You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@beehive.apache.org by mm...@apache.org on 2004/12/03 00:18:06 UTC
svn commit: r109585 - in incubator/beehive/trunk/wsm: . external src/runtime/org/apache/beehive/wsm/axis src/runtime/org/apache/beehive/wsm/axis/security src/runtime/org/apache/beehive/wsm/axis/security/model src/runtime/schema
Author: mmerz
Date: Thu Dec 2 15:18:05 2004
New Revision: 109585
URL: http://svn.apache.org/viewcvs?view=rev&rev=109585
Log:
First shot at implementation for @SecurityRole and @SecurityIdentity. Needs some polishing, is currently disabled by default.
Contributor: Wolfgang
Added:
incubator/beehive/trunk/wsm/external/commons-codec-1.3.jar (contents, props changed)
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AuthenticationHandler.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/Role.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/SecurityModel.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/AxisSecurityModel.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryRoleImpl.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/ServletSecurityModel.java
incubator/beehive/trunk/wsm/src/runtime/schema/
incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd
Modified:
incubator/beehive/trunk/wsm/build.xml
incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AnnotatedWebServiceDeploymentHandler.java
Modified: incubator/beehive/trunk/wsm/build.xml
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/build.xml?view=diff&rev=109585&p1=incubator/beehive/trunk/wsm/build.xml&r1=109584&p2=incubator/beehive/trunk/wsm/build.xml&r2=109585
==============================================================================
--- incubator/beehive/trunk/wsm/build.xml (original)
+++ incubator/beehive/trunk/wsm/build.xml Thu Dec 2 15:18:05 2004
@@ -22,19 +22,23 @@
<condition property="isJDKOver5">
<equals arg1="${ant.java.version}" arg2="1.5"/>
</condition>
- <property name="build.dir" value="build"/>
- <property name="classes.dir" value="${build.dir}/classes"/>
- <property name="jars.dir" value="${build.dir}/jars"/>
- <property name="docs.dir" value="${build.dir}/docs"/>
+ <property name="build.dir" value="build" />
+ <property name="classes.dir" value="${build.dir}/classes" />
+ <property name="jars.dir" value="${build.dir}/jars" />
+ <property name="docs.dir" value="${build.dir}/docs" />
<property name="template.dir" value="src/webapp-template/default" />
- <property name="api.dir" value="src/api"/>
- <property name="api.classes" value="${classes.dir}/api"/>
- <property name="runtime.dir" value="src/runtime"/>
- <property name="runtime.classes" value="${classes.dir}/runtime"/>
- <property name="lib.dir" value="lib"/>
- <property name="ext.lib.dir" value="external"/>
- <property name="wsm.jar" value="${jars.dir}/wsm.jar"/>
- <property name="wsm-axis.jar" value="${jars.dir}/wsm-axis.jar"/>
+ <property name="api.dir" value="src/api" />
+ <property name="api.classes" value="${classes.dir}/api" />
+ <property name="runtime.dir" value="src/runtime" />
+ <property name="runtime.classes" value="${classes.dir}/runtime" />
+ <property name="lib.dir" value="lib" />
+ <property name="ext.lib.dir" value="external" />
+ <property name="wsm.jar" value="${jars.dir}/wsm.jar" />
+ <property name="wsm-axis.jar" value="${jars.dir}/wsm-axis.jar" />
+ <property name="xsd.schema.dir" value="src/runtime/schema" />
+ <property name="xsd.classes.dir" value="${build.dir}/xsd-classes" />
+ <property name="xsd.includes" value="*.xsd" />
+
<path id="runtime.classpath">
<pathelement location="${ant.jar}"/>
<pathelement location="${tools.jar}"/>
@@ -52,6 +56,7 @@
<include name="jaxrpc.jar"/>
<include name="commons-logging.jar"/>
<include name="commons-discovery.jar"/>
+ <include name="commons-codec-1.3.jar"/>
<include name="axis-ant.jar"/>
<include name="axis.jar"/>
</fileset>
@@ -61,6 +66,7 @@
<pathelement location="${os.JAVA_HOME}/lib/tools.jar"/>
<path refid="runtime.classpath"/>
<pathelement location="${runtime.classes}"/>
+ <pathelement location="${xsd.classes.dir}"/>
</path>
<!-- ==================================================================== -->
<!-- usage - output usage -->
@@ -108,6 +114,7 @@
<target name="dirs">
<mkdir dir="${api.classes}"/>
