You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ru...@apache.org on 2006/09/03 11:48:01 UTC
svn commit: r439748 - in /webservices/axis2/trunk/java/modules:
integration/test/org/apache/rahas/ rahas/ rahas/src/org/apache/rahas/
rahas/src/org/apache/rahas/client/ rahas/src/org/apache/rahas/impl/
secpolicy/ security/src/org/apache/rampart/ securi...
Author: ruchithf
Date: Sun Sep 3 02:47:59 2006
New Revision: 439748
URL: http://svn.apache.org/viewvc?rev=439748&view=rev
Log:
- Added STSClient to be used as a general purpose STS client.
- Moved common constants out of the inner classes of RahasConstants
- Added secpolicy dependancy to rahas
Added:
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
Modified:
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
webservices/axis2/trunk/java/modules/rahas/project.xml
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcher.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuerConfig.java
webservices/axis2/trunk/java/modules/secpolicy/project.xml
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java Sun Sep 3 02:47:59 2006
@@ -65,7 +65,7 @@
RequestSecurityTokenType rst = new RequestSecurityTokenType();
try {
- rst.setRequestType(new URI(RahasConstants.V_05_02.REQ_TYPE_ISSUE));
+ rst.setRequestType(new URI(RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_ISSUE));
rst.setTokenType(new URI(RahasConstants.TOK_TYPE_SAML_10));
rst.setContext(new URI("http://get.optional.attrs.working"));
@@ -102,8 +102,8 @@
}
- public String getRequestAction() {
- return RahasConstants.V_05_02.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java Sun Sep 3 02:47:59 2006
@@ -34,9 +34,8 @@
public OMElement getRequest() {
try {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(RahasConstants.VERSION_05_12);
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem);
+ OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, rstElem);
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createAppliesToElement(rstElem,
@@ -102,8 +101,8 @@
}
- public String getRequestAction() {
- return RahasConstants.V_05_12.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java Sun Sep 3 02:47:59 2006
@@ -68,7 +68,7 @@
RequestSecurityTokenType rst = new RequestSecurityTokenType();
try {
- rst.setRequestType(new URI(RahasConstants.V_05_02.REQ_TYPE_ISSUE));
+ rst.setRequestType(new URI(RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_ISSUE));
rst.setTokenType(new URI(RahasConstants.TOK_TYPE_SAML_10));
rst.setContext(new URI("http://get.optional.attrs.working"));
@@ -105,8 +105,8 @@
}
- public String getRequestAction() {
- return RahasConstants.V_05_02.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java Sun Sep 3 02:47:59 2006
@@ -36,9 +36,8 @@
public OMElement getRequest() {
try {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(RahasConstants.VERSION_05_02);
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_02, rstElem);
+ OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_02, rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, rstElem);
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createAppliesToElement(rstElem, "http://localhost:5555/axis2/services/SecureService", this.getWSANamespace());
@@ -74,8 +73,8 @@
return "rahas_service_repo_3";
}
- public String getRequestAction() {
- return RahasConstants.V_05_02.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
public void validateRsponse(OMElement resp) {
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java Sun Sep 3 02:47:59 2006
@@ -35,9 +35,8 @@
public OMElement getRequest() {
try {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(RahasConstants.VERSION_05_12);
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem);
+ TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, rstElem);
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createAppliesToElement(rstElem, "http://localhost:5555/axis2/services/SecureService", this.getWSANamespace());
@@ -73,8 +72,8 @@
return "rahas_service_repo_3";
}
- public String getRequestAction() {
- return RahasConstants.V_05_12.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
public void validateRsponse(OMElement resp) {
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java Sun Sep 3 02:47:59 2006
@@ -32,9 +32,8 @@
public OMElement getRequest() {
try {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(RahasConstants.VERSION_05_02);
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_02, rstElem);
+ TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_02, rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, rstElem);
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createAppliesToElement(rstElem, "http://localhost:5555/axis2/services/SecureService", this.getWSANamespace());
@@ -70,8 +69,8 @@
return "rahas_service_repo_3";
}
- public String getRequestAction() {
- return RahasConstants.V_05_02.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
public void validateRsponse(OMElement resp) {
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java Sun Sep 3 02:47:59 2006
@@ -70,9 +70,8 @@
public OMElement getRequest() {
try {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(RahasConstants.VERSION_05_12);
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem);
+ OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, rstElem);
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createAppliesToElement(rstElem,
@@ -85,8 +84,8 @@
byte[] nonce = WSSecurityUtil.generateNonce(16);
clientEntr = nonce;
OMElement entrElem = TrustUtil.createEntropyElement(RahasConstants.VERSION_05_12, rstElem);
- TrustUtil.createBinarySecretElement(RahasConstants.VERSION_05_12, entrElem, RahasConstants.V_05_12.BIN_SEC_TYPE_NONCE).setText(Base64.encode(nonce));
- TrustUtil.createComputedKeyAlgorithm(RahasConstants.VERSION_05_12,rstElem, RahasConstants.V_05_12.COMPUTED_KEY_PSHA1);
+ TrustUtil.createBinarySecretElement(RahasConstants.VERSION_05_12, entrElem, RahasConstants.BIN_SEC_TYPE_NONCE).setText(Base64.encode(nonce));
