You are viewing a plain text version of this content. The canonical link for it is here.
Posted to tsik-dev@ws.apache.org by ha...@apache.org on 2005/09/07 01:42:43 UTC
svn commit: r279182 - in /incubator/tsik/trunk: ./ resources/
src/org/apache/tsik/wss/axis/
Author: hans
Date: Tue Sep 6 16:42:39 2005
New Revision: 279182
URL: http://svn.apache.org/viewcvs?rev=279182&view=rev
Log:
Added optional TSIK-based Axis handlers.
Added:
incubator/tsik/trunk/resources/axis-1.2.1.jar (with props)
incubator/tsik/trunk/resources/jaxrpc.jar (with props)
incubator/tsik/trunk/resources/saaj.jar (with props)
incubator/tsik/trunk/resources/wss4j.jar (with props)
incubator/tsik/trunk/src/org/apache/tsik/wss/axis/
incubator/tsik/trunk/src/org/apache/tsik/wss/axis/DecryptAndVerifyBody.java
incubator/tsik/trunk/src/org/apache/tsik/wss/axis/SignAndEncryptBody.java
incubator/tsik/trunk/src/org/apache/tsik/wss/axis/tsik_deploy.wsdd
Modified:
incubator/tsik/trunk/build.xml
Modified: incubator/tsik/trunk/build.xml
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/build.xml?rev=279182&r1=279181&r2=279182&view=diff
==============================================================================
--- incubator/tsik/trunk/build.xml (original)
+++ incubator/tsik/trunk/build.xml Tue Sep 6 16:42:39 2005
@@ -18,7 +18,23 @@
-->
-<project name="tsik" default="build" basedir=".">
+<project name="tsik" default="usage" basedir=".">
+
+ <target name="usage">
+ <echo>
+ Main targets:
+
+ build --> compiles TSIK core library and tests
+ clean --> cleans all built files
+ api --> creates javadocs
+ test --> runs unit tests
+
+
+ Optional targets:
+
+ buildaxis --> builds axis handlers (tsik_axis.jar)
+ </echo>
+ </target>
<!-- ======================================================================
The following properties just name the local directories and files used here
@@ -27,6 +43,7 @@
<property name="docs" value="docs"/>
<property name="reports" value="reports"/>
<property name="resources" value="resources"/>
+ <property name="axis_resources" value="resources"/>
<property name="lib" value="lib"/>
<property name="api" value="api"/>
<property name="img" value="img"/>
@@ -40,6 +57,11 @@
<property name="test_data_tmp" value="test/data/tmp"/>
<property name="tsik_jar" value="${lib}/tsik.jar"/>
<property name="log4j_jar" value="${resources}/log4j-1.2.9.jar"/>
+ <property name="axis_jar" value="${axis_resources}/axis-1.2.1.jar"/>
+ <property name="jaxrpc_jar" value="${axis_resources}/jaxrpc.jar"/>
+ <property name="saaj_jar" value="${axis_resources}/saaj.jar"/>
+ <property name="wss4j_jar" value="${axis_resources}/wss4j.jar"/>
+ <property name="tsikaxis_jar" value="${lib}/tsik_axis.jar"/>
<!-- ======================================================================
The jar_version property comes from the jar_version.properties file and is
@@ -117,7 +139,8 @@
<!-- javacchome="${javacchome}"/> -->
<javac failonerror="false" srcdir="${src}" destdir="${classes}"
- debug="on" includeAntRuntime="no">
+ debug="on" includeAntRuntime="no"
+ excludes="org/apache/tsik/wss/axis/*">
<classpath location="${log4j_jar}"/>
</javac>
@@ -137,6 +160,21 @@
</javac>
<jar jarfile="${lib}/tsik_test.jar">
<fileset dir="${test_classes}"/>
+ </jar>
+ </target>
+
+ <target name="buildaxis" depends="build">
+ <javac failonerror="false" srcdir="${src}" destdir="${classes}"
+ debug="on" includeAntRuntime="no"
+ includes="org/apache/tsik/wss/axis/*">
+ <classpath location="${tsik_jar}"/>
+ <classpath location="${axis_jar}"/>
+ <classpath location="${jaxrpc_jar}"/>
+ <classpath location="${saaj_jar}"/>
+ <classpath location="${wss4j_jar}"/>
+ </javac>
+ <jar jarfile="${tsikaxis_jar}" manifest="${data}/MANIFEST.MF">
+ <fileset dir="${classes}"/>
</jar>
</target>
Added: incubator/tsik/trunk/resources/axis-1.2.1.jar
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/resources/axis-1.2.1.jar?rev=279182&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/tsik/trunk/resources/axis-1.2.1.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/tsik/trunk/resources/jaxrpc.jar