<mkdir dir="${runtime.classes}"/>
+ <mkdir dir="${xsd.classes.dir}"/>
<mkdir dir="${jars.dir}"/>
<mkdir dir="${docs.dir}"/>
</target>
@@ -137,7 +144,7 @@
<exclude name="**/axis/**"/>
</javac>
</target>
- <target name="axis" depends="runtime" if="isJDKOver5">
+ <target name="axis" depends="xsd,runtime" if="isJDKOver5">
<!-- makes sure controls.jar has been built -->
<ant dir="${beehive.dir}/controls" target="build"/>
<!-- Build the axis classes -->
@@ -148,6 +155,24 @@
</javac>
</target>
<!-- ==================================================================== -->
+ <!-- Generate classes from xml schemas using XMLBeans. -->
+ <!-- ==================================================================== -->
+ <target name="xsd" if="isJDKOver5" description="Compile a set of XSDs using the XMLBean Ant task">
+ <fileset id="xbean.sources" dir="${xsd.schema.dir}" includes="${xsd.includes}"/>
+ <!-- checks whether classes have already been generated. -->
+ <uptodate property="xbean.uptodate" targetfile="${xsd.classes.dir}/schema">
+ <srcfiles refid="xbean.sources"/>
+ </uptodate>
+ <antcall target="xsd.generate"/>
+ </target>
+ <target name="xsd.generate" unless="xbean.uptodate">
+ <echo message="generate"/>
+ <taskdef name="xmlbeanbuild" classname="org.apache.xmlbeans.impl.tool.XMLBean"
+ classpath="${xbean.jar};${jsr173.jar}"/>
+ <xmlbeanbuild classpath="${xbean.jar};${jsr173.jar}" schema="${xsd.schema.dir}"
+ classgendir="${xsd.classes.dir}" failonerror="true"/>
+ </target>
+ <!-- ==================================================================== -->
<!-- Jars up the classes, libraries, and resources. -->
<!-- ==================================================================== -->
<target name="build" depends="classes" if="isJDKOver5">
@@ -171,6 +196,10 @@
<jar jarfile="${wsm-axis.jar}">
<fileset dir="${runtime.classes}">
<include name="**/axis/**"/>
+ </fileset>
+ <fileset dir="${xsd.classes.dir}">
+ <include name="**/axis/**"/>
+ <include name="**/schema/**"/>
</fileset>
</jar>
<echo message="--------------------------------------------------"/>
Added: incubator/beehive/trunk/wsm/external/commons-codec-1.3.jar
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/external/commons-codec-1.3.jar?view=auto&rev=109585
==============================================================================
Binary file. No diff available.
Modified: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AnnotatedWebServiceDeploymentHandler.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AnnotatedWebServiceDeploymentHandler.java?view=diff&rev=109585&p1=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AnnotatedWebServiceDeploymentHandler.java&r1=109584&p2=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AnnotatedWebServiceDeploymentHandler.java&r2=109585
==============================================================================
--- incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AnnotatedWebServiceDeploymentHandler.java (original)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AnnotatedWebServiceDeploymentHandler.java Thu Dec 2 15:18:05 2004
@@ -51,23 +51,25 @@
* @author Sam Ruby (rubys@us.ibm.com)
* todo: fix directory structure/classloaders for output files
*/
-public class AnnotatedWebServiceDeploymentHandler extends BasicHandler {
+public class AnnotatedWebServiceDeploymentHandler extends BasicHandler
+{
protected static Log log =
- LogFactory.getLog(AnnotatedWebServiceDeploymentHandler.class.getName());
+ LogFactory.getLog(AnnotatedWebServiceDeploymentHandler.class.getName());
- protected Map<String, SOAPService> soapServices = new HashMap<String,
- SOAPService>();
+ protected Map<String, SOAPService> soapServices =
+ new HashMap<String, SOAPService>();
/**
* @param mc
* @throws AxisFault
*/
- public void invoke(MessageContext mc)
- throws AxisFault {
- try {
- SOAPService ss =
- createSOAPServiceFromAnnotatedClass(findWebServiceClass(mc));
- if (null != ss) {
+ public void invoke(MessageContext mc) throws AxisFault
+ {
+ try
+ {
+ SOAPService ss = getSOAPService(findWebServiceClass(mc));
+ if (null != ss)
+ {
ss.setEngine(mc.getAxisEngine());
mc.setService(ss);
/*
@@ -75,14 +77,17 @@
* types were still being sent even with literal Use. Forcing it
* to not send the types unless encoded.