+ TrustUtil.createComputedKeyAlgorithm(RahasConstants.VERSION_05_12,rstElem, RahasConstants.COMPUTED_KEY_PSHA1);
return rstElem;
@@ -117,8 +116,8 @@
return "rahas_service_repo_3";
}
- public String getRequestAction() {
- return RahasConstants.V_05_12.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_12, RahasConstants.RST_ACTON_ISSUE);
}
public void validateRsponse(OMElement resp) {
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java Sun Sep 3 02:47:59 2006
@@ -39,9 +39,8 @@
public OMElement getRequest() {
try {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(RahasConstants.VERSION_05_12);
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem);
+ TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_12, rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, rstElem);
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createAppliesToElement(rstElem, "http://localhost:5555/axis2/services/SecureService", this.getWSANamespace());
@@ -88,8 +87,8 @@
assertNotNull("Missing SAML Assertoin", elem);
}
- public String getRequestAction() {
- return RahasConstants.V_05_12.RST_ACTON_ISSUE;
+ public String getRequestAction() throws TrustException {
+ return TrustUtil.getActionValue(RahasConstants.VERSION_05_12, RahasConstants.RST_ACTON_ISSUE);
}
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java Sun Sep 3 02:47:59 2006
@@ -109,9 +109,9 @@
OMElement result = serviceClient.sendReceive(getRequest());
this.validateRsponse(result);
- } catch (AxisFault axisFault) {
- axisFault.printStackTrace();
- fail(axisFault.getMessage());
+ } catch (Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
}
}
@@ -127,7 +127,7 @@
public abstract String getServiceRepo();
- public abstract String getRequestAction();
+ public abstract String getRequestAction() throws TrustException;
public abstract void validateRsponse(OMElement resp);
}
Modified: webservices/axis2/trunk/java/modules/rahas/project.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/project.xml?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/project.xml (original)
+++ webservices/axis2/trunk/java/modules/rahas/project.xml Sun Sep 3 02:47:59 2006
@@ -73,7 +73,12 @@
<groupId>axis2</groupId>
<artifactId>axis2-xmlbeans</artifactId>
<version>${pom.currentVersion}</version>
- </dependency>
+ </dependency>
+ <dependency>
+ <groupId>axis2</groupId>
+ <artifactId>axis2-secpolicy</artifactId>
+ <version>${pom.currentVersion}</version>
+ </dependency>
<!-- external JARs -->
<dependency>
<groupId>wsdl4j</groupId>
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java Sun Sep 3 02:47:59 2006
@@ -62,65 +62,44 @@
public final static String KEY_TYPE_PUBLIC_KEY = "/PublicKey";
public final static String KEY_TYPE_BEARER = "/Bearer";
+ //Attr values
+ public final static String BIN_SEC_TYPE_NONCE = "/Nonce";
+
+ //ComputedKey algos
+ public final static String COMPUTED_KEY_PSHA1 = "/CK/PSHA1";
+
+// RequestTypes
+ public final static String REQ_TYPE_ISSUE = "/Issue";
+ public final static String REQ_TYPE_VALIDATE = "/Validate";
+ public final static String REQ_TYPE_RENEW = "/Renew";
+ public final static String REQ_TYPE_CANCEL = "/Cancel";
+
+ //RST actions
+ public final static String RST_ACTON_ISSUE = "/RST/Issue";
+ public final static String RST_ACTON_VALIDATE = "/RST/Renew";
+ public final static String RST_ACTON_RENEW = "/RST/Cancel";
+ public final static String RST_ACTON_CANCEL = "/RST/Validate";
+ public final static String RST_ACTON_SCT = "/RST/SCT";
+
+ //RSTR actions
+ public final static String RSTR_ACTON_ISSUE = "/RSTR/Issue";
+ public final static String RSTR_ACTON_VALIDATE = "/RSTR/Renew";
+ public final static String RSTR_ACTON_RENEW = "/RSTR/Cancel";
+ public final static String RSTR_ACTON_CANCEL = "/RSTR/Validate";
+ public final static String RSTR_ACTON_SCT = "/RSTR/SCT";
+
public class V_05_02 {
- //RequestTypes
- public final static String REQ_TYPE_ISSUE = WST_NS_05_02 + "/Issue";
- public final static String REQ_TYPE_VALIDATE = WST_NS_05_02 + "/Validate";
- public final static String REQ_TYPE_RENEW = WST_NS_05_02 + "/Renew";
- public final static String REQ_TYPE_CANCEL = WST_NS_05_02 + "/Cancel";
-
- //RST actions
- public final static String RST_ACTON_ISSUE = WST_NS_05_02 + "/RST/Issue";
- public final static String RST_ACTON_VALIDATE = WST_NS_05_02 + "/RST/Renew";
- public final static String RST_ACTON_RENEW = WST_NS_05_02 + "/RST/Cancel";
- public final static String RST_ACTON_CANCEL = WST_NS_05_02 + "/RST/Validate";
- public final static String RST_ACTON_SCT = WST_NS_05_02 + "/RST/SCT";
-
- //RSTR actions
- public final static String RSTR_ACTON_ISSUE = WST_NS_05_02 + "/RSTR/Issue";
- public final static String RSTR_ACTON_VALIDATE = WST_NS_05_02 + "/RSTR/Renew";
- public final static String RSTR_ACTON_RENEW = WST_NS_05_02 + "/RSTR/Cancel";
- public final static String RSTR_ACTON_CANCEL = WST_NS_05_02 + "/RSTR/Validate";
- public final static String RSTR_ACTON_SCT = WST_NS_05_02 + "/RSTR/SCT";
- //Attr values
- public final static String BIN_SEC_TYPE_NONCE = WST_NS_05_02 + "/Nonce";
//Token types
public final static String TOK_TYPE_SCT = "http://schemas.xmlsoap.org/ws/2005/02/sc/sct";
- //ComputedKey algos
- public final static String COMPUTED_KEY_PSHA1 = WST_NS_05_02 + "/CK/PSHA1";
}
public class V_05_12 {
- //RequestTypes
- public final static String REQ_TYPE_ISSUE = WST_NS_05_12 + "/Issue";
- public final static String REQ_TYPE_VALIDATE = WST_NS_05_12 + "/Validate";
- public final static String REQ_TYPE_RENEW = WST_NS_05_12 + "/Renew";
- public final static String REQ_TYPE_CANCEL = WST_NS_05_12 + "/Cancel";
-
- //RST actions
- public final static String RST_ACTON_ISSUE = WST_NS_05_12 + "/RST/Issue";
- public final static String RST_ACTON_VALIDATE = WST_NS_05_12 + "/RST/Renew";
- public final static String RST_ACTON_RENEW = WST_NS_05_12 + "/RST/Cancel";
- public final static String RST_ACTON_CANCEL = WST_NS_05_12 + "/RST/Validate";
- public final static String RST_ACTON_SCT = WST_NS_05_12 + "/RST/SCT";
-
- //RSTR actions
