You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jg...@apache.org on 2009/04/24 01:11:27 UTC
svn commit: r768087 - in /openejb/trunk/openejb3:
container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/
container/openejb-core/src/main/java/org/apache/openejb/config/
container/openejb-core/src/main/java/org/apache/openejb/core/we...
Author: jgallimore
Date: Thu Apr 23 23:11:26 2009
New Revision: 768087
URL: http://svn.apache.org/viewvc?rev=768087&view=rev
Log:
OPENEJB-1004 webservice-security patch from Jean-Louis.
Added:
openejb/trunk/openejb3/container/openejb-core/src/test/resources/altddapp/
openejb/trunk/openejb3/container/openejb-core/src/test/resources/altddapp/META-INF/
openejb/trunk/openejb3/container/openejb-core/src/test/resources/altddapp/META-INF/test.ejb-jar.xml
openejb/trunk/openejb3/examples/jpa-eclipselink/src/test/java/org/superbiz/injection/
openejb/trunk/openejb3/examples/webservice-ws-security/keys/
openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateKeyPair.bat
openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateServerKey.bat
openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplSign-server.properties
openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-server.properties
openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/webservices.xml
openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CustomPasswordHandler.java
openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplSign-client.properties
openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-client.properties
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
Modified:
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PortInfo.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/WsBuilder.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/AppInfoBuilder.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/WsDeployer.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/JaxWsUtils.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/PortData.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/persistence/JtaEntityManagerRegistry.java
openejb/trunk/openejb3/container/openejb-core/src/test/java/org/apache/openejb/config/AppInfoBuilderTest.java
openejb/trunk/openejb3/container/openejb-jee/src/main/java/org/apache/openejb/jee/oejb2/WebServiceSecurityType.java
openejb/trunk/openejb3/examples/webservice-ws-security/pom.xml
openejb/trunk/openejb3/examples/webservice-ws-security/src/main/java/org/superbiz/calculator/CalculatorImpl.java
openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/ejb-jar.xml
openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/openejb-jar.xml
openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CalculatorTest.java
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
openejb/trunk/openejb3/server/openejb-cxf/pom.xml
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ejb/EjbEndpoint.java
Modified: openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PortInfo.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PortInfo.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PortInfo.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PortInfo.java Thu Apr 23 23:11:26 2009
@@ -20,6 +20,7 @@
import javax.xml.namespace.QName;
import java.util.List;
import java.util.ArrayList;
+import java.util.Properties;
public class PortInfo extends InfoObject {
public String serviceId;
@@ -44,4 +45,5 @@
public String realmName;
public String transportGuarantee;
public String securityRealmName;
+ public Properties properties;
}
Modified: openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/WsBuilder.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/WsBuilder.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/WsBuilder.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/WsBuilder.java Thu Apr 23 23:11:26 2009
@@ -50,6 +50,9 @@
portData.setLocation(port.location);
portData.setSecure("WS-SECURITY".equals(port.authMethod));
+ if (portData.isSecure()) {
+ portData.setSecurityProperties(port.properties);
+ }
return portData;
}
Modified: openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/AppInfoBuilder.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/AppInfoBuilder.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/AppInfoBuilder.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/AppInfoBuilder.java Thu Apr 23 23:11:26 2009
@@ -242,53 +242,6 @@
}
- /*
- * left package-local for a unit test
- */
- void configureWebserviceSecurity(EjbJarInfo ejbJarInfo, EjbModule ejbModule) {
- Object altDD = ejbModule.getAltDDs().get("openejb-jar.xml");
- if (altDD == null || (! (altDD instanceof OpenejbJarType))) return;
-
- OpenejbJarType openejbJarType = (OpenejbJarType) altDD;
-
-
- Map<String, org.apache.openejb.jee.oejb2.EnterpriseBean> beans = new HashMap<String, org.apache.openejb.jee.oejb2.EnterpriseBean>();
- for (org.apache.openejb.jee.oejb2.EnterpriseBean enterpriseBean : openejbJarType.getEnterpriseBeans()) {
- beans.put(enterpriseBean.getEjbName(), enterpriseBean);
- }
-
- List<PortInfo> infoList = ejbJarInfo.portInfos;
- for (PortInfo portInfo : infoList) {
-
- org.apache.openejb.jee.oejb2.EnterpriseBean bean = beans.get(portInfo.serviceLink);
-
- if (bean == null) continue; /* TODO: throw something? */
- if (!(bean instanceof SessionBeanType)) continue; /* TODO: throw something? */
-
- SessionBeanType sessionBean = (SessionBeanType) bean;
- WebServiceSecurityType webServiceSecurityType = sessionBean.getWebServiceSecurity();
-
- if (webServiceSecurityType == null) {
- //TODO: this ok?
- continue;
- }
-
- portInfo.realmName = webServiceSecurityType.getRealmName();
- portInfo.securityRealmName = webServiceSecurityType.getSecurityRealmName();
- if (webServiceSecurityType.getTransportGuarantee() != null) {
- portInfo.transportGuarantee = webServiceSecurityType.getTransportGuarantee().value();
- } else {
- portInfo.transportGuarantee = "NONE";
- }
-
- if (webServiceSecurityType.getAuthMethod() != null) {
- portInfo.authMethod = webServiceSecurityType.getAuthMethod().value();
- } else {
- portInfo.authMethod = "NONE";
- }
- }
- }
-
private void buildClientModules(AppModule appModule, AppInfo appInfo, JndiEncInfoBuilder jndiEncInfoBuilder) throws OpenEJBException {
for (ClientModule clientModule : appModule.getClientModules()) {
ApplicationClient applicationClient = clientModule.getApplicationClient();
@@ -322,6 +275,7 @@
webAppInfo.jndiEnc = jndiEncInfoBuilder.build(webApp, webModule.getJarLocation(), webAppInfo.moduleId);
webAppInfo.portInfos.addAll(configureWebservices(webModule.getWebservices()));
+ configureWebserviceSecurity(webAppInfo, webModule);
for (Servlet servlet : webModule.getWebApp().getServlet()) {
ServletInfo servletInfo = new ServletInfo();
@@ -672,6 +626,67 @@
return portMap;
}
+ void configureWebserviceSecurity(WebAppInfo info, WebModule module) {
+ Object altDD = module.getAltDDs().get("openejb-jar.xml");
+ List<PortInfo> infoList = info.portInfos;
+
+ configureWebserviceScurity(infoList, altDD);
+ }
+
+ /*
+ * left package-local for a unit test
+ */
+ void configureWebserviceSecurity(EjbJarInfo ejbJarInfo, EjbModule ejbModule) {
+ Object altDD = ejbModule.getAltDDs().get("openejb-jar.xml");
+ List<PortInfo> infoList = ejbJarInfo.portInfos;
+
+ configureWebserviceScurity(infoList, altDD);
+ }
+
+ private void configureWebserviceScurity(List<PortInfo> infoList, Object altDD) {
+ if (altDD == null || (! (altDD instanceof OpenejbJarType))) return;
+
+ OpenejbJarType openejbJarType = (OpenejbJarType) altDD;
+
+ Map<String, org.apache.openejb.jee.oejb2.EnterpriseBean> beans = new HashMap<String, org.apache.openejb.jee.oejb2.EnterpriseBean>();
+ for (org.apache.openejb.jee.oejb2.EnterpriseBean enterpriseBean : openejbJarType.getEnterpriseBeans()) {
+ beans.put(enterpriseBean.getEjbName(), enterpriseBean);
+ }
+
+ for (PortInfo portInfo : infoList) {
+
+ org.apache.openejb.jee.oejb2.EnterpriseBean bean = beans.get(portInfo.serviceLink);
+
+ if (bean == null) continue; /* TODO: throw something? */
+ if (!(bean instanceof SessionBeanType)) continue; /* TODO: throw something? */
+
+ SessionBeanType sessionBean = (SessionBeanType) bean;
+ WebServiceSecurityType webServiceSecurityType = sessionBean.getWebServiceSecurity();
+
+ if (webServiceSecurityType == null) {
+ //TODO: this ok?