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/resources/jaxrpc.jar?rev=279182&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/tsik/trunk/resources/jaxrpc.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/tsik/trunk/resources/saaj.jar
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/resources/saaj.jar?rev=279182&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/tsik/trunk/resources/saaj.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/tsik/trunk/resources/wss4j.jar
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/resources/wss4j.jar?rev=279182&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/tsik/trunk/resources/wss4j.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/tsik/trunk/src/org/apache/tsik/wss/axis/DecryptAndVerifyBody.java
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/src/org/apache/tsik/wss/axis/DecryptAndVerifyBody.java?rev=279182&view=auto
==============================================================================
--- incubator/tsik/trunk/src/org/apache/tsik/wss/axis/DecryptAndVerifyBody.java (added)
+++ incubator/tsik/trunk/src/org/apache/tsik/wss/axis/DecryptAndVerifyBody.java Tue Sep 6 16:42:39 2005
@@ -0,0 +1,213 @@
+/* $Id: DecryptAndVerifyBody.java 239271 2005-08-22 22:56:05Z hans $ */
+
+/*
+ * Copyright 2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.tsik.wss.axis;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import javax.xml.namespace.QName;
+import org.apache.axis.AxisFault;
+import org.apache.axis.Message;
+import org.apache.axis.MessageContext;
+import org.apache.tsik.common.Logger;
+import org.apache.tsik.common.LoggerFactory;
+import org.apache.tsik.util.Namespaces;
+import org.apache.tsik.xpath.XPath;
+import org.apache.tsik.domutil.DOMCursor;
+import org.apache.tsik.domutil.DOMWriteCursor;
+import org.apache.tsik.wsp.DependencyGraph;
+import org.apache.axis.message.SOAPHeaderElement;
+import org.apache.axis.message.SOAPHeader;
+import org.apache.axis.message.SOAPEnvelope;
+import org.apache.tsik.wsp.Violation;
+import org.apache.tsik.wss.elements.Security;
+import org.apache.ws.axis.security.handler.WSDoAllHandler;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import java.util.Iterator;
+
+/**
+ * Axis handler that decrypts and verifies a SOAP message.
+ */
+public final class DecryptAndVerifyBody extends WSDoAllHandler
+{
+ private static Class c = DecryptAndVerifyBody.class;
+ private static Logger log = LoggerFactory.getLogger(c);
+
+ private PrivateKey senderKey;
+ private X509Certificate senderCert;
+ private PrivateKey recipientKey;
+ private X509Certificate recipientCert;
+
+ private void setupKeys(MessageContext messageContext)
+ throws Exception
+ {
+ String s = (String) getOption("keystoreFilename");
+ if (s == null){
+ throw new IllegalArgumentException("missing 'keystoreFilename'");
+ }
+ File f = new File(s);
+ if (!f.exists()){
+ throw new IllegalArgumentException(f.getCanonicalPath()
+ +" doesn't exist");
+ }
+ String p = (String) getOption("keystorePassword");
+ if (p == null){
+ throw new IllegalArgumentException("Missing password");
+ }
+ char[] pswd = p.toCharArray();
+ KeyStore ks = KeyStore.getInstance("JKS");
+ ks.load(new FileInputStream(f), pswd);
+
+ String sender = (String) getOption("sender");
+ String receiver = (String) getOption("receiver");
+ if (sender == null){
+ throw new IllegalArgumentException("missing 'sender'");
+ }
+ if (receiver == null){
+ throw new IllegalArgumentException("missing 'receiver'");
+ }
+
+ senderKey = (PrivateKey) ks.getKey(sender, pswd);
+ senderCert = (X509Certificate) ks.getCertificate(sender);
+ recipientKey = (PrivateKey) ks.getKey(receiver, pswd);
+ recipientCert = (X509Certificate) ks.getCertificate(receiver);
+
+ if (senderKey == null || senderCert == null ||
+ recipientKey == null || recipientCert == null) {
+ throw new IllegalArgumentException("Missing key or cert");
+ }
+ }
+
+
+ /**
+ * Axis calls this in its handler chain.