- public final static String RSTR_ACTON_ISSUE = WST_NS_05_12 + "/RSTR/Issue";
- public final static String RSTR_ACTON_VALIDATE = WST_NS_05_12 + "/RSTR/Renew";
- public final static String RSTR_ACTON_RENEW = WST_NS_05_12 + "/RSTR/Cancel";
- public final static String RSTR_ACTON_CANCEL = WST_NS_05_12 + "/RSTR/Validate";
- public final static String RSTR_ACTON_SCT = WST_NS_05_12 + "/RSTR/SCT";
- //Attr values
- public final static String BIN_SEC_TYPE_NONCE = WST_NS_05_12 + "/Nonce";
//Token types
public final static String TOK_TYPE_SCT = "http://schemas.xmlsoap.org/ws/2005/12/sc/sct";
-
- //ComputedKey algos
- public final static String COMPUTED_KEY_PSHA1 = WST_NS_05_12 + "/CK/PSHA1";
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java Sun Sep 3 02:47:59 2006
@@ -17,10 +17,18 @@
package org.apache.rahas;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMException;
import org.apache.axiom.om.impl.dom.factory.OMDOMFactory;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import javax.xml.namespace.QName;
+
+import java.text.DateFormat;
+import java.text.ParseException;
+import java.util.Date;
import java.util.HashMap;
/**
@@ -102,6 +110,16 @@
*/
private byte[] secret;
+ /**
+ * Created time
+ */
+ private Date created;
+
+ /**
+ * Expiration time
+ */
+ private Date expires;
+
/**
* Create a new token
@@ -111,9 +129,36 @@
this.id = id;
}
- public Token(String id, OMElement tokenElem) {
+ public Token(String id, OMElement tokenElem, Date created, Date expires) throws TrustException {
+ this.id = id;
+ this.token = (OMElement)dummyDoc.importNode((Element)tokenElem, true);
+ this.created = created;
+ this.expires = expires;
+ }
+
+ public Token(String id, OMElement tokenElem, OMElement lifetimeElem) throws TrustException {
this.id = id;
this.token = (OMElement)dummyDoc.importNode((Element)tokenElem, true);
+ this.processLifeTime(lifetimeElem);
+ }
+
+ /**
+ * @param lifetimeElem
+ * @throws TrustException
+ */
+ private void processLifeTime(OMElement lifetimeElem) throws TrustException {
+ try {
+ DateFormat zulu = new XmlSchemaDateFormat();
+ OMElement createdElem = lifetimeElem.getFirstChildWithName(new QName(WSConstants.WSU_NS, WSConstants.CREATED_LN));
+ this.created = zulu.parse(createdElem.getText());
+
+ OMElement expiresElem = lifetimeElem.getFirstChildWithName(new QName(WSConstants.WSU_NS, WSConstants.CREATED_LN));
+ this.expires = zulu.parse(expiresElem.getText());
+ } catch (OMException e) {
+ throw new TrustException("lifeTimeProcessingError", new String[]{lifetimeElem.toString()}, e);
+ } catch (ParseException e) {
+ throw new TrustException("lifeTimeProcessingError", new String[]{lifetimeElem.toString()}, e);
+ }
}
/**
@@ -240,4 +285,28 @@
(Element) unattachedReference, true);
}
}
+
+ /**
+ * @return Returns the created.
+ */
+ public Date getCreated() {
+ return created;
+ }
+
+ /**
+ * @return Returns the expires.
+ */
+ public Date getExpires() {
+ return expires;
+ }
+
+ /**
+ * @param expires The expires to set.
+ */
+ public void setExpires(Date expires) {
+ this.expires = expires;
+ }
+
+
+
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcher.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcher.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcher.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcher.java Sun Sep 3 02:47:59 2006
@@ -50,9 +50,8 @@
String reqType = data.getRequestType();
String tokenType = data.getTokenType();
-
- if (RahasConstants.V_05_02.REQ_TYPE_ISSUE.equals(reqType) ||
- RahasConstants.V_05_12.REQ_TYPE_ISSUE.equals(reqType)) {
+ if ((RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_ISSUE).equals(reqType) ||
+ (RahasConstants.WST_NS_05_12 + RahasConstants.REQ_TYPE_ISSUE).equals(reqType)) {
TokenIssuer issuer = null;
if (tokenType == null
|| (tokenType != null && "".equals(tokenType.toString()))) {
@@ -68,16 +67,16 @@
issuer.getResponseAction(data));
return response;
- } else if(RahasConstants.V_05_02.REQ_TYPE_VALIDATE.equals(reqType) ||
- RahasConstants.V_05_12.REQ_TYPE_VALIDATE.equals(reqType)) {
+ } else if((RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_VALIDATE).equals(reqType) ||
+ (RahasConstants.WST_NS_05_12 + RahasConstants.REQ_TYPE_VALIDATE).equals(reqType)) {
throw new UnsupportedOperationException("TODO: handle " +
"validate requests");
- } else if(RahasConstants.V_05_02.REQ_TYPE_RENEW.equals(reqType) ||
- RahasConstants.V_05_12.REQ_TYPE_RENEW.equals(reqType)) {
+ } else if((RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_RENEW).equals(reqType) ||
+ (RahasConstants.WST_NS_05_12 + RahasConstants.REQ_TYPE_RENEW).equals(reqType)) {
throw new UnsupportedOperationException("TODO: handle " +
"renew requests");
- } else if(RahasConstants.V_05_02.REQ_TYPE_CANCEL.equals(reqType) ||
- RahasConstants.V_05_12.REQ_TYPE_CANCEL.equals(reqType)) {
+ } else if((RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_CANCEL).equals(reqType) ||
+ (RahasConstants.WST_NS_05_12 + RahasConstants.REQ_TYPE_CANCEL).equals(reqType)) {
throw new UnsupportedOperationException("TODO: handle " +
"cancel requests");
} else {
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java Sun Sep 3 02:47:59 2006
@@ -27,12 +27,15 @@
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.message.token.SecurityTokenReference;
+import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import javax.xml.namespace.QName;
import java.security.SecureRandom;
+import java.text.DateFormat;
+import java.util.Date;
public class TrustUtil {
@@ -105,10 +108,22 @@
}
public static OMElement createRequestTypeElement(
- int version, OMElement parent) throws TrustException {
+ int version, OMElement parent, String value) throws TrustException {
String ns = getWSTNamespace(version);
- return createOMElement(parent, ns,
+
+ OMElement elem = createOMElement(parent, ns,
RahasConstants.REQUEST_TYPE_LN, RahasConstants.WST_PREFIX);
+
+ if (RahasConstants.REQ_TYPE_ISSUE.equals(value)
+ || RahasConstants.REQ_TYPE_CANCEL.equals(value)
+ || RahasConstants.REQ_TYPE_RENEW.equals(value)