+ continue;
+ }
+
+ portInfo.realmName = webServiceSecurityType.getRealmName();
+ portInfo.securityRealmName = webServiceSecurityType.getSecurityRealmName();
+ if (webServiceSecurityType.getTransportGuarantee() != null) {
+ portInfo.transportGuarantee = webServiceSecurityType.getTransportGuarantee().value();
+ } else {
+ portInfo.transportGuarantee = "NONE";
+ }
+
+ if (webServiceSecurityType.getAuthMethod() != null) {
+ portInfo.authMethod = webServiceSecurityType.getAuthMethod().value();
+ } else {
+ portInfo.authMethod = "NONE";
+ }
+ portInfo.properties = webServiceSecurityType.getProperties();
+
+ }
+
+ }
+
private static boolean skipMdb(EnterpriseBeanInfo bean) {
return bean instanceof MessageDrivenBeanInfo && System.getProperty("duct tape") != null;
}
Modified: openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/WsDeployer.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/WsDeployer.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/WsDeployer.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/config/WsDeployer.java Thu Apr 23 23:11:26 2009
@@ -269,6 +269,8 @@
webservices = new Webservices();
ejbModule.setWebservices(webservices);
}
+
+ webserviceDescription = webservices.getWebserviceDescriptionMap().get(JaxWsUtils.getServiceName(ejbClass));
if (webserviceDescription == null) {
webserviceDescription = new WebserviceDescription();
if (JaxWsUtils.isWebService(ejbClass)) {
@@ -283,11 +285,15 @@
PortComponent portComponent = portMap.get(sessionBean.getEjbName());
if (portComponent == null) {
portComponent = new PortComponent();
- if (ejbClass.isAnnotationPresent(WebServiceProvider.class)) {
- portComponent.setPortComponentName(ejbClass.getName());
- } else {
- portComponent.setPortComponentName(ejbClass.getSimpleName());
- }
+ if (webserviceDescription.getPortComponentMap().containsKey(JaxWsUtils.getPortQName(ejbClass).getLocalPart())) {
+ // when to webservices.xml is defined and when we want to
+ // publish more than one port for the same implementation by configuration
+ portComponent.setPortComponentName(sessionBean.getEjbName());
+
+ } else { // JAX-WS Metadata specification default
+ portComponent.setPortComponentName(JaxWsUtils.getPortQName(ejbClass).getLocalPart());
+
+ }
webserviceDescription.getPortComponent().add(portComponent);
ServiceImplBean serviceImplBean = new ServiceImplBean();
Modified: openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/JaxWsUtils.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/JaxWsUtils.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/JaxWsUtils.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/JaxWsUtils.java Thu Apr 23 23:11:26 2009
@@ -47,7 +47,7 @@
if (webService != null) {
String localName = webService.name();
if (localName == null || localName.length() == 0) {
- localName = seiClass.getName();
+ localName = seiClass.getSimpleName();
}
String namespace = webService.targetNamespace();
return new QName(getNamespace(seiClass, namespace), localName);
Modified: openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/PortData.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/PortData.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/PortData.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/webservices/PortData.java Thu Apr 23 23:11:26 2009
@@ -23,6 +23,7 @@
import javax.xml.ws.handler.PortInfo;
import java.util.List;
import java.util.ArrayList;
+import java.util.Properties;
import java.net.URL;
public class PortData implements PortInfo {
@@ -39,6 +40,7 @@
private QName wsdlService;
private String location;
private boolean secure;
+ private Properties securityProperties;
public String getPortId() {
return portId;
@@ -127,4 +129,14 @@
public boolean isSecure() {
return secure;
}
+
+ public Properties getSecurityProperties() {
+ return securityProperties;
+ }
+
+ public void setSecurityProperties(Properties securityProperties) {
+ this.securityProperties = securityProperties;
+ }
+
+
}
Modified: openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/persistence/JtaEntityManagerRegistry.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/persistence/JtaEntityManagerRegistry.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/persistence/JtaEntityManagerRegistry.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/persistence/JtaEntityManagerRegistry.java Thu Apr 23 23:11:26 2009
@@ -29,7 +29,7 @@
/**
* The JtaEntityManagerRegistry tracks JTA entity managers for transation and extended scoped
- * entity managers. A single instance of this object should be created and shared by all
+ * entity managers. A signle instance of this object should be created and shared by all
* JtaEntityManagers in the server instance. Failure to do this will result in multiple entity
* managers being created for a single persistence until, and that will result in cache
* incoherence.
@@ -41,7 +41,7 @@
private final TransactionSynchronizationRegistry transactionRegistry;
/**
- * Registry of extended context entity managers.
+ * Registry of entended context entity managers.