*/
- mc.setProperty(Call.SEND_TYPE_ATTR,
- new Boolean(Use.ENCODED
- .equals(ss.getUse())));
+ mc.setProperty(
+ Call.SEND_TYPE_ATTR,
+ new Boolean(Use.ENCODED.equals(ss.getUse()))
+ );
// blow away the real path to bypass the regular JWSHandler
mc.removeProperty(Constants.MC_REALPATH);
}
- } catch (Exception e) {
+ }
+ catch (Exception e)
+ {
throw AxisFault.makeFault(e);
}
}
@@ -91,8 +96,8 @@
* @param mc
* @throws AxisFault
*/
- public void generateWSDL(MessageContext mc)
- throws AxisFault {
+ public void generateWSDL(MessageContext mc) throws AxisFault
+ {
invoke(mc);
}
@@ -101,15 +106,15 @@
* @return SOAPService
* @throws Exception
*/
- protected SOAPService createSOAPServiceFromAnnotatedClass(Class clazz)
- throws Exception {
+ protected SOAPService getSOAPService(Class clazz) throws Exception
+ {
SOAPService rpc = null;
if (null != clazz) {
rpc = soapServices.get(clazz.getName());
if (null == rpc) {
Jsr181TypeMetadata wsm =
- (Jsr181TypeMetadata) WsmReflectionAnnotationProcessor.getInstance().getObjectModel(clazz);
- rpc = createSOAPServiceUsingAnnotations(wsm, clazz);
+ (Jsr181TypeMetadata) WsmReflectionAnnotationProcessor.getInstance().getObjectModel(clazz);
+ rpc = createSOAPService(wsm, clazz);
}
}
return rpc;
@@ -121,8 +126,8 @@
* @return
* @throws Exception
*/
- protected SOAPService createSOAPServiceUsingAnnotations(Jsr181TypeMetadata wsm, Class cls)
- throws Exception {
+ protected SOAPService createSOAPService(Jsr181TypeMetadata wsm, Class cls) throws Exception
+ {
SOAPService rpc = null;
if (null != wsm) {
HandlerHandler hh = new HandlerHandler(wsm);
@@ -178,31 +183,41 @@
* @return
* @throws Exception
*/
- protected Class findWebServiceClass(MessageContext mc)
- throws Exception {
- if (null != mc) {
+ protected Class findWebServiceClass(MessageContext mc) throws Exception
+ {
+ Class result = null;
+ if (null != mc)
+ {
String relPath = mc.getStrProp(Constants.MC_RELATIVE_PATH);
- if (null != relPath) {
+ if (null != relPath)
+ {
// check to see if this is annotated class
// clean up the relative path to use as the class destination
// dir
- if ('/' == relPath.charAt(0)) {
+ if ('/' == relPath.charAt(0))
+ {
relPath = relPath.substring(1);
}
int indexOfDot = relPath.indexOf(".");
if (-1 != indexOfDot) relPath = relPath.substring(0, indexOfDot);
String clsName = relPath.replaceAll("/", ".");
- log.info("looking for webserivce in class: " + clsName);
- try {
- Class result = getClass().getClassLoader().loadClass(clsName);
- return result;
- } catch (ClassNotFoundException e) {
- log.info("class: " + clsName + " was not found by the AnnotatedWebServiceDeploymentHandler continue to the next handler. ");
- return null;
+ try
+ {
+ if (log.isDebugEnabled())
+ {
+ log.debug("looking for webserivce in class: " + clsName);
+ }
+ result = getClass().getClassLoader().loadClass(clsName);
+ }
+ catch (ClassNotFoundException e)
+ {
+ if (log.isDebugEnabled())
+ {
+ log.debug("class: " + clsName + " not found by AnnotatedWebServiceDeploymentHandler continue to the next handler. ");
+ }
}
}
}
- return null;
+ return result;
}
-
-}
+}
\ No newline at end of file
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AuthenticationHandler.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AuthenticationHandler.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/AuthenticationHandler.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,379 @@
+package org.apache.beehive.wsm.axis.handlers;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import org.apache.beehive.wsm.jsr181.model.Jsr181TypeMetadata;