+ || RahasConstants.REQ_TYPE_VALIDATE.equals(value)) {
+ elem.setText(ns + value);
+ } else {
+ elem.setText(value);
+ }
+
+ return elem;
}
public static OMElement createTokenTypeElement(
@@ -134,7 +149,7 @@
RahasConstants.BINARY_SECRET_LN, RahasConstants.WST_PREFIX);
if(type != null) {
elem.addAttribute(elem.getOMFactory().createOMAttribute(
- RahasConstants.ATTR_TYPE, null, type));
+ RahasConstants.ATTR_TYPE, null, ns + type));
}
return elem;
}
@@ -146,7 +161,7 @@
String ns = getWSTNamespace(version);
OMElement elem = createOMElement(parent, ns,
RahasConstants.COMPUTED_KEY_ALGO_LN, RahasConstants.WST_PREFIX);
- elem.setText(algoId);
+ elem.setText(ns + algoId);
return elem;
}
@@ -217,6 +232,19 @@
return ltElem;
}
+
+ public static OMElement createLifetimeElement(int version, OMElement parent,
+ long ttl) throws TrustException {
+
+ Date creationTime = new Date();
+ Date expirationTime = new Date();
+ expirationTime.setTime(creationTime.getTime() + ttl);
+
+ DateFormat zulu = new XmlSchemaDateFormat();
+
+ return createLifetimeElement(version, parent, zulu
+ .format(creationTime), zulu.format(expirationTime));
+ }
public static OMElement createAppliesToElement(OMElement parent,
String address, String addressingNs) {
@@ -232,6 +260,23 @@
addressElem.setText(address);
return appliesToElem;
+ }
+
+ public static String getActionValue(int version, String action) throws TrustException {
+ if(RahasConstants.RST_ACTON_ISSUE.equals(action) ||
+ RahasConstants.RST_ACTON_CANCEL.equals(action) ||
+ RahasConstants.RST_ACTON_RENEW.equals(action) ||
+ RahasConstants.RST_ACTON_VALIDATE.equals(action) ||
+ RahasConstants.RST_ACTON_SCT.equals(action) ||
+ RahasConstants.RSTR_ACTON_ISSUE.equals(action) ||
+ RahasConstants.RSTR_ACTON_CANCEL.equals(action) ||
+ RahasConstants.RSTR_ACTON_RENEW.equals(action) ||
+ RahasConstants.RSTR_ACTON_VALIDATE.equals(action) ||
+ RahasConstants.RSTR_ACTON_SCT.equals(action)) {
+
+ return getWSTNamespace(version) + action;
+ }
+ return action;
}
/**
Added: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java?rev=439748&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java (added)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java Sun Sep 3 02:47:59 2006
@@ -0,0 +1,281 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rahas.client;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMNode;
+import org.apache.axiom.om.util.Base64;
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.addressing.AddressingConstants;
+import org.apache.axis2.client.ServiceClient;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.description.AxisService;
+import org.apache.axis2.description.OutInAxisOperation;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.Token;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.TrustUtil;
+import org.apache.ws.secpolicy.model.AlgorithmSuite;
+import org.apache.ws.secpolicy.model.Binding;
+import org.apache.ws.secpolicy.model.Trust10;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.util.WSSecurityUtil;
+
+import javax.xml.namespace.QName;
+
+import java.util.Iterator;
+
+public class STSClient {
+
+ private Trust10 trust10;
+
+ private AlgorithmSuite algorithmSuite;
+
+ private byte[] requestorEntropy;
+
+ private String addressingNs = AddressingConstants.Final.WSA_NAMESPACE;
+
+ /**
+ * Life time in seconds
+ * Default is 300 seconds (5 mins)
+ */
+ private int ttl = 300;
+
+ public Token requestSecurityToken(ConfigurationContext configCtx,
+ int version, Policy policy, String issuerAddress,
+ OMElement rstTemplate, String requestType, String appliesTo)
+ throws TrustException {
+ try {
+ AxisService axisService = new AxisService("SecurityTokenService");
+ QName rstQn = new QName("requestSecurityToken");
+ OutInAxisOperation operation = new OutInAxisOperation(rstQn);
+ axisService.addOperation(operation);
+ ServiceClient client = new ServiceClient(configCtx, axisService);
+
+ //TODO Set policy in the options to be picked up by the modules
+ //such as rampart
+
+ //Process the STS policy
+ this.processPolicy(policy);
+
+ OMElement result = client.sendReceive(this.createRequest(version, rstTemplate, requestType, appliesTo));
+
+ return this.processResult(version, result);
+ } catch (AxisFault e) {
+ throw new TrustException("errorInObtainingToken", new String[]{issuerAddress});
+ }
+ }
+
+ /**
+ * @param result
+ * @return
+ */
+ private Token processResult(int version, OMElement result) throws TrustException {
+ OMElement rstr = null;
+
+ rstr = result;
+
+ if(version == RahasConstants.VERSION_05_12) {
+ //The WS-SX result will be an RSTRC
+ rstr = result.getFirstElement();
+ }
+
+ String ns = TrustUtil.getWSTNamespace(version);
+
+ //Get the RequestedAttachedReference
+ OMElement reqAttElem = rstr.getFirstChildWithName(new QName(
+ ns, RahasConstants.REQUESTED_ATTACHED_REFERENCE_LN));
+ OMElement reqAttRef = reqAttElem == null ? null : reqAttElem
+ .getFirstElement();
+
+ //Get the RequestedUnattachedReference
+ OMElement reqUnattElem = rstr.getFirstChildWithName(new QName(
+ ns, RahasConstants.REQUESTED_UNATTACHED_REFERENCE_LN));
+ OMElement reqUnattRef = reqUnattElem == null ? null : reqUnattElem
+ .getFirstElement();
+
+ //Get the security token
+ OMElement reqSecTok = rstr.getFirstChildWithName(new QName(ns, RahasConstants.REQUESTED_SECURITY_TOKEN_LN));
+ if(reqSecTok == null) {
+ throw new TrustException("reqestedSecTokMissing");
+ }
+
+ OMElement tokenElem = reqSecTok.getFirstElement();
+
+ String id = this.findIdentifier(reqAttRef, reqUnattRef, tokenElem);
+
+ if(id == null) {
+ throw new TrustException("cannotObtainTokenIdentifier");
+ }
+
+ OMElement lifeTimeEle = rstr.getFirstChildWithName(new QName(ns, RahasConstants.LIFETIME_LN));
+
+ Token tok = new Token(id, tokenElem, lifeTimeEle);
+ tok.setAttachedReference(reqAttRef);
+ tok.setUnattachedReference(reqUnattRef);
+
+
+ //Handle the Lifetime
+ OMElement lifetime = rstr.getFirstChildWithName(new QName(ns, RahasConstants.LIFETIME_LN));
+
+ return tok;
+
+
+ }
+
+ /**
+ * Find the token identifier.