*/
private final ThreadLocal<ExtendedRegistry> extendedRegistry = new ThreadLocal<ExtendedRegistry>() {
protected ExtendedRegistry initialValue() {
@@ -88,7 +88,7 @@
if (extended) {
EntityManager entityManager = getInheritedEntityManager(entityManagerFactory);
if (entityManager == null) {
- throw new IllegalStateException("InternalError: an entity manager should already be registered for this extended persistence unit");
+ throw new IllegalStateException("InternalError: an entity manager should already be registered for this entended persistence unit");
}
// if transaction is active, we need to register the entity manager with the transaction manager
Modified: openejb/trunk/openejb3/container/openejb-core/src/test/java/org/apache/openejb/config/AppInfoBuilderTest.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/test/java/org/apache/openejb/config/AppInfoBuilderTest.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/test/java/org/apache/openejb/config/AppInfoBuilderTest.java (original)
+++ openejb/trunk/openejb3/container/openejb-core/src/test/java/org/apache/openejb/config/AppInfoBuilderTest.java Thu Apr 23 23:11:26 2009
@@ -25,6 +25,7 @@
import org.apache.openejb.jee.oejb3.OpenejbJar;
import java.util.List;
+import java.util.Properties;
public class AppInfoBuilderTest extends TestCase {
public void testShouldAddSecurityDetailsToPortInfo() throws Exception {
@@ -44,6 +45,11 @@
serviceSecurityType.setRealmName("MyRealm");
serviceSecurityType.setSecurityRealmName("MySecurityRealm");
serviceSecurityType.setTransportGuarantee(TransportGuaranteeType.NONE);
+
+ Properties props = new Properties();
+ props.put("wss4j.in.action", "Timestamp");
+ props.put("wss4j.out.action", "Timestamp");
+ serviceSecurityType.setProperties(props);
openejbSessionBean.setWebServiceSecurity(serviceSecurityType);
openejbJarType.getEnterpriseBeans().add(openejbSessionBean);
@@ -65,6 +71,8 @@
assertEquals("MySecurityRealm", info.securityRealmName);
assertEquals("BASIC", info.authMethod);
assertEquals("NONE", info.transportGuarantee);
+ assertEquals("Timestamp", portInfo.properties.getProperty("wss4j.in.action"));
+ assertEquals("Timestamp", portInfo.properties.getProperty("wss4j.out.action"));
}
public void testShouldUseDefaultsIfSettingIsNull() throws Exception {
@@ -84,6 +92,7 @@
serviceSecurityType.setRealmName(null);
serviceSecurityType.setSecurityRealmName(null);
serviceSecurityType.setTransportGuarantee(null);
+ serviceSecurityType.setProperties(null);
openejbSessionBean.setWebServiceSecurity(serviceSecurityType);
openejbJarType.getEnterpriseBeans().add(openejbSessionBean);
@@ -105,9 +114,10 @@
assertEquals(null, info.securityRealmName);
assertEquals("NONE", info.authMethod);
assertEquals("NONE", info.transportGuarantee);
+ assertTrue(portInfo.properties.isEmpty());
}
- public void testShouldIngorePortInfoThatDontMatchTheEjb() throws Exception {
+ public void testShouldIgnorePortInfoThatDontMatchTheEjb() throws Exception {
EjbJar ejbJar = new EjbJar();
SessionBean sessionBean = new SessionBean();
sessionBean.setEjbName("MySessionBean");
@@ -124,6 +134,7 @@
serviceSecurityType.setRealmName(null);
serviceSecurityType.setSecurityRealmName(null);
serviceSecurityType.setTransportGuarantee(null);
+ serviceSecurityType.setProperties(null);
openejbSessionBean.setWebServiceSecurity(serviceSecurityType);
openejbJarType.getEnterpriseBeans().add(openejbSessionBean);
@@ -138,6 +149,10 @@
portInfo.securityRealmName = "";
portInfo.transportGuarantee = "CONFIDENTIAL";
portInfo.serviceLink = "DifferentInfo";
+ Properties props = new Properties();
+ props.put("wss4j.in.action", "Timestamp");
+ props.put("wss4j.out.action", "Timestamp");
+ portInfo.properties = props;
ejbJarInfo.portInfos.add(portInfo);
new AppInfoBuilder(null).configureWebserviceSecurity(ejbJarInfo, ejbModule);
@@ -149,5 +164,7 @@
assertEquals("", info.securityRealmName);
assertEquals("DIGEST", info.authMethod);
assertEquals("CONFIDENTIAL", info.transportGuarantee);
+ assertEquals("Timestamp", portInfo.properties.getProperty("wss4j.in.action"));
+ assertEquals("Timestamp", portInfo.properties.getProperty("wss4j.out.action"));
}
}
Added: openejb/trunk/openejb3/container/openejb-core/src/test/resources/altddapp/META-INF/test.ejb-jar.xml
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/test/resources/altddapp/META-INF/test.ejb-jar.xml?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/container/openejb-core/src/test/resources/altddapp/META-INF/test.ejb-jar.xml (added)
+++ openejb/trunk/openejb3/container/openejb-core/src/test/resources/altddapp/META-INF/test.ejb-jar.xml Thu Apr 23 23:11:26 2009
@@ -0,0 +1,8 @@
+<ejb-jar xmlns="http://java.sun.com/xml/ns/javaee" version="3.0" metadata-complete="false">
+ <enterprise-beans>
+ <session>
+ <ejb-name>OrangeBean</ejb-name>
+ <ejb-class>org.superbiz.altdd.Orange</ejb-class>
+ </session>
+ </enterprise-beans>
+</ejb-jar>
Modified: openejb/trunk/openejb3/container/openejb-jee/src/main/java/org/apache/openejb/jee/oejb2/WebServiceSecurityType.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-jee/src/main/java/org/apache/openejb/jee/oejb2/WebServiceSecurityType.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/container/openejb-jee/src/main/java/org/apache/openejb/jee/oejb2/WebServiceSecurityType.java (original)
+++ openejb/trunk/openejb3/container/openejb-jee/src/main/java/org/apache/openejb/jee/oejb2/WebServiceSecurityType.java Thu Apr 23 23:11:26 2009
@@ -19,10 +19,15 @@
import java.util.ArrayList;
import java.util.List;
+import java.util.Properties;
+
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
+import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
+
+import org.apache.openejb.jee.oejb3.PropertiesAdapter;
/**
@@ -54,7 +59,8 @@
"realmName",
"transportGuarantee",
"authMethod",
- "httpMethod"
+ "httpMethod",
+ "properties"
})
public class WebServiceSecurityType {
@@ -68,6 +74,9 @@
protected AuthMethodType authMethod;
@XmlElement(name = "http-method")
protected List<String> httpMethod;
+ @XmlElement(name = "properties", required = false)
+ @XmlJavaTypeAdapter(PropertiesAdapter.class)
+ protected Properties properties;
/**
* Gets the value of the securityRealmName property.
