configuration.
_myEpr = (null == _serviceName) ? null : new JMSEpr(JMSEpr.ONE_ONE_PROTOCOL, destType,
jmsDestinationName, sFactClass, environment, _messageSelector, persistent, acknowledgeMode,
username, password, transacted );
- jmsConnectionPool = JmsConnectionPoolContainer.getPool(environment, sFactClass, username, password);
+
+ // To create the connection pool we need to use the decrypted password (if applicable).
+ jmsConnectionPool = JmsConnectionPoolContainer.getPool(environment, sFactClass, username, decryptedPassword);
try {
jmsSession = _myEpr != null ? jmsConnectionPool.getSession(((JMSEpr)_myEpr).getAcknowledgeMode()):
Added: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java (rev 0)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PasswordUtil.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -0,0 +1,103 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.jboss.internal.soa.esb.assertion.AssertArgument;
+import org.jboss.internal.soa.esb.util.StreamUtils;
+import org.jboss.security.plugins.FilePassword;
+import org.jboss.soa.esb.ConfigurationException;
+
+/**
+ * Util class that can read a password from a specified file.
+ * </p>
+ * This class simply delegated to {@link FilePassword} which performs the
+ * real work.
+ *
+ * <h3>Creating a password file</h3>
+ * Go to the conf directory of your jboss server instance (eg: default/conf)
+ * java -cp ../lib/jbosssx.jar org.jboss.security.plugins.FilePassword welcometojboss 13 testpass passwordFile
+ * <lu>
+ * <li>welcometojboss Is the salt value.<li>
+ * <li>testpass Is the clear text password you want to protect.<li>
+ * <li>passwordFile Is the name of the file which will contain the encrypted password.<li>
+ * </lu>
+ *
+ * Note that this is security by obscurity in that the password is not store
+ * in plaintext, but it can be recovered by simply using the code from this class.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ * @since 4.7
+ */
+public final class PasswordUtil
+{
+ private FilePassword filePassword;
+
+ public PasswordUtil(final String passwordFile)
+ {
+ AssertArgument.isNotNull(passwordFile, "passwordFile");
+ filePassword = new FilePassword(passwordFile);
+ }
+
+ public char[] getPassword() throws IOException
+ {
+ return filePassword.toCharArray();
+ }
+
+ public String getPasswordAsString() throws IOException
+ {
+ return new String(filePassword.toCharArray());
+ }
+
+ public static boolean isPasswordFile(final String passwordFile)
+ {
+ if (passwordFile == null || "".equals(passwordFile))
+ {
+ return false;
+ }
+ InputStream resource = null;
+ try
+ {
+ resource = StreamUtils.getResource(passwordFile);
+ return resource != null;
+ }
+ catch (final ConfigurationException e)
+ {
+ return false;
+ }
+ finally
+ {
+ try
+ {
+ if (resource != null)
+ {
+ resource.close();
+ }
+ }
+ catch (final IOException ignored)
+ {
+ }
+ }
+ }
+
+}
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/PublicCryptoUtil.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -45,7 +45,6 @@
import org.jboss.soa.esb.util.ClassUtil;
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.listeners.message.MessageDeliverException;
-import org.jboss.soa.esb.listeners.gateway.http.HttpGatewayServlet;
/**
* Util for encrypting/decrypting using assymmetric keys.
@@ -167,9 +166,14 @@
{
keystoreType = KeyStore.getDefaultType();
}
+
String keystorePassword = Configuration.getSecurityServicePublicKeystorePassword();
+ String privateKeyPass = Configuration.getSecurityServicePublicKeyPassword();
String privateKeyAlias = Configuration.getSecurityServicePublicKeyAlias();
- String privateKeyPass = Configuration.getSecurityServicePublicKeyPassword();
+
+ // Try to retreive the password from a file if applicable.
+ keystorePassword = getPasswordFromFile(keystorePassword);
+ privateKeyPass = getPasswordFromFile(privateKeyPass);
try
{
@@ -222,6 +226,23 @@
}
}
}
+
+ private String getPasswordFromFile(final String password)
+ {
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ return new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (final IOException e)
+ {
+ throw new IllegalStateException(e.getMessage(), e);
+ }
+ }
+
+ return password;
+ }
private static byte[] getBytes(final Serializable ser) throws IOException
{
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ExtractorUtil.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -22,7 +22,6 @@
import java.io.Serializable;
-import org.apache.log4j.Logger;
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.services.security.PublicCryptoUtil;
import org.jboss.soa.esb.services.security.SecurityService;
@@ -36,8 +35,6 @@
*/
public final class ExtractorUtil
{
- private static Logger log = Logger.getLogger(ExtractorUtil.class);
-
private ExtractorUtil()
{
}
@@ -53,7 +50,7 @@
}
else
{
- log.warn("No public keystore has been configured which means that the authentication request cannot be encrypted. Please configure jbossesb-properties.xml with a publickey store.");
+ throw new SecurityServiceException("No public keystore has been configured which means that the authentication request cannot be encrypted. Please configure jbossesb-properties.xml with a publickey store.");
}
}
}
Modified: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/services/security/auth/ws/WSSecurityInfoExtractor.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -81,11 +81,11 @@
}
/**
- * Extracts UsernameToken element is one exists and creates
- * a Principal with the username and sets a Credential using
- * the password. The type of the Credential is a character array.