+ * @param reqAttRef
+ * @param reqUnattRef
+ * @param token
+ * @return
+ */
+ private String findIdentifier(OMElement reqAttRef, OMElement reqUnattRef, OMElement token) throws TrustException {
+ String id = null;
+
+ if(reqAttRef != null) {
+ //First try the attached ref
+ id = this.getIdFromSTR(reqAttRef);
+ } else if(reqUnattRef != null) {
+ //then try the unattached ref
+ id = this.getIdFromSTR(reqUnattRef);
+ } else {
+ //Return wsu:Id of the token element
+ id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
+ }
+ return id;
+ }
+
+
+
+ /**
+ * Process the given STR to find the id it refers to
+ * @param reqAttRef
+ * @return
+ */
+ private String getIdFromSTR(OMElement refElem) {
+ //ASSUMPTION:SecurityTokenReference/KeyIdentifier
+ OMElement ki = refElem.getFirstElement();
+ if(ki != null) {
+ return ki.getText();
+ } else {
+ return null;
+ }
+
+ }
+
+ /**
+ * Process the goven service policy and extract the info required to create
+ * the RST.
+ * @param policy
+ */
+ private void processPolicy(Policy policy) {
+ //Get the policy assertions
+ //Assumption: there's only one alternative
+ Iterator assertions = (Iterator)policy.getAlternatives().next();
+
+ while (assertions.hasNext()) {
+ Assertion tempAssertion = (Assertion) assertions.next();
+ //find the Trust10 assertion
+ if(tempAssertion instanceof Trust10) {
+ this.trust10 = (Trust10) tempAssertion;
+ } else if(tempAssertion instanceof Binding) {
+ this.algorithmSuite = ((Binding) tempAssertion)
+ .getAlgorithmSuite();
+ }
+ }
+
+ }
+
+ /**
+ * Create the RST request.
+ * @param version
+ * @param rstTemplate
+ * @return
+ * @throws TrustException
+ */
+ private OMElement createRequest(int version, OMElement rstTemplate, String requestType, String appliesTo) throws TrustException {
+ OMElement rst = TrustUtil.createRequestSecurityTokenElement(version);
+
+ TrustUtil.createRequestTypeElement(version, rst, requestType);
+ TrustUtil.createAppliesToElement(rst, requestType, this.addressingNs);
+ TrustUtil.createLifetimeElement(version, rst, this.ttl);
+
+ //Copy over the elements from the template
+ Iterator templateChildren = rstTemplate.getChildElements();
+ while (templateChildren.hasNext()) {
+ OMNode child = (OMNode) templateChildren.next();
+ rst.addChild(child);
+ }
+
+ try {
+ //Handle entropy
+ if(this.trust10 != null) {
+ if(this.trust10.isRequireClientEntropy()) {
+ //setup requestor entropy
+ OMElement ent = TrustUtil.createEntropyElement(version, rst);
+ OMElement binSec = TrustUtil.createBinarySecretElement(version, ent, RahasConstants.BIN_SEC_TYPE_NONCE);
+ this.requestorEntropy = WSSecurityUtil.generateNonce(this.algorithmSuite.getMaximumSymmetricKeyLength());
+ binSec.setText(Base64.encode(this.requestorEntropy));
+
+ //Add the ComputedKey element
+ TrustUtil.createComputedKeyAlgorithm(version, rst, RahasConstants.COMPUTED_KEY_PSHA1);
+ }
+ }
+ } catch (Exception e) {
+ throw new TrustException("errorSettingUpRequestorEntropy");
+ }
+
+ return rst;
+ }
+
+ /**
+ * Set this to set the entropy configurations.
+ * If this is provided in the given policy it will be overridden.
+ * @param trust10 The trust10 to set.
+ */
+ public void setTrust10(Trust10 trust10) {
+ this.trust10 = trust10;
+ }
+
+ /**
+ * This can be used in the case where the AlgorithmSuite is not specified in
+ * the given policy.
+ * If the AlgorithmSuite exists in a binding in the policy then the value
+ * set will be overridden.
+ * @param algorithmSuite The algorithmSuite to set.
+ */
+ public void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
+ this.algorithmSuite = algorithmSuite;
+ }
+
+ /**
+ * @param addressingNs The addressingNs to set.
+ */
+ public void setAddressingNs(String addressingNs) {
+ this.addressingNs = addressingNs;
+ }
+
+ /**
+ * @param ttl The ttl to set.
+ */
+ public void setTtl(int ttl) {
+ this.ttl = ttl;
+ }
+}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties Sun Sep 3 02:47:59 2006
@@ -34,6 +34,10 @@
unsupportedWSTVersion = Unsupported WS-Trust version
unsupportedKeyType = Upsupported KeyType
invalidAppliesToElem = Invalid AppliesTo element
+errorSettingUpRequestorEntropy = Error setting up requestor entropy
+errorInProcessingSTR = Error in processing SecurityTokenReference : {0}
+cannotObtainTokenIdentifier = Cannot obtain token identifier
+lifeTimeProcessingError = Error in processing Lifetime : {0}
#SCTIssuer specific error messages
sctIssuerCryptoPropertiesMissing = When the tokenType is not \"BinarySecret\" the cryptoProperties MUST be specified
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java Sun Sep 3 02:47:59 2006
@@ -208,7 +208,7 @@
// Store the token
Token assertionToken = new Token(assertion.getId(), (OMElement) assertion
- .toDOM());
+ .toDOM(),creationTime, expirationTime);
// At this point we definitely have the secret
// Otherwise it should fail with an exception earlier
assertionToken.setSecret(data.getEphmeralKey());
@@ -489,11 +489,7 @@
*/
public String getResponseAction(RahasData data)
throws TrustException {
- if(RahasConstants.VERSION_05_02 == data.getVersion()) {
- return RahasConstants.V_05_02.RSTR_ACTON_ISSUE;
- } else {
- return RahasConstants.V_05_12.RSTR_ACTON_ISSUE;
- }
+ return TrustUtil.getActionValue(data.getVersion(), RahasConstants.RSTR_ACTON_ISSUE);
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java Sun Sep 3 02:47:59 2006
@@ -32,10 +32,13 @@
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSSecEncryptedKey;
import org.apache.ws.security.message.token.SecurityContextToken;
+import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import java.security.SecureRandom;
+import java.text.DateFormat;
+import java.util.Date;
public class SCTIssuer implements TokenIssuer {
@@ -162,9 +165,23 @@
byte[] secret = this.generateEphemeralKey();
binSecElem.setText(Base64.encode(secret));
+ //Creation and expiration times
+ Date creationTime = new Date();
+ Date expirationTime = new Date();
+
+ expirationTime.setTime(creationTime.getTime() + config.ttl);
+
+
+ // Use GMT time in milliseconds