@@ -194,4 +203,16 @@
return this.httpMethod;
}
+ public Properties getProperties() {
+ if (null == properties) {
+ properties = new Properties();
+ }
+ return properties;
+ }
+
+ public void setProperties(Properties properties) {
+ this.properties = properties;
+ }
+
+
}
Added: openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateKeyPair.bat
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateKeyPair.bat?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateKeyPair.bat (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateKeyPair.bat Thu Apr 23 23:11:26 2009
@@ -0,0 +1,11 @@
+rem @echo off
+echo alias %1
+echo keypass %2
+echo keystoreName %3
+echo KeyStorePass %4
+echo keyName %5
+
+echo keyName %5
+keytool -genkey -alias %1 -keypass %2 -keystore %3 -storepass %4 -dname "cn=%1" -keyalg RSA
+keytool -selfcert -alias %1 -keystore %3 -storepass %4 -keypass %2
+keytool -export -alias %1 -file %5 -keystore %3 -storepass %4
Added: openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateServerKey.bat
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateServerKey.bat?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateServerKey.bat (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/keys/generateServerKey.bat Thu Apr 23 23:11:26 2009
@@ -0,0 +1,4 @@
+call generateKeyPair.bat serveralias serverPassword serverStore.jks keystorePass serverKey.rsa
+call generateKeyPair.bat clientalias clientPassword clientStore.jks keystorePass clientKey.rsa
+keytool -import -alias serveralias -file serverKey.rsa -keystore clientStore.jks -storepass keystorePass -noprompt
+keytool -import -alias clientalias -file clientKey.rsa -keystore serverStore.jks -storepass keystorePass -noprompt
Modified: openejb/trunk/openejb3/examples/webservice-ws-security/pom.xml
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/pom.xml?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/pom.xml (original)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/pom.xml Thu Apr 23 23:11:26 2009
@@ -1,77 +1,238 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<!-- $Rev: 684173 $ $Date: 2008-08-08 20:13:24 -0700 (Fri, 08 Aug 2008) $ -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>org.superbiz</groupId>
- <artifactId>webservice-ws-security</artifactId>
- <packaging>jar</packaging>
- <version>1.1-SNAPSHOT</version>
- <name>OpenEJB :: Web Examples :: EJB WebService with WS-Security</name>
- <dependencies>
- <dependency>
- <groupId>org.apache.openejb</groupId>
- <artifactId>javaee-api</artifactId>
- <version>5.0-1</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.openejb</groupId>
- <artifactId>openejb-client</artifactId>
- <version>3.1.1-SNAPSHOT</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.openejb</groupId>
- <artifactId>openejb-core</artifactId>
- <version>3.1.1-SNAPSHOT</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.openejb</groupId>
- <artifactId>openejb-cxf</artifactId>
- <version>3.1.1-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>4.4</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
- <build>
- <defaultGoal>install</defaultGoal>
-
- <plugins>
- <plugin>
- <artifactId>maven-compiler-plugin</artifactId>
- <configuration>
- <source>1.5</source>
- <target>1.5</target>
- </configuration>
- </plugin>
- </plugins>
- </build>
+ <!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership. The
+ ASF licenses this file to You under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance with the
+ License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable
+ law or agreed to in writing, software distributed under the License is
+ distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the specific
+ language governing permissions and limitations under the License.
+ -->
+
+ <!-- $Rev: 684173 $ $Date: 2008-08-08 20:13:24 -0700 (Fri, 08 Aug 2008) $ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.superbiz</groupId>
+ <artifactId>webservice-ws-security</artifactId>
+ <packaging>jar</packaging>
+ <version>1.1-SNAPSHOT</version>
+ <name>OpenEJB :: Web Examples :: EJB WebService with WS-Security</name>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.openejb</groupId>
+ <artifactId>javaee-api</artifactId>
+ <version>5.0-1</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.openejb</groupId>
+ <artifactId>openejb-client</artifactId>
+ <version>3.1.1-SNAPSHOT</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.openejb</groupId>
+ <artifactId>openejb-core</artifactId>
+ <version>3.1.1-SNAPSHOT</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.openejb</groupId>
+ <artifactId>openejb-cxf</artifactId>
+ <version>3.1.1-SNAPSHOT</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.4</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>xalan</groupId>
+ <artifactId>xalan</artifactId>
+ <version>2.6.0</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+ <build>
+ <defaultGoal>install</defaultGoal>
+
+ <pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.2</version>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ <plugins>
+ <plugin>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.5</source>
+ <target>1.5</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-clover-plugin</artifactId>
+ <configuration>
+ <jdk>1.5</jdk>
+ <excludes>
+ <exclude>**/package-info.java</exclude>
+ </excludes>
+ </configuration>
+ <executions>
+ <execution>
+ <id>site</id>
+ <phase>pre-site</phase>
+ <goals>
+ <goal>instrument</goal>
+ <goal>aggregate</goal>
+ <goal>save-history</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-antrun-plugin</artifactId>
+ <version>1.3</version>
+ <executions>
+ <execution>
+ <id>generate-keys</id>
+ <phase>process-test-resources</phase>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ <configuration>
+ <tasks name="generate keys">
+ <property name="server.alias" value="serveralias"/>
+ <property name="server.keypass" value="serverPassword"/>
+ <property name="server.keystore" value="target/classes/META-INF/serverStore.jks"/>
+ <property name="server.storepass" value="keystorePass"/>
+ <property name="server.dname" value="'cn=serveralias'"/>
+ <property name="server.file" value="target/classes/META-INF/serverKey.rsa"/>
+
+ <property name="client.alias" value="clientalias"/>
+ <property name="client.keypass" value="clientPassword"/>
+ <property name="client.keystore" value="target/test-classes/META-INF/clientStore.jks"/>
+ <property name="client.storepass" value="keystorePass"/>
+ <property name="client.dname" value="'cn=clientalias'"/>
+ <property name="client.file" value="target/test-classes/META-INF/clientKey.rsa"/>
+
+ <property name="keyalg" value="RSA"/>
+
+ <echo message="generate server keys"/>
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-genkey" />
+ <arg line="-alias ${server.alias}" />
+ <arg line="-keypass ${server.keypass}" />
+ <arg line="-keystore ${server.keystore}" />
+ <arg line="-storepass ${server.storepass}" />
+ <arg line="-dname ${server.dname}" />
+ <arg line="-keyalg ${keyalg}" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-selfcert" />
+ <arg line="-alias ${server.alias}" />
+ <arg line="-keystore ${server.keystore}" />
+ <arg line="-storepass ${server.storepass}" />
+ <arg line="-keypass ${server.keypass}" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-export" />
+ <arg line="-alias ${server.alias}" />
+ <arg line="-file ${server.file}" />
+ <arg line="-keystore ${server.keystore}" />
+ <arg line="-storepass ${server.storepass}" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+
+ <echo message="generate client keys"/>
+
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-genkey" />
+ <arg line="-alias ${client.alias}" />
+ <arg line="-keypass ${client.keypass}" />
+ <arg line="-keystore ${client.keystore}" />
+ <arg line="-storepass ${client.storepass}" />
+ <arg line="-dname ${client.dname}" />
+ <arg line="-keyalg ${keyalg}" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-selfcert" />
+ <arg line="-alias ${client.alias}" />
+ <arg line="-keystore ${client.keystore}" />
+ <arg line="-storepass ${client.storepass}" />
+ <arg line="-keypass ${client.keypass}" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-export" />
+ <arg line="-alias ${client.alias}" />
+ <arg line="-file ${client.file}" />
+ <arg line="-keystore ${client.keystore}" />
+ <arg line="-storepass ${client.storepass}" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+
+ <echo message="import client/server public keys
+ in client/server keystores"/>
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-import" />
+ <arg line="-alias ${server.alias}" />
+ <arg line="-file ${server.file}" />
+ <arg line="-keystore ${client.keystore}" />
+ <arg line="-storepass ${client.storepass}" />
+ <arg line="-noprompt" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+ <java classname="sun.security.tools.KeyTool">
+ <arg line="-import" />
+ <arg line="-alias ${client.alias}" />
+ <arg line="-file ${client.file}" />
+ <arg line="-keystore ${server.keystore}" />
+ <arg line="-storepass ${server.storepass}" />
+ <arg line="-noprompt" />
+ <permissions>
+ <grant class="java.security.AllPermission" />
+ </permissions>
+ </java>
+ </tasks>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
<!--
This section allows you to configure where to publish libraries for sharing.