+ *
+ * @param messsageContext the message context.
+ * @throws AxisFault TBD
+ */
+ public void invoke(MessageContext messageContext) throws AxisFault
+ {
+ boolean doDebug = log.isDebugEnabled();
+
+ if (doDebug) {
+ log.debug("Message type: "
+ + messageContext.getCurrentMessage().getMessageType());
+ }
+ Message msg = messageContext.getCurrentMessage();
+
+// Message request = messageContext.getRequestMessage();
+// Message response = messageContext.getResponseMessage();
+
+// if (response == null){
+// String s = "response is null, don't know what to do!";
+// log.warn(s);
+// throw new AxisFault(s);
+// }
+
+
+// Document in = null;
+// Document out = null;
+ Document doc = null;
+ try {
+ doc = msg.getSOAPEnvelope().getAsDocument();
+ setupKeys(messageContext);
+// in = request.getSOAPEnvelope().getAsDocument();
+// if (response == null){
+// out = in;
+// } else {
+// out = response.getSOAPEnvelope().getAsDocument();
+// }
+ } catch (Exception e) {
+ log.warn(e);
+ e.printStackTrace();
+ throw new AxisFault(e.toString());
+ }
+
+
+ DependencyGraph graph
+ = new org.apache.tsik.wss.graphs
+ .DecryptAndVerifyBody(recipientKey, recipientCert,
+ senderCert);
+
+// try {
+// log.warn(new DOMWriteCursor(in).publish(true));
+// log.warn(new DOMWriteCursor(out).publish(true));
+// } catch (Exception e) {
+// log.warn(e);
+// e.printStackTrace();
+// throw new AxisFault(e.toString());
+// }
+
+ graph.setInput(doc);
+ graph.setOutput(doc);
+// graph.setInput(in);
+// graph.setOutput(out);
+
+ graph.execute();
+
+ Violation[] violations = graph.getViolations();
+ if (violations.length != 0){
+ for (int i = 0; i < violations.length; i += 1){
+ log.warn(violations[i]);
+ }
+ throw new AxisFault(violations[0].toString());
+ }
+
+ DOMCursor cursor = new DOMCursor(graph.getOutput());
+ String s = "/s:Envelope/s:Body";
+ String soapUri = Namespaces.SOAPENV.getUri();
+ String[] ns = {"s", soapUri};
+ XPath xpath = new XPath(s, ns);
+ cursor.moveToXPath(xpath);
+
+ s = null;
+ try {
+ s = cursor.publish(false);
+ } catch (IOException e) {
+ s = e.toString();
+ }
+ msg = new Message(s);
+
+
+// Iterator iterator = msg.getSOAPEnvelope().getHeaders().iterator();
+// while (iterator.hasNext()) {
+// SOAPHeaderElement h = (SOAPHeaderElement) iterator.next();
+// h.setProcessed(true);
+// log.warn("aa");
+// log.warn(h.toString());
+// log.warn("ab");
+// }
+
+// SOAPHeaderElement elem = response.getSOAPEnvelope()
+// .getHeaderByName(Security.uri, Security.elementName);
+// log.warn("xx");
+// log.warn(elem.toString());
+// log.warn("xy");
+// elem.setProcessed(true);
+
+
+ messageContext.setMessage(msg);
+ }
+}
Added: incubator/tsik/trunk/src/org/apache/tsik/wss/axis/SignAndEncryptBody.java
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/src/org/apache/tsik/wss/axis/SignAndEncryptBody.java?rev=279182&view=auto