+ DateFormat zulu = new XmlSchemaDateFormat();
+
+ // Add the Lifetime element
+ TrustUtil.createLifetimeElement(wstVersion, rstrElem, zulu
+ .format(creationTime), zulu.format(expirationTime));
+
// Store the tokens
Token sctToken = new Token(sct.getIdentifier(), (OMElement) sct
- .getElement());
+ .getElement(), creationTime, expirationTime);
sctToken.setSecret(secret);
TrustUtil.getTokenStore(data.getInMessageContext()).add(sctToken);
@@ -228,6 +245,19 @@
}
}
+ //Creation and expiration times
+ Date creationTime = new Date();
+ Date expirationTime = new Date();
+
+ expirationTime.setTime(creationTime.getTime() + config.ttl);
+
+ // Use GMT time in milliseconds
+ DateFormat zulu = new XmlSchemaDateFormat();
+
+ // Add the Lifetime element
+ TrustUtil.createLifetimeElement(wstVersion, rstrElem, zulu
+ .format(creationTime), zulu.format(expirationTime));
+
Element encryptedKeyElem = encrKeyBuilder.getEncryptedKeyElement();
Element bstElem = encrKeyBuilder.getBinarySecurityTokenElement();
@@ -240,9 +270,10 @@
reqProofTok.addChild((OMElement) encryptedKeyElem);
+
// Store the tokens
Token sctToken = new Token(sct.getIdentifier(), (OMElement) sct
- .getElement());
+ .getElement(), creationTime, expirationTime);
sctToken.setSecret(encrKeyBuilder.getEphemeralKey());
TrustUtil.getTokenStore(data.getInMessageContext()).add(sctToken);
@@ -250,12 +281,7 @@
}
public String getResponseAction(RahasData data) throws TrustException {
- if (RahasConstants.WST_NS_05_02.equals(data.getRstElement()
- .getNamespace().getNamespaceURI())) {
- return RahasConstants.V_05_02.RSTR_ACTON_SCT;
- } else {
- return RahasConstants.V_05_12.RSTR_ACTON_SCT;
- }
+ return TrustUtil.getActionValue(data.getVersion(), RahasConstants.RSTR_ACTON_SCT);
}
/**
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuerConfig.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuerConfig.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuerConfig.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuerConfig.java Sun Sep 3 02:47:59 2006
@@ -46,6 +46,9 @@
protected int keySize;
+ //TODO: get from config
+ protected long ttl = 300000;
+
private SCTIssuerConfig(OMElement elem) throws TrustException {
OMElement proofTokenElem = (OMElement) elem.getFirstChildWithName(
new QName("proofToken"));
Modified: webservices/axis2/trunk/java/modules/secpolicy/project.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/secpolicy/project.xml?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/secpolicy/project.xml (original)
+++ webservices/axis2/trunk/java/modules/secpolicy/project.xml Sun Sep 3 02:47:59 2006
@@ -41,8 +41,6 @@
<artifactId>axiom-dom</artifactId>
<version>${axiom.version}</version>
</dependency>
-
-
<dependency>
<groupId>${stax.impl.groupid}</groupId>
<artifactId>${stax.impl.artifactid}</artifactId>
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java Sun Sep 3 02:47:59 2006
@@ -23,7 +23,6 @@
import org.apache.commons.logging.LogFactory;
import org.apache.neethi.Policy;
import org.apache.rampart.builder.TimestampBuilder;
-import org.apache.rampart.conversation.STSRequester;
import org.apache.rampart.policy.RampartPolicyBuilder;
import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.util.Axis2Util;
@@ -101,9 +100,9 @@
issuerAddress = (issuerAddress != null) ? issuerAddress
: msgCtx.getOptions().getTo().getAddress();
- String id = STSRequester.getSct(rmd, issuerAddress,
- ((SecureConversationToken) sigTok)
- .getBootstrapPolicy());
+// String id = STSClient.getSct(rmd, issuerAddress,
+// ((SecureConversationToken) sigTok)
+// .getBootstrapPolicy());
}
}
} else if(!rpd.isSymmetricBinding() && !rpd.isTransportBinding()) {
@@ -128,15 +127,6 @@
return elem.getText().trim();
}
- private void obtainIssuedToken(RampartMessageData rmd, IssuedToken tok) {
- OMElement elem = tok.getIssuerEpr();
-
- }
-
- private void obtainSecConvtoken(RampartMessageData rmd, SecureConversationToken tok) {
- OMElement elem = tok.getIssuerEpr();
- Policy bootstrapPolicy = tok.getBootstrapPolicy();
-
- }
+
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java Sun Sep 3 02:47:59 2006
@@ -27,37 +27,22 @@
import org.apache.axis2.description.OutInAxisOperation;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.util.Base64;
-import org.apache.neethi.Policy;
import org.apache.rahas.RahasConstants;
-import org.apache.rahas.Token;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.rampart.RampartException;
-import org.apache.rampart.RampartMessageData;
import org.apache.rampart.handler.WSSHandlerConstants;
-import org.apache.rampart.policy.RampartPolicyBuilder;
-import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.util.Axis2Util;
-import org.apache.rampart.util.RampartUtil;
-import org.apache.ws.secpolicy.WSSPolicyException;
-import org.apache.ws.secpolicy.model.Trust10;
-import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.message.token.SecurityContextToken;
-import org.apache.ws.security.processor.EncryptedKeyProcessor;
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Element;
import javax.xml.namespace.QName;
-import java.util.Iterator;
-import java.util.Vector;
-
public class STSRequester {
//TODO: Remove when policy support is completed
- public static void issueRequest(ConversationConfiguration config) throws RampartException, AxisFault {
+ public static void issueRequest(ConversationConfiguration config) throws RampartException, AxisFault, TrustException {
MessageContext msgCtx = config.getMsgCtx();
AxisService axisService = new AxisService("SecurityTokenService");
QName rstQn = new QName("requestSecurityToken");
@@ -68,12 +53,9 @@
Options options = new Options();
options.setTo(new EndpointReference(config.getStsEPRAddress()));
- if(config.getWstVersion() == RahasConstants.VERSION_05_02) {
- options.setAction(RahasConstants.V_05_02.RST_ACTON_SCT);
- } else {
- options.setAction(RahasConstants.V_05_12.RST_ACTON_SCT);
- }
+ options.setAction(TrustUtil.getActionValue(config.getWstVersion(), RahasConstants.RST_ACTON_SCT));
+
//Get the security configurations
Parameter outFlowParam = msgCtx