It is not required and may be deleted. For more information see:
@@ -89,4 +250,3 @@
</distributionManagement>
</project>
-
Modified: openejb/trunk/openejb3/examples/webservice-ws-security/src/main/java/org/superbiz/calculator/CalculatorImpl.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/main/java/org/superbiz/calculator/CalculatorImpl.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/main/java/org/superbiz/calculator/CalculatorImpl.java (original)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/main/java/org/superbiz/calculator/CalculatorImpl.java Thu Apr 23 23:11:26 2009
@@ -42,10 +42,9 @@
return add1 + add2;
}
- @RolesAllowed(value={"Administrator"})
public int multiply(int mul1, int mul2) {
return mul1 * mul2;
}
}
-//END SNIPPET: code
\ No newline at end of file
+//END SNIPPET: code
Added: openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplSign-server.properties
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplSign-server.properties?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplSign-server.properties (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplSign-server.properties Thu Apr 23 23:11:26 2009
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=keystorePass
+org.apache.ws.security.crypto.merlin.keystore.alias=serveralias
+org.apache.ws.security.crypto.merlin.file=META-INF/serverStore.jks
Added: openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-server.properties
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-server.properties?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-server.properties (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-server.properties Thu Apr 23 23:11:26 2009
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=keystorePass
+org.apache.ws.security.crypto.merlin.keystore.alias=serveralias
+org.apache.ws.security.crypto.merlin.file=META-INF/serverStore.jks
Modified: openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/ejb-jar.xml
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/ejb-jar.xml?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/ejb-jar.xml (original)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/ejb-jar.xml Thu Apr 23 23:11:26 2009
@@ -1 +1,64 @@
-<ejb-jar/>
\ No newline at end of file
+<?xml version="1.0" encoding="UTF-8"?>
+<ejb-jar xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd"
+ version="3.0" id="simple" metadata-complete="false">
+
+ <enterprise-beans>
+
+ <session>
+ <ejb-name>CalculatorImplTimestamp1way</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplTimestamp2ways</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplUsernameTokenPlainPassword</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplUsernameTokenHashedPassword</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplUsernameTokenPlainPasswordEncrypt</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplSign</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplEncrypt2ways</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplSign2ways</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplEncryptAndSign2ways</ejb-name>
+ <service-endpoint>org.superbiz.calculator.CalculatorWs</service-endpoint>
+ <ejb-class>org.superbiz.calculator.CalculatorImpl</ejb-class>
+ </session>
+
+ </enterprise-beans>
+
+</ejb-jar>
Modified: openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/openejb-jar.xml
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/openejb-jar.xml?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/openejb-jar.xml (original)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/openejb-jar.xml Thu Apr 23 23:11:26 2009
@@ -6,7 +6,92 @@
<security-realm-name/>
<transport-guarantee>NONE</transport-guarantee>
<auth-method>WS-SECURITY</auth-method>
+ <properties>
+ wss4j.in.action = UsernameToken
+ wss4j.in.passwordType = PasswordText
+ </properties>
+ </web-service-security>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplTimestamp1way</ejb-name>
+ <web-service-security>
+ <security-realm-name/>
+ <transport-guarantee>NONE</transport-guarantee>
+ <auth-method>WS-SECURITY</auth-method>
+ <properties>
+ wss4j.in.action = Timestamp
+ </properties>
+ </web-service-security>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplTimestamp2ways</ejb-name>
+ <web-service-security>
+ <security-realm-name/>
+ <transport-guarantee>NONE</transport-guarantee>
+ <auth-method>WS-SECURITY</auth-method>
+ <properties>
+ wss4j.in.action = Timestamp
+ wss4j.out.action = Timestamp
+ </properties>
+ </web-service-security>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplUsernameTokenPlainPassword</ejb-name>
+ <web-service-security>
+ <security-realm-name/>
+ <transport-guarantee>NONE</transport-guarantee>
+ <auth-method>WS-SECURITY</auth-method>
+ <properties>
+ wss4j.in.action = UsernameToken
+ wss4j.in.passwordType = PasswordText
+ </properties>
+ </web-service-security>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplUsernameTokenHashedPassword</ejb-name>
+ <web-service-security>
+ <security-realm-name/>
+ <transport-guarantee>NONE</transport-guarantee>
+ <auth-method>WS-SECURITY</auth-method>
+ <properties>
+ wss4j.in.action = UsernameToken
+ wss4j.in.passwordType = PasswordDigest
+ wss4j.in.passwordCallbackClass=org.superbiz.calculator.CustomPasswordHandler
+ </properties>
+ </web-service-security>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplUsernameTokenPlainPasswordEncrypt</ejb-name>
+ <web-service-security>
+ <security-realm-name/>
+ <transport-guarantee>NONE</transport-guarantee>
+ <auth-method>WS-SECURITY</auth-method>
+ <properties>
+ wss4j.in.action = UsernameToken Encrypt
+ wss4j.in.passwordType = PasswordText
+ wss4j.in.passwordCallbackClass=org.superbiz.calculator.CustomPasswordHandler
+ wss4j.in.decryptionPropFile = META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-server.properties
+ </properties>
+ </web-service-security>
+ </session>
+
+ <session>
+ <ejb-name>CalculatorImplSign</ejb-name>
+ <web-service-security>
+ <security-realm-name/>
+ <transport-guarantee>NONE</transport-guarantee>
+ <auth-method>WS-SECURITY</auth-method>
+ <properties>
+ wss4j.in.action = Signature
+ wss4j.in.passwordCallbackClass=org.superbiz.calculator.CustomPasswordHandler
+ wss4j.in.signaturePropFile = META-INF/CalculatorImplSign-server.properties
+ </properties>
</web-service-security>
</session>
</enterprise-beans>
-</openejb-jar>
\ No newline at end of file
+</openejb-jar>
Added: openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/webservices.xml
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/webservices.xml?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/webservices.xml (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/main/resources/META-INF/webservices.xml Thu Apr 23 23:11:26 2009