+import org.apache.beehive.wsm.jsr181.model.Jsr181MethodMetadata;
+import org.apache.beehive.wsm.jsr181.model.Jsr181ParameterMetadata;
+import org.apache.beehive.wsm.jsr181.model.SecurityRolesInfo;
+import org.apache.beehive.wsm.jsr181.processor.reflection.WsmReflectionAnnotationProcessor;
+
+import org.apache.beehive.wsm.axis.security.SecurityModel;
+
+import org.apache.axis.AxisFault;
+import org.apache.axis.AxisProperties;
+import org.apache.axis.Constants;
+import org.apache.axis.MessageContext;
+import org.apache.axis.components.logger.LogFactory;
+import org.apache.axis.description.ServiceDesc;
+import org.apache.axis.description.OperationDesc;
+import org.apache.axis.description.ParameterDesc;
+import org.apache.axis.handlers.BasicHandler;
+import org.apache.axis.security.SecurityProvider;
+import org.apache.axis.security.AuthenticatedUser;
+import org.apache.axis.security.simple.SimpleSecurityProvider;
+
+import org.apache.axis.handlers.soap.SOAPService;
+
+import org.apache.axis.Message;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.lang.reflect.Method;
+
+import javax.xml.soap.Name;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPException;
+
+import org.apache.commons.logging.Log;
+
+
+/*******************************************************************************
+ *
+ *
+ */
+public class AuthenticationHandler extends BasicHandler {
+
+ protected static Log log =
+ LogFactory.getLog(AuthenticationHandler.class.getName());
+
+ /* cache Jsr181MethodMetadata objects associated with a Method object */
+ private static Map<Method, Jsr181MethodMetadata> methodCache =
+ new Hashtable<Method, Jsr181MethodMetadata>();
+
+ private SecurityModel securityModelImpl = null;
+
+ public void invoke(MessageContext msgContext) throws AxisFault
+ {
+ if (log.isDebugEnabled()) {
+ log.debug("Enter: AuthenticationHandler::invoke");
+ }
+
+ ServiceDesc serviceDesc = msgContext.getService().getServiceDescription();
+ String serviceName = serviceDesc.getName();
+ OperationDesc operationDesc = null;
+
+ // get a class object of the requested class.
+ Class clazz = loadCalledClass(msgContext);
+ if (null == clazz)
+ {
+ return; // the requested class was not found, so return. Axis will handle this.
+ }
+
+ // get a object model of the requested class.
+ Jsr181TypeMetadata wsm =
+ (Jsr181TypeMetadata) WsmReflectionAnnotationProcessor.getInstance().getObjectModel(clazz);
+ if (null == wsm)
+ {
+ return; // the request class is not annotated with @WebService. Thus, simply return.
+ }
+
+ try
+ {
+ operationDesc = getOperationDesc(msgContext);
+ }
+ catch (Exception e)
+ {
+ //todo: proper error handling
+ e.printStackTrace();
+ throw new AxisFault(e.getMessage(),e);
+ }
+
+ // FIXME:
+ // Gotta throw an exception if operationDesc is null.
+ // Otherwise, one can invoke all methods without authentication.
+ if (null == operationDesc)
+ {
+ return;
+ }
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("WsmAuthenticationHandler::invoke ( [ServiceName] : " +
+ wsm.getWsName() + " [Method] " + operationDesc.getName() + ")");
+ }
+
+ initialize(msgContext);
+
+ Jsr181MethodMetadata calledMethodMetadata = getCalledMethodMetadata(operationDesc, wsm);
+
+ if (null == calledMethodMetadata)
+ {
+ // the called method's metadata is NOT found !! weird...
+ // ( the client trys to invoke a method which is not published ? )
+ // Gotta throw an exception but just simply return for now.
+ return;
+ }
+
+ Collection<String> rolesAllowed = new ArrayList<String>();
+
+ // mix those roles up and check them is better for performance.