- * If the SOAP message contains a BinarySecurityToken this will be
- * extracted and added as a Credential.
+ * Extracts UsernameToken element is one exists and creates a Principal with the
+ * username and sets a Credential using the password. The type of the Credential is a character array.
+ * <p/>
+ * If the SOAP message contains a BinarySecurityToken this will be extracted and added as a Credential.
+ *
* @param soap - the soap message represented as a String
* @return {@link AuthenticationRequest}
*/
@@ -96,28 +96,35 @@
return null;
}
- final JavaResult javaResult = new JavaResult();
- smooks.filter(new StreamSource(new StringReader(soap)), javaResult);
-
- UsernameToken token = (UsernameToken) javaResult.getBean("userNameToken");
- User user = null;
- Set<Object> credentials = new HashSet<Object>();
- if ( token != null )
+ if (soap.contains("UsernameToken") || soap.contains("BinarySecurityToken"))
{
- user = new User(token.getUserName());
- credentials.add(token.getPassword());
- }
+ final JavaResult javaResult = new JavaResult();
+ smooks.filterSource(new StreamSource(new StringReader(soap)), javaResult);
- BinarySecurityToken binaryToken = (BinarySecurityToken) javaResult.getBean("binarySecurityToken");
- if ( binaryToken != null )
- {
- credentials.add(binaryToken.getKey());
+ UsernameToken token = (UsernameToken) javaResult.getBean("userNameToken");
+ User user = null;
+ Set<Object> credentials = new HashSet<Object>();
+ if (token != null)
+ {
+ user = new User(token.getUserName());
+ credentials.add(token.getPassword());
+ }
+
+ BinarySecurityToken binaryToken = (BinarySecurityToken) javaResult.getBean("binarySecurityToken");
+ if (binaryToken != null)
+ {
+ credentials.add(binaryToken.getKey());
+ }
+ if (credentials.isEmpty())
+ {
+ return null;
+ }
+ return new AuthenticationRequestImpl.Builder(user, credentials ).build();
}
- if (credentials.isEmpty())
+ else
{
- return null ;
+ return null;
}
- return new AuthenticationRequestImpl.Builder(user, credentials ).build();
}
private void createSmooks(final String configFile)
Added: labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java (rev 0)
+++ labs/jbossesb/trunk/product/rosetta/src/org/jboss/soa/esb/util/JmsUtil.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -0,0 +1,77 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.util;
+
+import java.io.IOException;
+
+import javax.jms.JMSException;
+
+import org.apache.log4j.Logger;
+import org.jboss.soa.esb.services.security.PasswordUtil;
+
+/**
+ * Utility methods for JMS operations.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public class JmsUtil
+{
+ private static Logger log = Logger.getLogger(JmsUtil.class);
+
+ private JmsUtil()
+ {
+ }
+
+ /**
+ * Will return the decrypted password from the passed in file.
+ *
+ * @param password The path to the password file.
+ * @return String Either the decrypted password or the passed in password unchanged.
+ *
+ * @throws JMSException If an error occurs while decrypting.
+ */
+ public static String getPasswordFromFile(final String password) throws JMSException
+ {
+ if (PasswordUtil.isPasswordFile(password))
+ {
+ try
+ {
+ return new PasswordUtil(password).getPasswordAsString();
+ }
+ catch (final IOException e)
+ {
+ final String errorMsg = "Could not read password from file : " + password;
+ log.error(errorMsg, e);
+ throw new JMSException(errorMsg + ", " + e.getMessage());
+ }
+ }
+
+ return password;
+
+ }
+
+ public static boolean isSecurityConfigured(final String principal, final String credential)
+ {
+ return principal != null && credential != null;
+ }
+
+}
Added: labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java
===================================================================
--- labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java (rev 0)
+++ labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/PasswordUtilUnitTest.java 2009-10-08 05:38:25 UTC (rev 29549)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.net.URL;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Unit test for {@link PasswordUtil}.
