You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by na...@apache.org on 2009/09/01 08:43:55 UTC
svn commit: r809850 - in
/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart:
policy/builders/CryptoConfigBuilder.java policy/model/CryptoConfig.java
util/RampartUtil.java
Author: nandana
Date: Tue Sep 1 06:43:55 2009
New Revision: 809850
URL: http://svn.apache.org/viewvc?rev=809850&view=rev
Log:
RAMPART-248 Applying the patch. Thanks Thilina
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java?rev=809850&r1=809849&r2=809850&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java Tue Sep 1 06:43:55 2009
@@ -37,6 +37,16 @@
OMAttribute attribute = element.getAttribute(new QName(CryptoConfig.PROVIDER_ATTR));
cryptoCofig.setProvider(attribute.getAttributeValue().trim());
+
+ OMAttribute cryptoKeyAttr = element.getAttribute(new QName(CryptoConfig.CRYPTO_KEY_ATTR));
+ if(cryptoKeyAttr != null){
+ cryptoCofig.setCryptoKey(cryptoKeyAttr.getAttributeValue().trim());
+ }
+
+ OMAttribute cacheRefreshIntAttr = element.getAttribute(new QName(CryptoConfig.CACHE_REFRESH_INTVL));
+ if(cacheRefreshIntAttr != null){
+ cryptoCofig.setCacheRefreshInterval(cacheRefreshIntAttr.getAttributeValue().trim());
+ }
Properties properties = new Properties();
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java?rev=809850&r1=809849&r2=809850&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java Tue Sep 1 06:43:55 2009
@@ -45,8 +45,29 @@
public final static String PROVIDER_ATTR = "provider";
public final static String PROPERTY_LN = "property";
public final static String PROPERTY_NAME_ATTR = "name";
+ public final static String CRYPTO_KEY_ATTR = "cryptoKey";
+ public final static String CACHE_REFRESH_INTVL = "cacheRefreshInterval";
private String provider;
+ private String cryptoKey;
+ private String cacheRefreshInterval;
+
+ public String getCryptoKey() {
+ return cryptoKey;
+ }
+
+ public void setCryptoKey(String cryptoKey) {
+ this.cryptoKey = cryptoKey;
+ }
+
+ public String getCacheRefreshInterval() {
+ return cacheRefreshInterval;
+ }
+
+ public void setCacheRefreshInterval(String cacheRefreshInterval) {
+ this.cacheRefreshInterval = cacheRefreshInterval;
+ }
+
private Properties prop;
public Properties getProp() {
@@ -89,6 +110,16 @@
if (getProvider() != null) {
writer.writeAttribute(PROVIDER_ATTR, getProvider());
}
+
+ if(getCryptoKey() != null){
+ writer.writeAttribute(CRYPTO_KEY_ATTR, getCryptoKey());
+ }
+
+ if(getCacheRefreshInterval() != null){
+ writer.writeAttribute(CACHE_REFRESH_INTVL, getCacheRefreshInterval());
+ }
+
+
String key;
String value;
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?rev=809850&r1=809849&r2=809850&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java Tue Sep 1 06:43:55 2009
@@ -22,11 +22,7 @@
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.xpath.AXIOMXPath;
-import org.apache.axiom.soap.SOAP11Constants;
-import org.apache.axiom.soap.SOAP12Constants;
-import org.apache.axiom.soap.SOAPEnvelope;
-import org.apache.axiom.soap.SOAPHeader;
-import org.apache.axiom.soap.SOAPHeaderBlock;
+import org.apache.axiom.soap.*;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.AddressingConstants;
import org.apache.axis2.client.Options;
@@ -93,21 +89,24 @@
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Hashtable;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Properties;
-import java.util.Set;
-import java.util.Vector;
+import java.util.*;
public class RampartUtil {
private static final String CRYPTO_PROVIDER = "org.apache.ws.security.crypto.provider";
private static Log log = LogFactory.getLog(RampartUtil.class);
-
+
+ private static Map cryptoStore = new Hashtable();
+
+ private static class CachedCrypto {
+ private Crypto crypto;
+ private long creationTime;
+
+ public CachedCrypto(Crypto crypto, long creationTime) {
+ this.crypto = crypto;
+ this.creationTime = creationTime;
+ }
+ }
public static CallbackHandler getPasswordCB(RampartMessageData rmd) throws RampartException {
@@ -292,28 +291,74 @@
throws RampartException {
log.debug("Loading encryption crypto");
- if(config != null && config.getEncrCryptoConfig() != null) {
- CryptoConfig cryptoConfig = config.getEncrCryptoConfig();
- String provider = cryptoConfig.getProvider();
- log.debug("Usig provider: " + provider);
- Properties prop = cryptoConfig.getProp();
- prop.put(CRYPTO_PROVIDER, provider);
- return CryptoFactory.getInstance(prop, loader);
- } else {
- log.debug("Trying the signature crypto info");
-
- //Try using signature crypto infomation
- if(config != null && config.getSigCryptoConfig() != null) {
- CryptoConfig cryptoConfig = config.getSigCryptoConfig();
- String provider = cryptoConfig.getProvider();
- log.debug("Usig provider: " + provider);
- Properties prop = cryptoConfig.getProp();
- prop.put(CRYPTO_PROVIDER, provider);
- return CryptoFactory.getInstance(prop, loader);
- } else {
- return null;
- }
- }