+ SecurityRolesInfo securityRolesInfo = calledMethodMetadata.getSecurityRoles();
+ if (null != securityRolesInfo)
+ {
+ rolesAllowed.addAll(securityRolesInfo.getRolesAllowed());
+ }
+
+ securityRolesInfo = wsm.getSecurityRoles();
+ if (null != securityRolesInfo)
+ {
+ rolesAllowed.addAll(securityRolesInfo.getRolesAllowed());
+ }
+
+ if (0 == rolesAllowed.size())
+ {
+ // Both the method and the class requested by client is not annotated
+ // with @SecurityRoles.rolesAllowed.
+ log.debug("NO SECURITY ROLE RESTRICTION ! -> OK");
+ return;
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("Required roles to access the resource.");
+ for ( String role : rolesAllowed )
+ {
+ log.debug("ROLE : " + role);
+ }
+ }
+
+ boolean result = securityModelImpl.isUserInRole(msgContext, rolesAllowed);
+
+ if (result)
+ {
+ if (log.isDebugEnabled())
+ {
+ log.debug("AUTH SUCCEEDED ! -> OK");
+ }
+ }
+ else
+ {
+ if (log.isDebugEnabled())
+ {
+ log.debug("AUTH FAILED ! -> NG");
+ }
+ throw new AxisFault("Server.Unauthenticated", "Authorization failed", null, null);
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("Exit: WsmAuthenticationHandler::invoke");
+ }
+ }
+
+ /**
+ * sets up this class. (actually, sets up a securityModel class)
+ *
+ * ( this method is not synchronized, but not critical even though called more than once.
+ *
+ * Why not use the init() method ?
+ * That's because ...
+ * Some of securityModel classes have to know the path of WEB-INF in which a config
+ * file decribing username/password/role resides.
+ * The path of WEB-INF can be obtained from only MessageContext class which is not
+ * available in the init() method but each client's request.
+ *
+ * )
+ */
+ private void initialize (MessageContext msgContext)
+ {
+ if (null != securityModelImpl)
+ {
+ return;
+ }
+
+ synchronized (this)
+ {
+ if (null == securityModelImpl)
+ {
+ String securityModel = (String) getOption("securityModel");
+ if (log.isDebugEnabled())
+ {
+ log.debug("WsmAuthenticationHandler::init securityMode ["+ securityModel +"]");
+ }
+
+ try
+ {
+ securityModelImpl = (SecurityModel) Class.forName(securityModel).newInstance();
+ securityModelImpl.init(msgContext);
+ }
+ catch (NullPointerException e)
+ {
+ log.error("The securityModel class is not specified: " + e.getMessage(), e);
+ }
+ catch (ClassNotFoundException e)
+ {
+ log.error("The securityModel ["+ securityModel +"] class specified was not found: " + e.getMessage(), e);
+ }
+ catch (InstantiationException e)
+ {
+ log.error(e.getMessage(), e);
+ }
+ catch (IllegalAccessException e)
+ {
+ log.error(e.getMessage(), e);
+ }
+
+ }
+ }
+
+ }
+
+ /**
+ * returns an OperationDesc object.
+ *
+ */
+ private OperationDesc getOperationDesc(MessageContext msgContext) throws AxisFault, SOAPException {
+
+ // The getOperation method works only in a service.
+ OperationDesc operationDesc = msgContext.getOperation();
+
+ if ( operationDesc != null ) return operationDesc;
+
+ // The sequences below are workarounds in case this handler used in a handler
+ // because the MessageContext#getOperation method doesn't work in a handler.
+
+ Message m = msgContext.getRequestMessage();
+ SOAPEnvelope env = m.getSOAPEnvelope();
+ SOAPBody body = env.getBody();
+ Iterator iter = body.getChildElements();
+ if( iter.hasNext() )
+ {
+ SOAPElement el = (SOAPElement) iter.next();
+ Name opQName = el.getElementName();
+ String opName = opQName.getLocalName();
+ SOAPService soapService = msgContext.getService();
+ if ( soapService != null )
+ {
+ ServiceDesc service = soapService.getServiceDescription();
+ if( service != null )
+ {
+ ArrayList operations = service.getOperations();
+ for( int i = 0; i < operations.size(); i++ )
+ {
+ OperationDesc op = (OperationDesc)operations.get(i);
+ if( op.getName().equals( opName)) return op;
+ }
+ }
+
+ }
+ }
+
+ return null;
+ }
+
+ /**
+ * loads a class called by client.