.getParameter(WSSHandlerConstants.STS_OUTFLOW_SECURITY);
@@ -100,14 +82,12 @@
try {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(config.getWstVersion());
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(config.getWstVersion(), rstElem);
+ OMElement reqTypeElem = TrustUtil.createRequestTypeElement(config.getWstVersion(), rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(config.getWstVersion(), rstElem);
if(config.getWstVersion() == RahasConstants.VERSION_05_02) {
- reqTypeElem.setText(RahasConstants.V_05_02.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.V_05_02.TOK_TYPE_SCT);
} else {
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
tokenTypeElem.setText(RahasConstants.V_05_12.TOK_TYPE_SCT);
}
@@ -121,12 +101,8 @@
OMElement entropyElem = TrustUtil.createEntropyElement(config.getWstVersion(), rstElem);
byte[] nonce = WSSecurityUtil.generateNonce(nonceLength);
- OMElement elem = null;
- if(config.getWstVersion() == RahasConstants.VERSION_05_02) {
- elem = TrustUtil.createBinarySecretElement(config.getWstVersion(), entropyElem, RahasConstants.V_05_02.BIN_SEC_TYPE_NONCE);
- } else {
- elem = TrustUtil.createBinarySecretElement(config.getWstVersion(), entropyElem, RahasConstants.V_05_12.BIN_SEC_TYPE_NONCE);
- }
+ OMElement elem = TrustUtil.createBinarySecretElement(config.getWstVersion(), entropyElem, RahasConstants.BIN_SEC_TYPE_NONCE);
+
elem.setText(Base64.encode(nonce));
TrustUtil.createKeySizeElement(config.getWstVersion(), rstElem, nonceLength * 8);
@@ -145,214 +121,6 @@
throw new RampartException(e.getMessage());
}
}
-
- /**
- * Obtain an SCT from the given issuer
- * @param rmd RampartMessageData of the message waiting to use this SCT
- * @param issuerAddress Address of the issuer
- * @param bootstapPolicy Bootstap policy to obtain the token
- * @return The identifier of the SCT
- * @throws RampartException
- */
- public static String getSct(RampartMessageData rmd, String issuerAddress, Policy bootstapPolicy) throws RampartException {
- try {
-
-
- MessageContext msgCtx = rmd.getMsgContext();
- AxisService axisService = new AxisService("SecurityTokenService");
- QName rstQn = new QName("requestSecurityToken");
- OutInAxisOperation operation = new OutInAxisOperation(rstQn);
- axisService.addOperation(operation);
- ServiceClient client = new ServiceClient(msgCtx.getConfigurationContext(), axisService);
-
- Options options = new Options();
- options.setTo(new EndpointReference(issuerAddress));
-
- int wstVersion = rmd.getWstVersion();
-
- if(wstVersion == RahasConstants.VERSION_05_02) {
- options.setAction(RahasConstants.V_05_02.RST_ACTON_SCT);
- } else {
- options.setAction(RahasConstants.V_05_12.RST_ACTON_SCT);
- }
-
- //Get the security configurations
- Parameter outFlowParam = msgCtx
- .getParameter(WSSHandlerConstants.STS_OUTFLOW_SECURITY);
- Parameter inFlowParam = msgCtx
- .getParameter(WSSHandlerConstants.STS_INFLOW_SECURITY);
-
- if(outFlowParam == null) {
- outFlowParam = (Parameter) msgCtx
- .getProperty(WSSHandlerConstants.STS_OUTFLOW_SECURITY);
- }
- if(inFlowParam == null) {
- inFlowParam = (Parameter) msgCtx
- .getProperty(WSSHandlerConstants.STS_INFLOW_SECURITY);
- }
-
-
- //Set the STS specific config config
- options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY, outFlowParam);
- options.setProperty(WSSHandlerConstants.INFLOW_SECURITY, inFlowParam);
-
- client.engageModule(new QName(WSSHandlerConstants.SECURITY_MODULE_NAME));
-
- //TODO : Have to set the bootstrap policy in the options
-
- client.setOptions(options);
- OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(wstVersion);
- OMElement reqTypeElem = TrustUtil.createRequestTypeElement(wstVersion, rstElem);
- OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(wstVersion, rstElem);
-
- if(wstVersion == RahasConstants.VERSION_05_02) {
- reqTypeElem.setText(RahasConstants.V_05_02.REQ_TYPE_ISSUE);
- tokenTypeElem.setText(RahasConstants.V_05_02.TOK_TYPE_SCT);
- } else {
- reqTypeElem.setText(RahasConstants.V_05_12.REQ_TYPE_ISSUE);
- tokenTypeElem.setText(RahasConstants.V_05_12.TOK_TYPE_SCT);
- }
-
-
-
- boolean serviceAsSts = rmd.getMsgContext().getOptions().getTo().getAddress().equals(issuerAddress);
-
- Trust10 trust10 = rmd.getPolicyData().getTrust10();
-
- //In the case when the service is the STS and when the service's
- //policy requires client entropy
- boolean useClientEntropy = serviceAsSts && trust10 != null && trust10.isRequireClientEntropy();
-
- //If above is false and service is not the STS, then
- //check the bootstrap policy for a the assertion
- if(!useClientEntropy && !serviceAsSts) {
- RampartPolicyData bootRPD = RampartPolicyBuilder.build((Iterator)bootstapPolicy.getAlternatives().next());
- Trust10 bootTrust10 = bootRPD.getTrust10();
- useClientEntropy = bootTrust10 != null && bootTrust10.isRequireClientEntropy();
- }
-
- if(useClientEntropy) {
- //Using the maximum available key length for the SCT secret
- //Using the same length for nonce
- int keyLength = rmd.getPolicyData().getAlgorithmSuite().getMaximumSymmetricKeyLength();
-
- // Length of nonce in bytes
- int nonceLength = keyLength/8;
- byte[] nonce = WSSecurityUtil.generateNonce(nonceLength);
-
- OMElement entropyElem = TrustUtil.createEntropyElement(wstVersion, rstElem);
-
- OMElement elem = null;
- if(wstVersion == RahasConstants.VERSION_05_02) {
- elem = TrustUtil.createBinarySecretElement(wstVersion, entropyElem, RahasConstants.V_05_02.BIN_SEC_TYPE_NONCE);
- } else {
- elem = TrustUtil.createBinarySecretElement(wstVersion, entropyElem, RahasConstants.V_05_12.BIN_SEC_TYPE_NONCE);
- }
- elem.setText(Base64.encode(nonce));
-
- //Create and add the KeySize element
- TrustUtil.createKeySizeElement(wstVersion, rstElem, keyLength);
- }
-
- //Make the request and get hold ofthe result
- OMElement tempResult = client.sendReceive(rstQn, rstElem);
-
- //Handle the RSTR(C)
- OMElement rstr = (wstVersion == RahasConstants.VERSION_05_12) ? tempResult
- .getFirstElement()
- : tempResult;
-
- //Process the RSTR
- Token tok = processRSTR(rmd, rstr, wstVersion);
