You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ru...@apache.org on 2007/08/19 20:38:59 UTC
svn commit: r567454 - in /webservices/rampart/trunk/java/modules:
rampart-core/src/main/java/org/apache/rampart/
rampart-core/src/main/java/org/apache/rampart/builder/
rampart-core/src/main/java/org/apache/rampart/util/ rampart-integration/
rampart-int...
Author: ruchithf
Date: Sun Aug 19 11:38:58 2007
New Revision: 567454
URL: http://svn.apache.org/viewvc?view=rev&rev=567454
Log:
Added a feature where we can use the username and password available in the Options object in creating a UsernameToken.
Added a test case into the RampartTest to test the above case (#13)
Added:
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/13.xml
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-13.xml
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
webservices/rampart/trunk/java/modules/rampart-integration/pom.xml
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-1.xml
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java?view=diff&rev=567454&r1=567453&r2=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java Sun Aug 19 11:38:58 2007
@@ -207,11 +207,6 @@
}
- if(isInitiator && this.policyData != null && this.policyData.getRampartConfig() == null) {
- //We'er missing the extra info rampart needs
- throw new RampartException("rampartConigMissing");
- }
-
if(this.policyData != null) {
//Check for RST and RSTR for an SCT
@@ -222,20 +217,22 @@
this.servicePolicy = this.policyData.getIssuerPolicy();
RampartConfig rampartConfig = policyData.getRampartConfig();
- /*
- * Copy crypto info into the new issuer policy
- */
- RampartConfig rc = new RampartConfig();
- rc.setEncrCryptoConfig(rampartConfig.getEncrCryptoConfig());
- rc.setSigCryptoConfig(rampartConfig.getSigCryptoConfig());
- rc.setDecCryptoConfig(rampartConfig.getDecCryptoConfig());
- rc.setUser(rampartConfig.getUser());
- rc.setEncryptionUser(rampartConfig.getEncryptionUser());
- rc.setPwCbClass(rampartConfig.getPwCbClass());
- rc.setSSLConfig(rampartConfig.getSSLConfig());
-
- this.servicePolicy.addAssertion(rc);
-
+ if(rampartConfig != null) {
+ /*
+ * Copy crypto info into the new issuer policy
+ */
+ RampartConfig rc = new RampartConfig();
+ rc.setEncrCryptoConfig(rampartConfig.getEncrCryptoConfig());
+ rc.setSigCryptoConfig(rampartConfig.getSigCryptoConfig());
+ rc.setDecCryptoConfig(rampartConfig.getDecCryptoConfig());
+ rc.setUser(rampartConfig.getUser());
+ rc.setEncryptionUser(rampartConfig.getEncryptionUser());
+ rc.setPwCbClass(rampartConfig.getPwCbClass());
+ rc.setSSLConfig(rampartConfig.getSSLConfig());
+
+ this.servicePolicy.addAssertion(rc);
+ }
+
List it = (List)this.servicePolicy.getAlternatives().next();
//Process policy and build policy data
@@ -518,7 +515,7 @@
}
-
+
/**
* @return Returns the tokenStorage.
*/
@@ -535,11 +532,11 @@
this.tokenStorage = storage;
} else {
- String storageClass = this.policyData.getRampartConfig()
- .getTokenStoreClass();
-
- if (storageClass != null) {
+ if (this.policyData.getRampartConfig() != null &&
+ this.policyData.getRampartConfig().getTokenStoreClass() != null) {
Class stClass = null;
+ String storageClass = this.policyData.getRampartConfig()
+ .getTokenStoreClass();
try {
stClass = Loader.loadClass(msgContext.getAxisService()
.getClassLoader(), storageClass);
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java?view=diff&rev=567454&r1=567453&r2=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java Sun Aug 19 11:38:58 2007
@@ -134,6 +134,13 @@
}
if (encryptionToken != null && encrParts.size() > 0) {
+
+ //Check for RampartConfig assertion
+ if(rpd.getRampartConfig() == null) {
+ //We'er missing the extra info rampart needs
+ throw new RampartException("rampartConigMissing");
+ }
+
if (encryptionToken.isDerivedKeys()) {
try {
this.setupEncryptedKey(rmd, encryptionToken);
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java?view=diff&rev=567454&r1=567453&r2=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java Sun Aug 19 11:38:58 2007
@@ -29,6 +29,7 @@
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.axiom.om.OMElement;
+import org.apache.axis2.client.Options;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.TrustException;
@@ -110,49 +111,63 @@
RampartPolicyData rpd = rmd.getPolicyData();
//Get the user
- String user = rpd.getRampartConfig().getUser();
+ //First try options
+ Options options = rmd.getMsgContext().getOptions();
+ String user = options.getUserName();
+ if(user == null || user.length() == 0) {
+ //Then try RampartConfig
+ if(rpd.getRampartConfig() != null) {
+ user = rpd.getRampartConfig().getUser();
+ }
+ }
+
if(user != null && !"".equals(user)) {
log.debug("User : " + user);
//Get the password
- CallbackHandler handler = RampartUtil.getPasswordCB(rmd);
+
+ //First check options object for a password
+ String password = options.getPassword();
- if(handler == null) {
- //If the callback handler is missing
- throw new RampartException("cbHandlerMissing");
+ if((password == null || password.length() == 0) &&
+ rpd.getRampartConfig() != null) {
+
+ //Then try to get the password from the given callback handler
+ CallbackHandler handler = RampartUtil.getPasswordCB(rmd);
+
+ if(handler == null) {
+ //If the callback handler is missing
+ throw new RampartException("cbHandlerMissing");
+ }
+
+ WSPasswordCallback[] cb = { new WSPasswordCallback(user,
+ WSPasswordCallback.USERNAME_TOKEN) };
+ try {
+ handler.handle(cb);
+ } catch (Exception e) {
+ throw new RampartException("errorInGettingPasswordForUser",