+ *
+ */
+ private Class loadCalledClass(MessageContext msgContext) throws AxisFault
+ {
+ ServiceDesc serviceDesc = msgContext.getService().getServiceDescription();
+ String className = (String) msgContext.getService().getOption("className");
+ String serviceName = serviceDesc.getName();
+ ClassLoader classLoader = null;
+ Class clazz = null;
+
+ try
+ {
+ classLoader = msgContext.getClassLoader();
+ clazz = classLoader.loadClass( className );
+ }
+ catch( ClassNotFoundException cnfe )
+ {
+ // ignore this exception.
+ // let Axis handle this exception.
+ log.debug("ClassNotFoundException ["+ serviceName +"]: " + cnfe.getMessage());
+ }
+ catch( Exception e)
+ {
+ throw new AxisFault(e.getMessage(),e);
+ }
+
+ return clazz;
+ }
+
+ /**
+ * return a Jsr181MethodMetadata object which is associated with a web service method invoked by a client.
+ */
+ private Jsr181MethodMetadata getCalledMethodMetadata ( OperationDesc operationDesc, Jsr181TypeMetadata wsm )
+ {
+ Method method = operationDesc.getMethod();
+
+ Jsr181MethodMetadata cachedMethod = methodCache.get(method);
+ if ( cachedMethod != null ) return cachedMethod; // method found. Thus, return it.
+
+ String calledMethod = operationDesc.getName();
+ Class[] parameterTypes = method.getParameterTypes();
+
+ Collection<Jsr181MethodMetadata> methods = wsm.getMethods();
+ for( Jsr181MethodMetadata methodMetadata : methods )
+ {
+ if( methodMetadata.getWmOperationName().equals( calledMethod ) )
+ {
+ List<Jsr181ParameterMetadata> params = methodMetadata.getParams();
+
+ if( parameterTypes.length != params.size() )
+ {
+ // doesn't match the number of parameters. Thus, skip.
+ continue;
+ }
+
+ boolean isSame = true;
+ // check each parameters's type.
+ for( int i = 0 ; i < parameterTypes.length ; i++ )
+ {
+ if ( parameterTypes[i] != params.get(i).getJavaType() )
+ {
+ // doesn't match. Set false to isSame and break.
+ isSame = false;
+ break;
+ }
+ }
+
+ if ( isSame )
+ {
+ methodCache.put(method,methodMetadata);
+ return methodMetadata;
+ }
+ }
+ }
+
+ return null;
+ }
+
+}
+
+
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/Role.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/Role.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/Role.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,32 @@
+package org.apache.beehive.wsm.axis.security;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+
+public interface Role {
+
+ public String getName();
+
+ public void setName( String name );
+
+}
+
+
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/SecurityModel.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/SecurityModel.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/SecurityModel.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,35 @@
+package org.apache.beehive.wsm.axis.security;
+
+/*
+ * Copyright 2002,2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.Collection;
+import org.apache.axis.MessageContext;
+
+public interface SecurityModel
+{
+
+ public static final String BEEHIVE_AUTHUSER= "BEEHIVE_AUTHUSER";
+
+ public void init ( MessageContext msgContext );
+
+ public boolean isUserInRole ( MessageContext msgContext, Collection<String> rolesAllowed );
+
+}
+
+
+
+
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,48 @@
+package org.apache.beehive.wsm.axis.security;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import java.util.Collection;
+
+public interface User {
+
+ public void setName ( String name );
+
+ public String getName ();
+
+ public void setPassword ( String password );
+
+ public String getPassword ();
+
+ public void setMd5 ( boolean isMd5 );
+
+ public boolean isMd5 ();
+
+ public boolean authenticate ( String password);
+
+ public void addRole( Role role );
+
+ public Role getRole ( String role );
+
+ public Collection<Role> getRoles ();
+
+}
+
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,41 @@
+package org.apache.beehive.wsm.axis.security;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import java.util.Collection;
+
+public interface UserList {
+
+ public void addUser ( User user );
+
+ public User getUser ( String name );
+
+ public Collection<User> getUsers ();
+
+
+ public void addRole ( Role role );
+
+ public Role getRole ( String role );
+
+ public Collection<Role> getRoles ();
+
+}
+
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/AxisSecurityModel.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/AxisSecurityModel.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/AxisSecurityModel.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,112 @@
+package org.apache.beehive.wsm.axis.security.model;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import java.util.Collection;
+
+
+import org.apache.beehive.wsm.axis.security.SecurityModel ;
+
+import org.apache.axis.MessageContext;
+import org.apache.axis.components.logger.LogFactory;
+import org.apache.axis.security.AuthenticatedUser;
+import org.apache.axis.security.SecurityProvider;
+import org.apache.axis.security.simple.SimpleSecurityProvider;
+import org.apache.axis.security.servlet.ServletSecurityProvider;
+import org.apache.commons.logging.Log;
+
+public class AxisSecurityModel implements SecurityModel {
+
+ protected static Log log =
+ LogFactory.getLog(AxisSecurityModel.class.getName());
+
+ public void init ( MessageContext msgContext )
+ {
+ // do nothing
+ }
+
+ /**
+ * mostly copied from org/apache/axis/handlers/SimpleAuthenticationHandler.java
+ */
+ public boolean isUserInRole ( MessageContext msgContext, Collection<String> rolesAllowed ){
+
+ if (log.isDebugEnabled()) {
+ log.debug("Enter: AxisSecurityModel::isUserInRole");
+ }
+
+ SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER);
+ if ( provider instanceof ServletSecurityProvider )
+ {
+ // SecurityProvider must not be an instance of ServletSecurityProvider for AxisSecurityModel.