+ *
+ * @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
+ *
+ */
+public class PasswordUtilUnitTest
+{
+ private String jbossEsbProperties;
+
+ @Test
+ public void getPassword() throws IOException
+ {
+ final URL file = getClass().getResource("esb.password");
+ final PasswordUtil passwordUtil = new PasswordUtil(file.getFile());
+
+ final char[] password = passwordUtil.getPassword();
+ assertNotNull(password);
+ assertEquals("JBossESB", new String(password));
+ }
+
+ @Test (expected = IllegalArgumentException.class )
+ public void shouldThrowIfSecurityDomainIsNull() throws Exception
+ {
+ new PasswordUtil(null);
+ }
+
+ @Test
+ public void isPasswordFile()
+ {
+ final URL file = getClass().getResource("esb.password");
+ assertTrue(PasswordUtil.isPasswordFile(file.getFile()));
+ assertFalse(PasswordUtil.isPasswordFile("somepass"));
+ assertFalse(PasswordUtil.isPasswordFile("/webservice_proxy_security_pass"));
+ assertFalse(PasswordUtil.isPasswordFile(null));
+ assertFalse(PasswordUtil.isPasswordFile(""));
+ }
+
+ @Before
+ public void setup() throws ConfigurationException
+ {
+ jbossEsbProperties = System.getProperty(Environment.PROPERTIES_FILE);
+ URL resource = ClassUtil.getResource("security-properties.xml", getClass());
+ System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
+ }
+
+ @After
+ public void tearDown()
+ {
+ if ( jbossEsbProperties != null )
+ System.setProperty(Environment.PROPERTIES_FILE, jbossEsbProperties);
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(PasswordUtilUnitTest.class);
+ }
+
+}
Added: labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/esb.password
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/trunk/product/rosetta/tests/src/org/jboss/soa/esb/services/security/esb.password
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: labs/jbossesb/trunk/product/samples/quickstarts/conf/base-build.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/conf/base-build.xml 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/conf/base-build.xml 2009-10-08 05:38:25 UTC (rev 29549)
@@ -165,6 +165,7 @@
<pathelement location="${org.jboss.esb.server.server}/lib/cglib.jar"/>
<pathelement location="${org.jboss.esb.server.server}/lib/dom4j.jar"/>
<pathelement location="${org.jboss.esb.server.server}/lib/antlr.jar"/>
+ <pathelement location="${org.jboss.esb.server.server}/lib/jbosssx.jar"/>
<!-- smooks config -->
<fileset dir="${org.jboss.esb.server.deploy.dir}/smooks.esb" includes="*.jar"/>
<pathelement location="${org.jboss.esb.server.deploy.dir}/smooks.esb"/>
Modified: labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/build.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/build.xml 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/build.xml 2009-10-08 05:38:25 UTC (rev 29549)
@@ -6,7 +6,18 @@
</description>
<property name="additional.deploys" value="messaging-db-users-service.xml" />
-
+ <target name="quickstart-specific-assemblies" depends="filter"/>
+
+ <target name="filter">
+ <property name="password.file" value="${basedir}/jmssecured.password"/>
+ <echo message="${password.file}"/>
+ <copy file="jboss-esb.xml" tofile="${build.dir}/META-INF/jboss-esb.xml" filtering="true" overwrite="true">
+ <filterset>
+ <filter token="password.file" value="${password.file}" />
+ </filterset>
+ </copy>
+ </target>
+
<!-- Import the base Ant build script... -->
<import file="../conf/base-build.xml"/>
@@ -32,8 +43,6 @@
</copy>
</target>
-
-
<target name="runtest" depends="compile"
description="sends a JMS message to queue/quickstart_jms_secured_Request_gw">
<echo>Runs Test JMS Sender</echo>
Modified: labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/deployment.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/deployment.xml 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/deployment.xml 2009-10-08 05:38:25 UTC (rev 29549)
@@ -2,4 +2,5 @@
<depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_jms_secured_Request_esb</depends>
<depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_jms_secured_Request_gw</depends>
<depends>jboss.messaging:service=JMSSecuredQuickstartUserManager</depends>
+ <depends>jboss.esb:deployment=jbossesb.esb</depends>
</jbossesb-deployment>
Modified: labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/jboss-esb.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/jboss-esb.xml 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/jboss-esb.xml 2009-10-08 05:38:25 UTC (rev 29549)
@@ -1,5 +1,5 @@
<?xml version = "1.0" encoding = "UTF-8"?>
-<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.0.1.xsd" parameterReloadSecs="5">
+<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.2.0.xsd" parameterReloadSecs="5">
<providers>
<jms-provider name="JBossMessaging" connection-factory="ConnectionFactory">
@@ -7,7 +7,7 @@
<jms-message-filter
dest-type="QUEUE"
dest-name="queue/quickstart_jms_secured_Request_gw"
- jms-security-principal="esbuser" jms-security-credential="esbpassword"
+ jms-security-principal="esbuser" jms-security-credential="@password.file@"
/>
</jms-bus>
<jms-bus busid="quickstartEsbChannel">
Modified: labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/readme.txt
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/readme.txt 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/jms_secured/readme.txt 2009-10-08 05:38:25 UTC (rev 29549)
@@ -45,3 +45,10 @@
5. messaging-db-users.properties
Is a jboss service that insert users and roles into the JBoss Messaging database. This is only used when JBoss
Messaging is configured to use a database for managing users and roles.