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<webservices xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
+http://www.ibm.com/webservices/xsd/j2ee_web_services_1_1.xsd"
+ xmlns:ger="http://ciaows.org/wsdl" version="1.1">
+
+ <webservice-description>
+ <webservice-description-name>CalculatorWsService</webservice-description-name>
+ <port-component>
+ <port-component-name>CalculatorImplTimestamp1way</port-component-name>
+ <wsdl-port>CalculatorImplTimestamp1way</wsdl-port>
+ <service-endpoint-interface>org.superbiz.calculator.CalculatorWs</service-endpoint-interface>
+ <service-impl-bean>
+ <ejb-link>CalculatorImplTimestamp1way</ejb-link>
+ </service-impl-bean>
+ </port-component>
+ <port-component>
+ <port-component-name>CalculatorImplTimestamp2ways</port-component-name>
+ <wsdl-port>CalculatorImplTimestamp2ways</wsdl-port>
+ <service-endpoint-interface>org.superbiz.calculator.CalculatorWs</service-endpoint-interface>
+ <service-impl-bean>
+ <ejb-link>CalculatorImplTimestamp2ways</ejb-link>
+ </service-impl-bean>
+ </port-component>
+ <port-component>
+ <port-component-name>CalculatorImplUsernameTokenPlainPassword</port-component-name>
+ <wsdl-port>CalculatorImplUsernameTokenPlainPassword</wsdl-port>
+ <service-endpoint-interface>org.superbiz.calculator.CalculatorWs</service-endpoint-interface>
+ <service-impl-bean>
+ <ejb-link>CalculatorImplUsernameTokenPlainPassword</ejb-link>
+ </service-impl-bean>
+ </port-component>
+ <port-component>
+ <port-component-name>CalculatorImplUsernameTokenHashedPassword</port-component-name>
+ <wsdl-port>CalculatorImplUsernameTokenHashedPassword</wsdl-port>
+ <service-endpoint-interface>org.superbiz.calculator.CalculatorWs</service-endpoint-interface>
+ <service-impl-bean>
+ <ejb-link>CalculatorImplUsernameTokenHashedPassword</ejb-link>
+ </service-impl-bean>
+ </port-component>
+ <port-component>
+ <port-component-name>CalculatorImplUsernameTokenPlainPasswordEncrypt</port-component-name>
+ <wsdl-port>CalculatorImplUsernameTokenPlainPasswordEncrypt</wsdl-port>
+ <service-endpoint-interface>org.superbiz.calculator.CalculatorWs</service-endpoint-interface>
+ <service-impl-bean>
+ <ejb-link>CalculatorImplUsernameTokenPlainPasswordEncrypt</ejb-link>
+ </service-impl-bean>
+ </port-component>
+ </webservice-description>
+
+</webservices>
Modified: openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CalculatorTest.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CalculatorTest.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CalculatorTest.java (original)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CalculatorTest.java Thu Apr 23 23:11:26 2009
@@ -20,6 +20,7 @@
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
@@ -32,7 +33,12 @@
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.xml.namespace.QName;
+import javax.xml.ws.Binding;
+import javax.xml.ws.BindingType;
import javax.xml.ws.Service;
+import javax.xml.ws.soap.SOAPBinding;
+
import java.io.IOException;
import java.net.URL;
import java.util.HashMap;
@@ -60,9 +66,110 @@
*/
//START SNIPPET: webservice
public void testCalculatorViaWsInterface() throws Exception {
- Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImpl?wsdl"), null);
+ Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImpl?wsdl"),
+ new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
+ assertNotNull(calcService);
+
+ CalculatorWs calc = calcService.getPort(CalculatorWs.class);
+
+ Client client = ClientProxy.getClient(calc);
+ Endpoint endpoint = client.getEndpoint();
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+
+ Map<String, Object> outProps = new HashMap<String, Object>();
+ outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
+ outProps.put(WSHandlerConstants.USER, "jane");
+ outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
+ outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
+ pc.setPassword("waterfall");
+ }
+ });
+
+ WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
+ endpoint.getOutInterceptors().add(wssOut);
+
+ assertEquals(10, calc.sum(4,6));
+ }
+
+ public void testCalculatorViaWsInterfaceWithTimestamp1way() throws Exception {
+ Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImplTimestamp1way?wsdl"),
+ new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
+ assertNotNull(calcService);
+
+ // for debugging (ie. TCPMon)
+ calcService.addPort(new QName("http://superbiz.org/wsdl",
+ "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING,
+ "http://127.0.0.1:8204/CalculatorImplTimestamp1way");
+
+// CalculatorWs calc = calcService.getPort(
+// new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
+// CalculatorWs.class);
+
+ CalculatorWs calc = calcService.getPort(CalculatorWs.class);
+
+ Client client = ClientProxy.getClient(calc);
+ Endpoint endpoint = client.getEndpoint();
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+
+ Map<String, Object> outProps = new HashMap<String, Object>();
+ outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
+ WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
+ endpoint.getOutInterceptors().add(wssOut);
+
+ assertEquals(12, calc.multiply(3,4));
+ }
+
+ public void testCalculatorViaWsInterfaceWithTimestamp2ways() throws Exception {
+ Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImplTimestamp2ways?wsdl"),
+ new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
+ assertNotNull(calcService);
+
+ // for debugging (ie. TCPMon)
+ calcService.addPort(new QName("http://superbiz.org/wsdl",
+ "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING,
+ "http://127.0.0.1:8204/CalculatorImplTimestamp2ways");
+
+// CalculatorWs calc = calcService.getPort(
+// new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
+// CalculatorWs.class);
+
+ CalculatorWs calc = calcService.getPort(CalculatorWs.class);
+
+ Client client = ClientProxy.getClient(calc);
+ Endpoint endpoint = client.getEndpoint();
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+ endpoint.getInInterceptors().add(new SAAJInInterceptor());
+
+ Map<String, Object> outProps = new HashMap<String, Object>();
+ outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
+ WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
+ endpoint.getOutInterceptors().add(wssOut);
+
+ Map<String, Object> inProps = new HashMap<String, Object>();
+ inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
+ WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
+ endpoint.getInInterceptors().add(wssIn);
+
+ assertEquals(12, calc.multiply(3,4));
+ }
+
+ public void testCalculatorViaWsInterfaceWithUsernameTokenPlainPassword() throws Exception {
+ Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImplUsernameTokenPlainPassword?wsdl"),
+ new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
assertNotNull(calcService);
+ // for debugging (ie. TCPMon)
+ calcService.addPort(new QName("http://superbiz.org/wsdl",
+ "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING,
+ "http://127.0.0.1:8204/CalculatorImplUsernameTokenPlainPassword");
+
+// CalculatorWs calc = calcService.getPort(
+// new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
+// CalculatorWs.class);
+
CalculatorWs calc = calcService.getPort(CalculatorWs.class);
Client client = ClientProxy.getClient(calc);
@@ -85,8 +192,125 @@
endpoint.getOutInterceptors().add(wssOut);
assertEquals(10, calc.sum(4,6));
- assertEquals(12, calc.multiply(3,4));
+ }
+
+ public void testCalculatorViaWsInterfaceWithUsernameTokenHashedPassword() throws Exception {
+ Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImplUsernameTokenHashedPassword?wsdl"),
+ new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
+ assertNotNull(calcService);
+
+ // for debugging (ie. TCPMon)
+ calcService.addPort(new QName("http://superbiz.org/wsdl",
+ "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING,
+ "http://127.0.0.1:8204/CalculatorImplUsernameTokenHashedPassword");
+
+// CalculatorWs calc = calcService.getPort(
+// new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
+// CalculatorWs.class);
+
+ CalculatorWs calc = calcService.getPort(CalculatorWs.class);
+
+ Client client = ClientProxy.getClient(calc);
+ Endpoint endpoint = client.getEndpoint();
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+
+ Map<String, Object> outProps = new HashMap<String, Object>();
+ outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
+ outProps.put(WSHandlerConstants.USER, "jane");
+ outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
+ outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
+ pc.setPassword("waterfall");
+ }
+ });
+
+ WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
+ endpoint.getOutInterceptors().add(wssOut);
+
+ assertEquals(10, calc.sum(4,6));
+ }
+
+ public void testCalculatorViaWsInterfaceWithUsernameTokenPlainPasswordEncrypt() throws Exception {
+ Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImplUsernameTokenPlainPasswordEncrypt?wsdl"),
+ new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
+ assertNotNull(calcService);
+
+ // for debugging (ie. TCPMon)
+ calcService.addPort(new QName("http://superbiz.org/wsdl",
+ "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING,
+ "http://127.0.0.1:8204/CalculatorImplUsernameTokenPlainPasswordEncrypt");
+
+// CalculatorWs calc = calcService.getPort(
+// new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
+// CalculatorWs.class);
+
+ CalculatorWs calc = calcService.getPort(CalculatorWs.class);
+
+ Client client = ClientProxy.getClient(calc);
+ Endpoint endpoint = client.getEndpoint();
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+
+ Map<String, Object> outProps = new HashMap<String, Object>();
+ outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN
+ + " " + WSHandlerConstants.ENCRYPT);
+ outProps.put(WSHandlerConstants.USER, "jane");
+ outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
+ outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
+ pc.setPassword("waterfall");
+ }
+ });
+ outProps.put(WSHandlerConstants.ENC_PROP_FILE, "META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-client.properties");
+ outProps.put(WSHandlerConstants.ENCRYPTION_USER, "serveralias");
+
+ WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
+ endpoint.getOutInterceptors().add(wssOut);
+
+ assertEquals(10, calc.sum(4,6));
+ }
+
+ public void testCalculatorViaWsInterfaceWithSign() throws Exception {
+ Service calcService = Service.create(new URL("http://127.0.0.1:4204/CalculatorImplSign?wsdl"),
+ new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
+ assertNotNull(calcService);
+
+ // for debugging (ie. TCPMon)
+ calcService.addPort(new QName("http://superbiz.org/wsdl",
+ "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING,
+ "http://127.0.0.1:8204/CalculatorImplSign");
+
+// CalculatorWs calc = calcService.getPort(
+// new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
+// CalculatorWs.class);
+
+ CalculatorWs calc = calcService.getPort(CalculatorWs.class);
+
+ Client client = ClientProxy.getClient(calc);
+ Endpoint endpoint = client.getEndpoint();
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+
+ Map<String, Object> outProps = new HashMap<String, Object>();
+ outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
+ outProps.put(WSHandlerConstants.USER, "clientalias");
+ outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
+ pc.setPassword("clientPassword");
+ }
+ });
+ outProps.put(WSHandlerConstants.SIG_PROP_FILE, "META-INF/CalculatorImplSign-client.properties");
+ outProps.put(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial");
+
+ WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
+ endpoint.getOutInterceptors().add(wssOut);
+
+ assertEquals(24, calc.multiply(4,6));
}
//END SNIPPET: webservice
-}
\ No newline at end of file
+}
Added: openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CustomPasswordHandler.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CustomPasswordHandler.java?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CustomPasswordHandler.java (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/test/java/org/superbiz/calculator/CustomPasswordHandler.java Thu Apr 23 23:11:26 2009
@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.superbiz.calculator;
+
+import org.apache.ws.security.WSPasswordCallback;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.spi.SecurityService;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import java.io.IOException;
+
+public class CustomPasswordHandler implements CallbackHandler {
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
+
+ if(pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) {
+ // TODO get the password from the users.properties if possible
+ pc.setPassword("waterfall");
+
+ } else if(pc.getUsage() == WSPasswordCallback.DECRYPT) {
+ pc.setPassword("serverPassword");
+
+ } else if(pc.getUsage() == WSPasswordCallback.SIGNATURE) {
+ pc.setPassword("serverPassword");
+
+ }
+
+ if ((pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN)
+ || (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN)) {
+
+ SecurityService securityService = SystemInstance.get()
+ .getComponent(SecurityService.class);
+ Object token = null;
+ try {
+ securityService.disassociate();
+
+ token = securityService.login(pc.getIdentifer(), pc.getPassword());