+ // Thus, provides SimpleSecurityProvider forcelly.
+ provider = new SimpleSecurityProvider();
+ }
+
+ if (provider != null) {
+ String userID = msgContext.getUsername();
+ if (log.isDebugEnabled()) {
+ log.debug("user : " + userID );
+ }
+
+ // in order to authenticate, the user must exist
+ if ( userID == null || userID.equals("") )
+ {
+ log.debug("userID is null");
+ return false;
+ }
+
+ String passwd = msgContext.getPassword();
+ if (log.isDebugEnabled()) {
+ log.debug("password : " + passwd );
+ }
+
+ AuthenticatedUser authUser = provider.authenticate(msgContext);
+
+ // if a password is defined, then it must match
+ if ( authUser == null) {
+ log.debug("authuser is null");
+ return false;
+ }
+
+ for ( String role : rolesAllowed )
+ {
+ if (provider.userMatches( authUser, role ) )
+ {
+ // BINGO !!
+
+ if (log.isDebugEnabled()) {
+ log.debug( "auth : " + userID + " is in role [" + role + "]");
+ }
+ msgContext.setProperty(SecurityModel.BEEHIVE_AUTHUSER, authUser);
+ return true;
+ }
+ }
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("Exit: AxisSecurityModel::isUserInRole");
+ }
+
+ return false;
+ }
+
+
+}
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,215 @@
+package org.apache.beehive.wsm.axis.security.model;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import java.util.Collection;
+import java.util.Iterator;
+import java.io.File;
+
+import org.apache.beehive.wsm.axis.security.User;
+import org.apache.beehive.wsm.axis.security.UserList;
+import org.apache.beehive.wsm.axis.security.Role;
+
+import org.apache.beehive.wsm.axis.security.xmlbeans.BeehiveRoleDocument;
+import org.apache.beehive.wsm.axis.security.xmlbeans.BeehiveRoleDocument.BeehiveRole;
+import org.apache.beehive.wsm.axis.security.SecurityModel;
+
+import org.apache.axis.Constants;
+import org.apache.axis.MessageContext;
+import org.apache.axis.components.logger.LogFactory;
+import org.apache.axis.security.AuthenticatedUser;
+import org.apache.axis.security.SecurityProvider;
+import org.apache.axis.security.simple.SimpleSecurityProvider;
+import org.apache.commons.logging.Log;
+
+public class BeehiveMemorySecurityModel implements SecurityModel {
+
+ protected static Log log =
+ LogFactory.getLog(BeehiveMemorySecurityModel.class.getName());
+
+ private static final String BEEHIVE_ROLE_FILE = "beehive-role.xml";
+
+ // a user list is per web application. Thus, it's fine to be a class variable.
+ private static UserList userList = null;
+
+ public void init ( MessageContext msgContext )
+ {
+
+ if (log.isDebugEnabled()) {
+ log.debug("Enter: BeehiveMemorySecurityModel::init");
+ }
+
+ if ( userList != null )
+ {
+ // userList has already been instantiated.