+ new String[]{user}, e);
+ }
+
+ //get the password
+ password = cb[0].getPassword();
}
- WSPasswordCallback[] cb = { new WSPasswordCallback(user,
- WSPasswordCallback.USERNAME_TOKEN) };
+ log.debug("Password : " + password);
- try {
- handler.handle(cb);
+ if(password != null && !"".equals(password)) {
+ //If the password is available then build the token
- //get the password
- String password = cb[0].getPassword();
+ WSSecUsernameToken utBuilder = new WSSecUsernameToken();
- log.debug("Password : " + password);
+ //TODO Get the UT type, only WS-SX spec supports this
+ utBuilder.setUserInfo(user, password);
- if(password != null && !"".equals(password)) {
- //If the password is available then build the token
-
- WSSecUsernameToken utBuilder = new WSSecUsernameToken();
-
- //TODO Get the UT type, only WS-SX spec supports this
- utBuilder.setUserInfo(user, password);
-
- return utBuilder;
- } else {
- //If there's no password then throw an exception
- throw new RampartException("noPasswordForUser",
- new String[]{user});
- }
- } catch (IOException e) {
- throw new RampartException("errorInGettingPasswordForUser",
- new String[]{user}, e);
- } catch (UnsupportedCallbackException e) {
- throw new RampartException("errorInGettingPasswordForUser",
- new String[]{user}, e);
+ return utBuilder;
+ } else {
+ //If there's no password then throw an exception
+ throw new RampartException("noPasswordForUser",
+ new String[]{user});
}
} else {
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?view=diff&rev=567454&r1=567453&r2=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java Sun Aug 19 11:38:58 2007
@@ -128,7 +128,9 @@
if(cbHandler == null) {
Parameter param = msgContext.getParameter(
WSHandlerConstants.PW_CALLBACK_REF);
- cbHandler = (CallbackHandler)param.getValue();
+ if(param != null) {
+ cbHandler = (CallbackHandler)param.getValue();
+ }
}
}
Modified: webservices/rampart/trunk/java/modules/rampart-integration/pom.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/pom.xml?view=diff&rev=567454&r1=567453&r2=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/pom.xml (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/pom.xml Sun Aug 19 11:38:58 2007
@@ -240,6 +240,12 @@
tofile="target/temp-ramp/META-INF/services.xml"/>
<jar jarfile="target/test-resources/rampart_service_repo/services/SecureService12.aar"
basedir="target/temp-ramp"/>
+ <!-- Service 13 -->
+ <copy overwrite="yes"
+ file="src/test/resources/rampart/services-13.xml"
+ tofile="target/temp-ramp/META-INF/services.xml"/>
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService13.aar"
+ basedir="target/temp-ramp"/>
<!-- Service SC-1 -->
<copy overwrite="yes"
file="src/test/resources/rampart/issuer.properties"
Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?view=diff&rev=567454&r1=567453&r2=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java Sun Aug 19 11:38:58 2007
@@ -32,8 +32,6 @@
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
-import javax.xml.namespace.QName;
-
import junit.framework.TestCase;
@@ -76,12 +74,19 @@
"Unlimited Strength Jurisdiction Policy !!!");
}
- for (int i = 1; i <= 12; i++) { //<-The number of tests we have
+ for (int i = 1; i <= 13; i++) { //<-The number of tests we have
if(!basic256Supported && (i == 3 || i == 4 || i ==5)) {
//Skip the Basic256 tests
continue;
}
Options options = new Options();
+
+ if(i == 13) {
+ //Username token created with user/pass from options
+ options.setUserName("alice");
+ options.setPassword("password");
+ }
+
System.out.println("Testing WS-Sec: custom scenario " + i);
options.setAction("urn:echo");
options.setTo(new EndpointReference("http://127.0.0.1:" +
@@ -91,8 +96,6 @@
ServiceContext context = serviceClient.getServiceContext();
context.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy("/rampart/policy/" + i + ".xml"));
- // options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
- // loadPolicy("/rampart/policy/" + i + ".xml"));
serviceClient.setOptions(options);
//Blocking invocation
Added: webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/13.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/13.xml?view=auto&rev=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/13.xml (added)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/13.xml Sun Aug 19 11:38:58 2007
@@ -0,0 +1,31 @@
+<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+<wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false"/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ </wsp:All>
+</wsp:ExactlyOne>
+</wsp:Policy>
Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-1.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-1.xml?view=diff&rev=567454&r1=567453&r2=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-1.xml (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-1.xml Sun Aug 19 11:38:58 2007
@@ -40,7 +40,6 @@
</sp:SignedSupportingTokens>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
- <ramp:user>alice</ramp:user>
<ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
</ramp:RampartConfig>
Added: webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-13.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-13.xml?view=auto&rev=567454
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-13.xml (added)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-13.xml Sun Aug 19 11:38:58 2007
@@ -0,0 +1,50 @@
+<service name="SecureService13">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false"/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+</service>