==============================================================================
--- incubator/tsik/trunk/src/org/apache/tsik/wss/axis/SignAndEncryptBody.java (added)
+++ incubator/tsik/trunk/src/org/apache/tsik/wss/axis/SignAndEncryptBody.java Tue Sep 6 16:42:39 2005
@@ -0,0 +1,173 @@
+/* $Id: DecryptAndVerifyBody.java 239271 2005-08-22 22:56:05Z hans $ */
+
+/*
+ * Copyright 2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.tsik.wss.axis;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import javax.xml.namespace.QName;
+import org.apache.axis.AxisFault;
+import org.apache.axis.Message;
+import org.apache.axis.MessageContext;
+import org.apache.tsik.domutil.DOMWriteCursor;
+import org.apache.tsik.common.Logger;
+import org.apache.tsik.common.LoggerFactory;
+import org.apache.tsik.domutil.DOMCursor;
+import org.apache.tsik.wsp.DependencyGraph;
+import org.apache.tsik.wsp.Violation;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.apache.ws.axis.security.handler.WSDoAllHandler;
+
+/**
+ * Axis handler that signs and encrypts a SOAP message.
+ */
+public final class SignAndEncryptBody extends WSDoAllHandler
+{
+ private static Class c = SignAndEncryptBody.class;
+ private static Logger log = LoggerFactory.getLogger(c);
+
+ private PrivateKey senderKey;
+ private X509Certificate senderCert;
+ private PrivateKey recipientKey;
+ private X509Certificate recipientCert;
+
+ private void setupKeys(MessageContext messageContext)
+ throws Exception
+ {
+ String s = (String) getOption("keystoreFilename");
+ if (s == null){
+ throw new IllegalArgumentException("missing 'keystoreFilename'");
+ }
+ File f = new File(s);
+ if (!f.exists()){
+ throw new IllegalArgumentException(f.getCanonicalPath()
+ +" doesn't exist");
+ }
+ String p = (String) getOption("keystorePassword");
+ if (p == null){
+ throw new IllegalArgumentException("Missing password");
+ }
+ char[] pswd = p.toCharArray();
+ KeyStore ks = KeyStore.getInstance("JKS");
+ ks.load(new FileInputStream(f), pswd);
+
+ String sender = (String) getOption("sender");
+ String receiver = (String) getOption("receiver");
+ if (sender == null){
+ throw new IllegalArgumentException("missing 'sender'");
+ }
+ if (receiver == null){
+ throw new IllegalArgumentException("missing 'receiver'");
+ }
+
+ senderKey = (PrivateKey) ks.getKey(sender, pswd);
+ senderCert = (X509Certificate) ks.getCertificate(sender);
+ recipientKey = (PrivateKey) ks.getKey(receiver, pswd);
+ recipientCert = (X509Certificate) ks.getCertificate(receiver);
+
+ if (senderKey == null || senderCert == null ||
+ recipientKey == null || recipientCert == null) {
+ throw new IllegalArgumentException("Missing key or cert");
+ }
+ }
+
+
+ /**
+ * Axis calls this in its handler chain.
+ *
+ * @param messsageContext the message context.