+ securityService.associate(token);
+
+ } catch (LoginException e) {
+ e.printStackTrace();
+ throw new SecurityException("wrong password");
+ } finally {
+ }
+ }
+
+
+ }
+}
Added: openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplSign-client.properties
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplSign-client.properties?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplSign-client.properties (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplSign-client.properties Thu Apr 23 23:11:26 2009
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=keystorePass
+org.apache.ws.security.crypto.merlin.keystore.alias=clientalias
+org.apache.ws.security.crypto.merlin.file=META-INF/clientStore.jks
Added: openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-client.properties
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-client.properties?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-client.properties (added)
+++ openejb/trunk/openejb3/examples/webservice-ws-security/src/test/resources/META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-client.properties Thu Apr 23 23:11:26 2009
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=keystorePass
+org.apache.ws.security.crypto.merlin.keystore.alias=clientalias
+org.apache.ws.security.crypto.merlin.file=META-INF/clientStore.jks
Modified: openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java (original)
+++ openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java Thu Apr 23 23:11:26 2009
@@ -42,7 +42,7 @@
} catch (Exception e) {
if (serverUri.indexOf("://") == -1) {
try {
- URI location = new URI("ejbd://" + serverUri);
+ URI location = new URI("oejb://" + serverUri);
server = new ServerMetaData(location);
} catch (URISyntaxException ignored) {
}
Modified: openejb/trunk/openejb3/server/openejb-cxf/pom.xml
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-cxf/pom.xml?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/server/openejb-cxf/pom.xml (original)
+++ openejb/trunk/openejb3/server/openejb-cxf/pom.xml Thu Apr 23 23:11:26 2009
@@ -24,7 +24,7 @@
<artifactId>server</artifactId>
<groupId>org.apache.openejb</groupId>
<version>3.1.1-SNAPSHOT</version>
- </parent>
+ </parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>openejb-cxf</artifactId>
<packaging>jar</packaging>
@@ -78,7 +78,7 @@
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-bundle</artifactId>
- <version>2.0.4-incubator</version>
+ <version>2.0.9</version>
<exclusions>
<exclusion>
<groupId>aopalliance</groupId>
@@ -209,6 +209,10 @@
<artifactId>velocity</artifactId>
</exclusion>
<exclusion>
+ <groupId>wss4j</groupId>
+ <artifactId>wss4j</artifactId>
+ </exclusion>
+ <exclusion>
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
</exclusion>
@@ -217,6 +221,10 @@
<artifactId>xml-apis</artifactId>
</exclusion>
<exclusion>
+ <groupId>xml-security</groupId>
+ <artifactId>xmlsec</artifactId>
+ </exclusion>
+ <exclusion>
<groupId>xmlbeans</groupId>
<artifactId>xbean</artifactId>
</exclusion>
Added: openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java?rev=768087&view=auto
==============================================================================
--- openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java (added)
+++ openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java Thu Apr 23 23:11:26 2009
@@ -0,0 +1,65 @@
+package org.apache.openejb.server.cxf;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.ws.security.handler.WSHandlerConstants;
+
+/**
+ * Helper class to extract WSS4J properties from a set of properties. More over,
+ * it configures In and Out interceptor to manage WS6Security.
+ *
+ */
+public class ConfigureCxfSecurity {
+
+ public static final void setupWSS4JChain(Endpoint endpoint, Properties inProps) {
+
+ Map<String, Object> in = getPropsFromProperties(inProps, "wss4j.in.");
+ Map<String, Object> out = getPropsFromProperties(inProps, "wss4j.out.");
+ setupWSS4JChain(endpoint, in, out);
+ }
+
+ public static Map<String, Object> getPropsFromProperties(Properties inProps, String pattern) {
+ String key, val;
+
+ Map<String, Object> props = new HashMap<String, Object>();
+ for (Map.Entry<Object, Object> entry : inProps.entrySet()) {
+ key = String.valueOf(entry.getKey());
+ val = String.valueOf(entry.getValue()).trim();
+ if (key.startsWith(pattern)) {
+ props.put(key.substring(pattern.length()), val);
+ }
+ }
+ if (!props.isEmpty()) {
+ // WSHandler first look for a property PW_CALLBACK_CLASS
+ // if not found, it gets the PW_CALLBACK_REF
+ props.put(WSHandlerConstants.PW_CALLBACK_REF, new ServerPasswordHandler());
+ }
+ return props;
+ }
+
+ public static final void setupWSS4JChain(Endpoint endpoint, Map<String, Object> inProps, Map<String, Object> outProps) {
+
+ if (null != inProps && !inProps.isEmpty()) {
+ endpoint.getInInterceptors().add(new SAAJInInterceptor());
+ endpoint.getInInterceptors().add(new WSS4JInInterceptor(inProps));
+ }
+
+ if (null != outProps && !outProps.isEmpty()) {
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+ endpoint.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ }
+
+ }
+
+ public static final void configure(Endpoint endpoint, Properties p) {
+ setupWSS4JChain(endpoint, p);
+ }
+
+}
Modified: openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ejb/EjbEndpoint.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ejb/EjbEndpoint.java?rev=768087&r1=768086&r2=768087&view=diff
==============================================================================
--- openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ejb/EjbEndpoint.java (original)
+++ openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ejb/EjbEndpoint.java Thu Apr 23 23:11:26 2009
@@ -30,6 +30,7 @@
import org.apache.openejb.DeploymentInfo;
import org.apache.openejb.core.webservices.JaxWsUtils;
import org.apache.openejb.core.webservices.PortData;
+import org.apache.openejb.server.cxf.ConfigureCxfSecurity;
import org.apache.openejb.server.cxf.CxfEndpoint;
import org.apache.openejb.server.cxf.CxfServiceConfiguration;
import org.apache.openejb.server.cxf.JaxWsImplementorInfoImpl;
@@ -95,13 +96,7 @@
// Install WSS4J interceptor
if (port.isSecure()) {
- Map<String, Object> inProps = new HashMap<String, Object>();
- inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
- inProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
- inProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ServerPasswordHandler.class.getName());
-
- WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
- endpoint.getInInterceptors().add(wssIn);
+ ConfigureCxfSecurity.configure(endpoint, port.getSecurityProperties());
}
}