You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2014/07/25 18:07:10 UTC
svn commit: r1613458 - in
/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto:
ThreadLocalSecurityProvider.java WSProviderConfig.java
Author: coheigea
Date: Fri Jul 25 16:07:10 2014
New Revision: 1613458
URL: http://svn.apache.org/r1613458
Log:
[WSS-507] - ThreadLocal based Security Provider proxy. Thanks to Alessio Soldano for the patch
Added:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ThreadLocalSecurityProvider.java
Modified:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/WSProviderConfig.java
Added: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ThreadLocalSecurityProvider.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ThreadLocalSecurityProvider.java?rev=1613458&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ThreadLocalSecurityProvider.java (added)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ThreadLocalSecurityProvider.java Fri Jul 25 16:07:10 2014
@@ -0,0 +1,188 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common.crypto;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.Provider;
+import java.security.Security;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.Map;
+import java.util.Set;
+
+public class ThreadLocalSecurityProvider extends Provider {
+
+ private static final long serialVersionUID = 3556396671069994931L;
+ private static final String NAME = "TLSP";
+ private static final ThreadLocal<Provider> provider = new ThreadLocal<Provider>();
+ private static boolean installed = false;
+
+ public static synchronized void install() {
+ Security.insertProviderAt(new ThreadLocalSecurityProvider(),
+ Security.getProviders().length);
+ installed = true;
+ }
+
+ public static synchronized void uninstall() {
+ Security.removeProvider(NAME);
+ installed = false;
+ }
+
+ public static boolean isInstalled() {
+ return installed;
+ }
+
+ private ThreadLocalSecurityProvider() {
+ super(NAME, 1.00, "ThreadLocal Security Provider");
+ }
+
+ public static void setProvider(Provider p) {
+ provider.set(p);
+ }
+
+ public static void unsetProvider() {
+ provider.remove();
+ }
+
+ private Provider getProvider() {
+ return provider.get();
+ }
+
+ public void clear() {
+ Provider p = getProvider();
+ if (p != null) {
+ p.clear();
+ }
+ }
+
+ public void load(InputStream inStream) throws IOException {
+ Provider p = getProvider();
+ if (p != null) {
+ p.load(inStream);
+ }
+ }
+
+ public void putAll(Map<?, ?> t) {
+ Provider p = getProvider();
+ if (p != null) {
+ p.putAll(t);
+ }
+ }
+
+ public Set<Map.Entry<Object, Object>> entrySet() {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.entrySet();
+ } else {
+ return Collections.emptySet();
+ }
+ }
+
+ public Set<Object> keySet() {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.keySet();
+ } else {
+ return Collections.emptySet();
+ }
+ }
+
+ public Collection<Object> values() {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.values();
+ } else {
+ return Collections.emptyList();
+ }
+ }
+
+ public Object put(Object key, Object value) {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.put(key, value);
+ } else {
+ return null;
+ }
+ }
+
+ public Object remove(Object key) {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.remove(key);
+ } else {
+ return null;
+ }
+ }
+
+ public Object get(Object key) {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.get(key);
+ } else {
+ return null;
+ }
+ }
+
+ public Enumeration<Object> keys() {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.keys();
+ } else {
+ return Collections.emptyEnumeration();
+ }
+ }
+
+ public Enumeration<Object> elements() {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.elements();
+ } else {
+ return Collections.emptyEnumeration();
+ }
+ }
+
+ public String getProperty(String key) {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.getProperty(key);
+ } else {
+ return null;
+ }
+ }
+
+ public Service getService(String type, String algorithm) {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.getService(type, algorithm);
+ } else {
+ return null;
+ }
+ }
+
+ public Set<Service> getServices() {
+ Provider p = getProvider();
+ if (p != null) {
+ return p.getServices();
+ } else {
+ return null;
+ }
+ }
+}
\ No newline at end of file
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/WSProviderConfig.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/WSProviderConfig.java?rev=1613458&r1=1613457&r2=1613458&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/WSProviderConfig.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/WSProviderConfig.java Fri Jul 25 16:07:10 2014
@@ -73,7 +73,7 @@ public final class WSProviderConfig {
// Santuario. This can be removed when we pick up BouncyCastle 1.51+
if (bcProviderStr != null) {
Provider bcProvider = Security.getProvider(bcProviderStr);
- if (bcProvider.getInfo().contains("v1.49")) {
+ if (bcProvider.getVersion() < 1.50) {
useIvParameterSpec();
}
}
@@ -85,6 +85,47 @@ public final class WSProviderConfig {
}
}
+ public static synchronized void init(boolean addXMLDSigRIInternalProv, boolean addBCProv, boolean addTLProv) {
+ if (!staticallyInitialized) {
+ initializeResourceBundles();
+ setXmlSecIgnoreLineBreak();
+ if (addXMLDSigRIInternalProv) {
+ AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ addXMLDSigRIInternal();
+ return true;
+ }
+ });
+ }
+ if (addBCProv) {
+ AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ String bcProviderStr =
+ addJceProvider("BC", "org.bouncycastle.jce.provider.BouncyCastleProvider");
+ // If we have BouncyCastle v1.49 installed then use IvParameterSpec in
+ // Santuario. This can be removed when we pick up BouncyCastle 1.51+
+ if (bcProviderStr != null) {
+ Provider bcProvider = Security.getProvider(bcProviderStr);
+ if (bcProvider.getVersion() < 1.50) {
+ useIvParameterSpec();
+ }
+ }
+ return true;
+ }
+ });
+ }
+ if (addTLProv) {
+ AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ ThreadLocalSecurityProvider.install();
+ return true;
+ }
+ });
+ }
+ staticallyInitialized = true;
+ }
+ }
+
/**
* Set the value of the internal addJceProviders flag. This flag
* turns on (or off) automatic registration of known JCE providers