+ * @throws AxisFault TBD
+ */
+ public void invoke(MessageContext messageContext) throws AxisFault
+ {
+ boolean doDebug = log.isDebugEnabled();
+
+ if (doDebug) {
+ log.debug("Message type: "
+ + messageContext.getCurrentMessage().getMessageType());
+ }
+ Message request = messageContext.getRequestMessage();
+ Message response = messageContext.getResponseMessage();
+
+ Document in = null;
+ Document out = null;
+ try {
+ setupKeys(messageContext);
+ in = request.getSOAPEnvelope().getAsDocument();
+ if (response == null){
+ out = in;
+ } else {
+ out = response.getSOAPEnvelope().getAsDocument();
+ }
+ } catch (Exception e) {
+ log.warn(e);
+ e.printStackTrace();
+ throw new AxisFault(e.toString());
+ }
+
+
+ DependencyGraph graph
+ = new org.apache.tsik.wss.graphs
+ .SignAndEncryptBody(senderKey, senderCert, recipientCert);
+
+ try {
+ log.warn(new DOMWriteCursor(in).publish(true));
+ log.warn(new DOMWriteCursor(out).publish(true));
+ } catch (Exception e) {
+ log.warn(e);
+ e.printStackTrace();
+ throw new AxisFault(e.toString());
+ }
+
+ graph.setInput(out);
+ graph.setOutput(out);
+
+ graph.execute();
+
+ Violation[] violations = graph.getViolations();
+ if (violations.length != 0){
+ for (int i = 0; i < violations.length; i += 1){
+ log.warn(violations[i]);
+ }
+ throw new AxisFault(violations[0].toString());
+ }
+
+ DOMCursor cursor = new DOMCursor(graph.getOutput());
+ try{
+ cursor.publish(new java.io.FileOutputStream("/tmp/sign.xml"),false);
+ } catch (Exception e){
+ throw new AxisFault(e.toString());
+ }
+
+ String s = null;
+ try {
+ s = cursor.publish(false);
+ } catch (IOException e) {
+ s = e.toString();
+ }
+ response = new Message(s);
+ messageContext.setResponseMessage(response);
+ }
+}
Added: incubator/tsik/trunk/src/org/apache/tsik/wss/axis/tsik_deploy.wsdd
URL: http://svn.apache.org/viewcvs/incubator/tsik/trunk/src/org/apache/tsik/wss/axis/tsik_deploy.wsdd?rev=279182&view=auto
==============================================================================
--- incubator/tsik/trunk/src/org/apache/tsik/wss/axis/tsik_deploy.wsdd (added)
+++ incubator/tsik/trunk/src/org/apache/tsik/wss/axis/tsik_deploy.wsdd Tue Sep 6 16:42:39 2005
@@ -0,0 +1,38 @@
+<deployment xmlns="http://xml.apache.org/axis/wsdd/"
+ xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
+
+ <service name="stock-wss-tsik-sign"
+ style="document" use="literal">
+
+ <responseFlow>
+ <handler type="java:org.apache.tsik.wss.axis.SignAndEncryptBody">
+ <parameter name="keystoreFilename" value="oasis.jks"/>
+ <parameter name="keystorePassword" value="password"/>
+ <parameter name="sender" value="alice"/>
+ <parameter name="receiver" value="bob"/>
+ </handler>
+ </responseFlow>
+
+ <parameter name="className" value="samples.stock.StockQuoteService"/>
+ <parameter name="allowedMethods" value="getQuote"/>
+ <parameter name="scope" value="application"/>
+ </service>
+
+ <service name="stock-wss-tsik-verify" provider="java:RPC"
+ style="document" use="literal">
+
+ <requestFlow>
+ <handler type="java:org.apache.tsik.wss.axis.DecryptAndVerifyBody">
+ <parameter name="keystoreFilename" value="oasis.jks"/>
+ <parameter name="keystorePassword" value="password"/>
+ <parameter name="sender" value="alice"/>
+ <parameter name="receiver" value="bob"/>
+ </handler>
+ </requestFlow>
+
+ <parameter name="className" value="samples.stock.StockQuoteService"/>
+ <parameter name="allowedMethods" value="getQuote"/>
+ <parameter name="scope" value="application"/>
+ </service>
+
+</deployment>
---------------------------------------------------------------------
To unsubscribe, e-mail: tsik-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: tsik-dev-help@ws.apache.org