+ 6. jmssecured.password
+ This is an encrypted password file for the configured JMS destination. This is configured in jboss-esb.xml instead of the
+ clear text password for the jmsbus with id 'quickstartGwChannel'.
+
+ The password was encrypted by issuing the following command (from the conf directory of your jboss server instance (eg: default/conf):
+ java -cp ../lib/jbosssx.jar org.jboss.security.plugins.FilePassword welcometojboss 13 esbpassword jmssecured.password
+
Modified: labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/build.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/build.xml 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/build.xml 2009-10-08 05:38:25 UTC (rev 29549)
@@ -28,6 +28,7 @@
<mkdir dir="${build.dir}/META-INF/"/>
<property name="keystore" location="${build.dir}/webservice_proxy_security.keystore" />
+ <property name="password.file" location="${basedir}/wsproxysecurity.password" />
<delete file="${keystore}" failonerror="false"/>
<genkey
@@ -57,6 +58,7 @@
<copy file="httpclient-8443.properties" todir="${build.dir}/META-INF">
<filterset>
<filter token="keystore" value="${keystoredir}" />
+ <filter token="keystore.password" value="${password.file}" />
</filterset>
</copy>
Modified: labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/httpclient-8443.properties 2009-10-08 05:38:25 UTC (rev 29549)
@@ -11,7 +11,7 @@
#protocol-socket-factory=org.jboss.soa.esb.http.protocol.SelfSignedSSLProtocolSocketFactoryBuilder
#protocol-socket-factory=org.jboss.soa.esb.http.protocol.AuthSSLProtocolSocketFactoryBuilder
keystore=@keystore@
-keystore-passw=webservice_proxy_security_pass
+keystore-passw=@keystore.password@
truststore=@keystore@
truststore-passw=webservice_proxy_security_pass
Modified: labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml
===================================================================
--- labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/jboss-esb-template.xml 2009-10-08 05:38:25 UTC (rev 29549)
@@ -1,6 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<jbossesb xmlns="http://anonsvn.labs.jboss.com/labs/jbossesb/trunk/product/etc/schemas/xml/jbossesb-1.2.0.xsd" parameterReloadSecs="5">
+ <globals>
+ <!-- Security setting for all http-providers and all EBWSs in this jboss-esb.xml file.-->
+ <war-security method="BASIC" domain="JBossWS" /> <!-- uname: "kermit" pw: "thefrog" -->
+ </globals>
+
<providers>
<http-provider name="HTTP-PROVIDER">
<http-bus busid="HTTP-BUS" transportGuarantee="CONFIDENTIAL">
@@ -8,7 +13,6 @@
<role name="friend" />
</allowed-roles>
</http-bus>
- <auth method="BASIC" domain="JBossWS" />
</http-provider>
</providers>
@@ -16,7 +20,6 @@
<service category="Proxy_Security" name="Proxy"
description="Security WebService Proxy"
invmScope="GLOBAL">
- <security moduleName="JBossWS" />
<listeners>
<http-gateway name="HTTP-GATEWAY" busidref="HTTP-BUS" urlPattern="ProxyWS/*" />
</listeners>
Added: labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/wsproxysecurity.password
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/trunk/product/samples/quickstarts/webservice_proxy_security/wsproxysecurity.password
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: labs/jbossesb/trunk/qa/test.properties
===================================================================
--- labs/jbossesb/trunk/qa/test.properties 2009-10-08 05:35:27 UTC (rev 29548)
+++ labs/jbossesb/trunk/qa/test.properties 2009-10-08 05:38:25 UTC (rev 29549)
@@ -11,7 +11,7 @@
# Set these options to run the tests against a SOA/JBoss AS container
####
#soa.test.no-prepare=true
-#org.jboss.esb.server.home=/opt/jboss-soa-p.4.2.0/jboss-as
+org.jboss.esb.server.home=/opt/jboss/as/bundles/jboss-5.1.0.GA
#org.jboss.esb.test.server.config=all
#org.jboss.esb.server.config=all
More information about the jboss-svn-commits
mailing list