You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/01/15 19:01:35 UTC
svn commit: r1558489 - in
/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign:
README.txt pom.xml src/main/java/demo/wssec/client/Client.java
src/main/java/demo/wssec/client/StaxClient.java
src/main/java/demo/wssec/server/StaxServer.java
Author: coheigea
Date: Wed Jan 15 18:01:34 2014
New Revision: 1558489
URL: http://svn.apache.org/r1558489
Log:
Stax-ifiying ut_sign sample
Added:
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/StaxClient.java
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/server/StaxServer.java
Modified:
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/README.txt
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/pom.xml
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/Client.java
Modified: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/README.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/README.txt?rev=1558489&r1=1558488&r2=1558489&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/README.txt (original)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/README.txt Wed Jan 15 18:01:34 2014
@@ -9,7 +9,10 @@ incoming interceptors. Various Actions l
Signature, Encryption, etc., can be applied to the interceptors by passing
appropriate configuration properties.
-This demo also shows how the DefaultCryptoCoverageChecker can be used to
+CXF 3.0.0 supports both a DOM-based (in-memory) and StAX-based (streaming)
+approach to WS-Security. This demo shows how to use both approaches.
+
+This demo also shows how the CryptoCoverageChecker can be used to
make sure that the correct Elements were signed and/or encrypted.
The logging feature is used to log the inbound and outbound
@@ -48,20 +51,28 @@ Building and running the demo using Mave
From the base directory of this sample (i.e., where this README file is
located), the maven pom.xml file can be used to build and run the demo.
-
Using either UNIX or Windows:
mvn install (builds the demo)
+
+To use the DOM-based WS-Security functionality:
+
mvn -Pserver (from one command line window)
mvn -Pclient (from a second command line window)
+To use the StAX-based WS-Security functionality:
+
+ mvn -Pstax-server (from one command line window)
+ mvn -Pstax-client (from a second command line window)
+
+You can also run the DOM client against the StAX server, and vice versa.
+
On startup, the client makes a sequence of 4 two-way invocations.
To remove the code generated from the WSDL file and the .class
files, run "mvn clean".
-
Building the demo using wsdl2java and javac
-------------------------------------------
Modified: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/pom.xml?rev=1558489&r1=1558488&r2=1558489&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/pom.xml (original)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/pom.xml Wed Jan 15 18:01:34 2014
@@ -100,6 +100,29 @@
</build>
</profile>
<profile>
+ <id>stax-server</id>
+ <build>
+ <defaultGoal>test</defaultGoal>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>exec-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>test</phase>
+ <goals>
+ <goal>java</goal>
+ </goals>
+ <configuration>
+ <mainClass>demo.wssec.server.StaxServer</mainClass>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
<id>client</id>
<build>
<defaultGoal>test</defaultGoal>
@@ -122,6 +145,29 @@
</plugins>
</build>
</profile>
+ <profile>
+ <id>stax-client</id>
+ <build>
+ <defaultGoal>test</defaultGoal>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>exec-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>test</phase>
+ <goals>
+ <goal>java</goal>
+ </goals>
+ <configuration>
+ <mainClass>demo.wssec.client.StaxClient</mainClass>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
</profiles>
<dependencies>
<dependency>
Modified: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/Client.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/Client.java?rev=1558489&r1=1558488&r2=1558489&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/Client.java (original)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/Client.java Wed Jan 15 18:01:34 2014
@@ -35,7 +35,9 @@ import org.apache.cxf.ws.security.wss4j.
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
-
+/**
+ * A DOM-based client
+ */
public final class Client {
private static final String WSU_NS
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/StaxClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/StaxClient.java?rev=1558489&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/StaxClient.java (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/client/StaxClient.java Wed Jan 15 18:01:34 2014
@@ -0,0 +1,142 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package demo.wssec.client;
+
+import java.io.Closeable;
+import java.lang.reflect.UndeclaredThrowableException;
+import java.net.URL;
+import java.util.Properties;
+
+import javax.xml.namespace.QName;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.hello_world_soap_http.Greeter;
+import org.apache.cxf.hello_world_soap_http.GreeterService;
+import org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
+import org.apache.xml.security.stax.ext.SecurePart;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+
+import demo.wssec.server.UTPasswordCallback;
+
+/**
+ * A StAX-based client
+ */
+public final class StaxClient {
+ private static final String WSU_NS
+ = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+
+ private StaxClient() {
+ }
+
+ public static void main(String args[]) throws Exception {
+ try {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = StaxClient.class.getResource("wssec.xml");
+ Bus bus = bf.createBus(busFile.toString());
+ BusFactory.setDefaultBus(bus);
+
+ Properties encCryptoProperties =
+ CryptoFactory.getProperties("etc/Client_Encrypt.properties", StaxClient.class.getClassLoader());
+ Properties sigCryptoProperties =
+ CryptoFactory.getProperties("etc/Client_Sign.properties", StaxClient.class.getClassLoader());
+
+ WSSSecurityProperties properties = new WSSSecurityProperties();
+ properties.addAction(WSSConstants.USERNAMETOKEN);
+ properties.addAction(WSSConstants.TIMESTAMP);
+ properties.addAction(WSSConstants.SIGNATURE);
+