-
- //Store the token
- rmd.getTokenStorage().add(tok);
-
- String id = tok.getId();
- rmd.setSecConvTokenId(id);
- return id;
-
-
- } catch (AxisFault e) {
- throw new RampartException("errorInObtainingSct", new String[]{issuerAddress},e);
- } catch (TrustException e) {
- throw new RampartException("errorInObtainingSct", new String[]{issuerAddress},e);
- } catch (WSSPolicyException e) {
- throw new RampartException("errorInObtainingSct", new String[]{issuerAddress},e);
- } catch (WSSecurityException e) {
- throw new RampartException("errorInObtainingSct", new String[]{issuerAddress},e);
- }
- }
-
- public static Token processRSTR(RampartMessageData rmd, OMElement rstr, int wstVersion) throws TrustException, RampartException, WSSecurityException {
-
- Token token = null;
-
- //Convert to DOOM
- OMElement doomRstr = Axis2Util.toDOOM(DOOMAbstractFactory.getOMFactory(), rstr);
-
- String wstNs = TrustUtil.getWSTNamespace(wstVersion);
-
- OMElement rstElem = doomRstr.getFirstChildWithName(new QName(wstNs,
- RahasConstants.REQUESTED_SECURITY_TOKEN_LN));
-
- if (rstElem != null) {
- OMElement sctElem = rstElem
- .getFirstChildWithName(SecurityContextToken.TOKEN);
- if (sctElem != null) {
- SecurityContextToken sct = new SecurityContextToken(
- (Element) sctElem);
- token = new Token(sct.getIdentifier(), sctElem);
- } else {
- throw new RampartException("sctMissingInResponse");
- }
- } else {
- throw new TrustException("reqestedSecTokMissing");
- }
-
- // Process RequestedProofToken and extract the secret
- byte[] secret = null;
- OMElement rpt = rstr.getFirstChildWithName(new QName(wstNs,
- RahasConstants.REQUESTED_PROOF_TOKEN_LN));
- if (rpt != null) {
- OMElement elem = rpt.getFirstElement();
-
- if (WSConstants.ENC_KEY_LN.equals(elem.getLocalName())
- && WSConstants.ENC_NS.equals(elem.getNamespace().getNamespaceURI())) {
- // Handle the xenc:EncryptedKey case
- EncryptedKeyProcessor processor = new EncryptedKeyProcessor();
- processor.handleToken((Element) elem, null, RampartUtil.getSignatureCrypto(rmd.getPolicyData().getRampartConfig()), RampartUtil.getPasswordCB(rmd), null, new Vector(), null);
- secret = processor.getDecryptedBytes();
- } else if (RahasConstants.BINARY_SECRET_LN.equals(elem.getLocalName())
- && RahasConstants.WST_NS_05_02.equals(elem.getNamespace().getNamespaceURI())) {
- // Handle the wst:BinarySecret case
- secret = Base64.decode(elem.getText());
- } else {
- throw new TrustException("notSupported", new String[] { "{"
- + elem.getNamespace().getNamespaceURI() + "}"
- + elem.getLocalName() });
- }
- } else {
- throw new TrustException("rptMissing");
- }
-
- // Check for attached ref
- OMElement reqAttElem = rstr.getFirstChildWithName(new QName(
- RahasConstants.WST_NS_05_02, RahasConstants.REQUESTED_ATTACHED_REFERENCE_LN));
- OMElement reqAttRef = reqAttElem == null ? null : reqAttElem
- .getFirstElement();
-
- OMElement reqUnattElem = rstr.getFirstChildWithName(new QName(
- RahasConstants.WST_NS_05_02, RahasConstants.REQUESTED_UNATTACHED_REFERENCE_LN));
- OMElement reqUnattRef = reqUnattElem == null ? null : reqUnattElem
- .getFirstElement();
-
- token.setAttachedReference(reqAttRef);
- token.setUnattachedReference(reqUnattRef);
- token.setSecret(secret);
-
- return token;
- }
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java Sun Sep 3 02:47:59 2006
@@ -96,7 +96,9 @@
if (sctElem != null) {
SecurityContextToken sct = new SecurityContextToken(
(Element) sctElem);
- token = new Token(sct.getIdentifier(), sctElem);
+ token = new Token(sct.getIdentifier(), sctElem, rstr
+ .getFirstChildWithName(new QName(ns,
+ RahasConstants.LIFETIME_LN)));
resgisterContext(sct.getIdentifier(), config);
} else {
throw new RampartException("sctMissingInResponse");
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties Sun Sep 3 02:47:59 2006
@@ -4,7 +4,6 @@
canotFindContextIdentifier = Cannot find context identifier
missingWSAAction = wsa:Action value missing
missingWSATo = wsa:To address value missing
-sctMissingInResponse = Response doesn't contain a SecurityContextToken
cannotCrateCryptoInstance = Cannot create Crypto instace
noInfoForCBhandler = Cannot obtain a callback handler with available configuration information
missingEncryptionUser=Encryption user not specified (The context is created by the initiating party)
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java?rev=439748&r1=439747&r2=439748&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java Sun Sep 3 02:47:59 2006
@@ -49,10 +49,13 @@
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.token.SecurityContextToken;
import org.apache.ws.security.util.WSSecurityUtil;
+import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import java.security.cert.X509Certificate;
+import java.text.DateFormat;
+import java.util.Date;
import java.util.Vector;
public class WSDoAllSender extends WSDoAllHandler {
@@ -365,7 +368,14 @@
SecurityContextToken sct = new SecurityContextToken(config.getDocument());
Util.resgisterContext(sct.getIdentifier(), config);
- Token token = new Token(sct.getIdentifier(), (OMElement)sct.getElement());
+
+ //Creation and expiration times
+ Date creationTime = new Date();
+ Date expirationTime = new Date();
+
+ expirationTime.setTime(creationTime.getTime() + 300000);
+
+ Token token = new Token(sct.getIdentifier(), (OMElement)sct.getElement(), creationTime, expirationTime);
token.setSecret(encrKeyBuilder.getEphemeralKey());
config.getTokenStore().add(token);
@@ -380,6 +390,13 @@
OMElement rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(config.getWstVersion(), header);
OMElement rstElem = TrustUtil.createRequestedSecurityTokenElement(config.getWstVersion(), rstrElem);
+
+ // Use GMT time in milliseconds
+ DateFormat zulu = new XmlSchemaDateFormat();
+
+ // Add the Lifetime element
+ TrustUtil.createLifetimeElement(config.getWstVersion(), rstrElem, zulu
+ .format(creationTime), zulu.format(expirationTime));
rstElem.addChild((OMElement)sct.getElement());
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org