+ if (config != null && config.getEncrCryptoConfig() != null) {
+ CryptoConfig cryptoConfig = config.getEncrCryptoConfig();
+ String provider = cryptoConfig.getProvider();
+ log.debug("Usig provider: " + provider);
+ Properties prop = cryptoConfig.getProp();
+ prop.put(CRYPTO_PROVIDER, provider);
+
+ String cryptoKey = null;
+ String interval = null;
+ if (cryptoConfig.getCryptoKey() != null) {
+ cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
+ interval = cryptoConfig.getCacheRefreshInterval();
+ }
+
+ Crypto crypto = null;
+
+ if (cryptoKey != null) {
+ // cache enabled
+ crypto = retrieveCrytpoFromCache(cryptoKey.trim() + "#" + provider.trim(), interval);
+ }
+
+ if (crypto == null) {
+ // cache miss
+ crypto = CryptoFactory.getInstance(prop, loader);
+ if (cryptoKey != null) {
+ // cache enabled - let's cache
+ cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
+ }
+ }
+ return crypto;
+
+ } else {
+ log.debug("Trying the signature crypto info");
+
+ // Try using signature crypto information
+ if (config != null && config.getSigCryptoConfig() != null) {
+ CryptoConfig cryptoConfig = config.getSigCryptoConfig();
+ String provider = cryptoConfig.getProvider();
+ log.debug("Usig provider: " + provider);
+ Properties prop = cryptoConfig.getProp();
+ prop.put(CRYPTO_PROVIDER, provider);
+ String cryptoKey = null;
+ String interval = null;
+ if (cryptoConfig.getCryptoKey() != null) {
+ cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
+ interval = cryptoConfig.getCacheRefreshInterval();
+ }
+
+ Crypto crypto = null;
+ if (cryptoKey != null) {
+ // cache enabled
+ crypto = retrieveCrytpoFromCache(cryptoKey.trim() + "#" + provider.trim(),
+ interval);
+ }
+
+ if (crypto == null) {
+ // cache miss
+ crypto = CryptoFactory.getInstance(prop, loader);
+ if (cryptoKey != null) {
+ // cache enabled - let's cache
+ cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
+ }
+ }
+ return crypto;
+ } else {
+ return null;
+ }
+ }
}
/**
@@ -328,16 +373,40 @@
throws RampartException {
log.debug("Loading Signature crypto");
- if(config != null && config.getSigCryptoConfig() != null) {
- CryptoConfig cryptoConfig = config.getSigCryptoConfig();
- String provider = cryptoConfig.getProvider();
- log.debug("Usig provider: " + provider);
- Properties prop = cryptoConfig.getProp();
- prop.put(CRYPTO_PROVIDER, provider);
- return CryptoFactory.getInstance(prop, loader);
- } else {
- return null;
- }
+ if (config != null && config.getSigCryptoConfig() != null) {
+ CryptoConfig cryptoConfig = config.getSigCryptoConfig();
+ String provider = cryptoConfig.getProvider();
+ log.debug("Usig provider: " + provider);
+ Properties prop = cryptoConfig.getProp();
+ prop.put(CRYPTO_PROVIDER, provider);
+ String cryptoKey = null;
+ String interval = null;
+ if (cryptoConfig.getCryptoKey() != null) {
+ cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
+ interval = cryptoConfig.getCacheRefreshInterval();
+ }
+
+ Crypto crypto = null;
+
+ if (cryptoKey != null) {
+ // cache enabled
+ crypto = retrieveCrytpoFromCache(cryptoKey.trim() + "#" + provider.trim(), interval);
+ }
+
+ if (crypto == null) {
+ // cache miss
+ crypto = CryptoFactory.getInstance(prop, loader);
+ if (cryptoKey != null) {
+ // cache enabled - let's cache
+ cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
+ }
+ }
+
+ return crypto;
+
+ } else {
+ return null;
+ }
}
@@ -697,7 +766,7 @@
if (msgContext.isSOAP11()) {
client.setSoapVersion(SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI);
} else {
- client.setSoapVersion(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI);
+ client.setSoapVersion(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI);
}
@@ -1610,4 +1679,47 @@
}
}
+ private static Crypto retrieveCrytpoFromCache(String cryptoKey, String refreshInterval) {
+ // cache hit
+ if (cryptoStore.containsKey(cryptoKey)) {
+ CachedCrypto cachedCrypto = (CachedCrypto) cryptoStore.get(cryptoKey);
+ if (refreshInterval != null) {
+ if (cachedCrypto.creationTime + new Long(refreshInterval).longValue() > Calendar
+ .getInstance().getTimeInMillis()) {
+ if (log.isDebugEnabled()) {
+ log.info("Cache Hit : Crypto Object was found in cache.");
+ }
+ return cachedCrypto.crypto;
+ } else {
+ if (log.isDebugEnabled()) {
+ log.info("Cache Miss : Crypto Object found in cache is expired.");
+ }
+ return null;
+ }
+ } else {
+ if (log.isDebugEnabled()) {
+ log.info("Cache Hit : Crypto Object was found in cache.");
+ }
+ return cachedCrypto.crypto;
+ }
+ }
+ // cache miss
+ else {
+ if (log.isDebugEnabled()) {
+ log.info("Cache Miss : Crypto Object was not found in cache.");
+ }
+ return null;
+ }
+ }
+
+ private static void cacheCrypto(String cryptoKey, Crypto crypto) {
+ cryptoStore.put(cryptoKey, new CachedCrypto(crypto, Calendar.getInstance()
+ .getTimeInMillis()));
+ if (log.isDebugEnabled()) {
+ log.info("Crypto object is inserted into the Cache.");
+ }
+
+ }
+
+
}
\ No newline at end of file