+ properties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
+ properties.setTokenUser("abcd");
+ properties.setSignatureUser("clientx509v1");
+
+ properties.setSignatureCryptoProperties(sigCryptoProperties);
+ properties.setSignatureKeyIdentifier(
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference
+ );
+ properties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
+ properties.addSignaturePart(
+ new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), SecurePart.Modifier.Element)
+ );
+ properties.addSignaturePart(
+ new SecurePart(new QName(WSSConstants.NS_SOAP11, "Body"), SecurePart.Modifier.Element)
+ );
+ properties.addSignaturePart(
+ new SecurePart(new QName("http://www.w3.org/2005/08/addressing", "ReplyTo"),
+ SecurePart.Modifier.Element)
+ );
+ properties.setCallbackHandler(new UTPasswordCallback());
+
+ WSSSecurityProperties inProperties = new WSSSecurityProperties();
+ inProperties.addAction(WSSConstants.USERNAMETOKEN);
+ inProperties.addAction(WSSConstants.TIMESTAMP);
+ inProperties.addAction(WSSConstants.SIGNATURE);
+
+ inProperties.setCallbackHandler(new UTPasswordCallback());
+ inProperties.setDecryptionCryptoProperties(sigCryptoProperties);
+ inProperties.setSignatureVerificationCryptoProperties(encCryptoProperties);
+ inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
+ inProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
+
+ // Check to make sure that the SOAP Body and Timestamp were signed,
+ StaxCryptoCoverageChecker coverageChecker = new StaxCryptoCoverageChecker();
+ coverageChecker.setSignBody(true);
+ coverageChecker.setSignTimestamp(true);
+ coverageChecker.setEncryptBody(false);
+
+ GreeterService service = new GreeterService();
+ Greeter port = service.getGreeterPort();
+ org.apache.cxf.endpoint.Client client = ClientProxy.getClient(port);
+ client.getOutInterceptors().add(new WSS4JStaxOutInterceptor(properties));
+ client.getInInterceptors().add(new WSS4JStaxInInterceptor(inProperties));
+ client.getInInterceptors().add(coverageChecker);
+
+ String[] names = new String[] {"Anne", "Bill", "Chris", "Scott"};
+ // make a sequence of 4 invocations
+ for (int i = 0; i < 4; i++) {
+ System.out.println("Invoking greetMe...");
+ String response = port.greetMe(names[i]);
+ System.out.println("response: " + response + "\n");
+ }
+
+ if (port instanceof Closeable) {
+ ((Closeable)port).close();
+ }
+
+ bus.shutdown(true);
+
+ } catch (UndeclaredThrowableException ex) {
+ ex.getUndeclaredThrowable().printStackTrace();
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ } finally {
+ System.exit(0);
+ }
+ }
+}
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/server/StaxServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/server/StaxServer.java?rev=1558489&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/server/StaxServer.java (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_sign/src/main/java/demo/wssec/server/StaxServer.java Wed Jan 15 18:01:34 2014
@@ -0,0 +1,122 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package demo.wssec.server;
+
+import java.net.URL;
+import java.util.Properties;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.jaxws.EndpointImpl;
+import org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
+import org.apache.xml.security.stax.ext.SecurePart;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+
+/**
+ * A StAX-based server
+ */
+public class StaxServer {
+ private static final String WSU_NS
+ = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+
+ protected StaxServer() throws Exception {
+ System.out.println("Starting StaxServer");
+
+ Object implementor = new GreeterImpl();
+ String address = "http://localhost:9000/SoapContext/GreeterPort";
+ EndpointImpl impl = (EndpointImpl)Endpoint.publish(address, implementor);
+
+ Properties decCryptoProperties =
+ CryptoFactory.getProperties("etc/Server_Decrypt.properties", StaxServer.class.getClassLoader());
+ Properties sigVerCryptoProperties =
+ CryptoFactory.getProperties("etc/Server_SignVerf.properties", StaxServer.class.getClassLoader());
+
+ WSSSecurityProperties properties = new WSSSecurityProperties();
+ properties.addAction(WSSConstants.USERNAMETOKEN);
+ properties.addAction(WSSConstants.TIMESTAMP);
+ properties.addAction(WSSConstants.SIGNATURE);
+
+ properties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
+ properties.setTokenUser("Alice");
+ properties.setSignatureUser("serverx509v1");
+
+ properties.setSignatureCryptoProperties(decCryptoProperties);
+ properties.setSignatureKeyIdentifier(
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference
+ );
+ properties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
+ properties.addSignaturePart(
+ new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), SecurePart.Modifier.Element)
+ );
+ properties.addSignaturePart(
+ new SecurePart(new QName(WSSConstants.NS_SOAP11, "Body"), SecurePart.Modifier.Content)
+ );
+ properties.setCallbackHandler(new UTPasswordCallback());
+
+ impl.getOutInterceptors().add(new WSS4JStaxOutInterceptor(properties));
+
+ WSSSecurityProperties inProperties = new WSSSecurityProperties();
+ inProperties.addAction(WSSConstants.USERNAMETOKEN);
+ inProperties.addAction(WSSConstants.TIMESTAMP);
+ inProperties.addAction(WSSConstants.SIGNATURE);
+
+ inProperties.setCallbackHandler(new UTPasswordCallback());
+ inProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
+ inProperties.setSignatureVerificationCryptoProperties(sigVerCryptoProperties);
+
+ impl.getInInterceptors().add(new WSS4JStaxInInterceptor(inProperties));
+
+ // Check to make sure that the SOAP Body and Timestamp were signed
+ StaxCryptoCoverageChecker coverageChecker = new StaxCryptoCoverageChecker();
+ coverageChecker.setSignBody(true);
+ coverageChecker.setSignTimestamp(true);
+ coverageChecker.setEncryptBody(false);
+ impl.getInInterceptors().add(coverageChecker);
+
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = StaxServer.class.getResource("wssec.xml");
+ Bus bus = bf.createBus(busFile.toString());
+
+ BusFactory.setDefaultBus(bus);
+
+ new StaxServer();
+ System.out.println("StaxServer ready...");
+
+ Thread.sleep(5 * 60 * 1000);
+
+ bus.shutdown(true);
+ System.out.println("StaxServer exiting");
+ System.exit(0);
+ }
+}