+ return;
+ }
+
+ synchronized ( BeehiveMemorySecurityModel.class )
+ {
+
+ if ( userList == null )
+ {
+
+ String configPath = msgContext.getStrProp(Constants.MC_CONFIGPATH);
+ if ( configPath == null )
+ {
+ configPath = "";
+ }
+ else
+ {
+ configPath += File.separator;
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("BEEHIVE_ROLE_FILE : " + configPath + BEEHIVE_ROLE_FILE );
+ }
+
+ BeehiveRole beehiveRole = null;
+
+ try{
+ BeehiveRoleDocument brd = BeehiveRoleDocument.Factory.parse( new File ( configPath + BEEHIVE_ROLE_FILE ) );
+ beehiveRole = brd.getBeehiveRole();
+ }catch(Exception e){
+ log.error("BeehiveRoleDocument couldn't parse the file ("+ configPath + BEEHIVE_ROLE_FILE +") : " + e.getMessage(), e);
+ return;
+ }
+
+ // for temporary
+ UserList userList_ = new MemoryUserListImpl();
+
+ for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() )
+ {
+ MemoryRoleImpl memoryRole = new MemoryRoleImpl();
+ memoryRole.setName ( role.getName() );
+
+ userList_.addRole( memoryRole );
+ }
+
+ for( org.apache.beehive.wsm.axis.security.xmlbeans.User user : beehiveRole.getUserArray() )
+ {
+ MemoryUserImpl memoryUser = new MemoryUserImpl();
+ memoryUser.setName ( user.getName() );
+ memoryUser.setPassword ( user.getPassword() );
+ memoryUser.setMd5 ( user.getMd5() );
+
+ for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() )
+ {
+ for ( String userName : role.getUserArray() )
+ {
+ if ( userName.equals( user.getName() ) ) {
+ Role memoryRole = userList_.getRole( role.getName() );
+ if ( memoryRole != null )
+ {
+ if (log.isDebugEnabled()) {
+ log.debug("USER : " + memoryUser.getName() + " in ROLE : " + memoryRole.getName() );
+ }
+ memoryUser.addRole( memoryRole );
+ }
+ }
+ }
+ }
+ userList_.addUser ( memoryUser );
+ }
+
+ // finally set the temporary userList_ to the class variable.
+ userList = userList_;
+ }
+
+ } // synchronized
+
+ if (log.isDebugEnabled()) {
+ log.debug("Exit : BeehiveMemorySecurityModel::init");
+ }
+ }
+
+ public boolean isUserInRole ( MessageContext msgContext, Collection<String> rolesAllowed ){
+
+ if (log.isDebugEnabled()) {
+ log.debug("Enter: BeehiveMemorySecurityModel::isUserInRole");
+ }
+
+ String username = msgContext.getUsername();
+
+ if (log.isDebugEnabled()) {
+ log.debug("username from client : " + username);
+ }
+
+ if ( username == null ){
+ return false; // user didn't specify username.
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("username from client : " + username);
+ }
+
+ User user = userList.getUser ( username );
+
+
+ if ( user == null ) {
+ if (log.isDebugEnabled()) {
+ log.debug("user returned from userList is null");
+ }
+ return false; // user doesn't exist.
+ }
+
+ if ( ! user.authenticate( msgContext.getPassword() ) )
+ {
+ if (log.isDebugEnabled()) {
+ log.debug("authenticate failed");
+ }
+ return false; // password doesn't match.
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("authenticate passed (" + username + ")");
+ }
+
+ for ( Role role : user.getRoles() )
+ {
+
+ if (log.isDebugEnabled()) {
+ log.debug("user [" + user.getName() + "] role ["+ role.getName() +"]");
+ }
+
+ for ( String roleAllowed : rolesAllowed )
+ {
+ if ( role.getName().equals( roleAllowed ) )
+ {
+ if (log.isDebugEnabled()) {
+ log.debug( "auth : " + user.getName()+ " is in role [" + roleAllowed + "]");
+ }
+ msgContext.setProperty(SecurityModel.BEEHIVE_AUTHUSER, user);
+ return true;
+ }
+ }
+
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("Exit: BeehiveMemorySecurityModel::isUserInRole");
+ }
+
+ return false;
+ }
+
+
+}
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryRoleImpl.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryRoleImpl.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryRoleImpl.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,45 @@
+package org.apache.beehive.wsm.axis.security.model;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import org.apache.beehive.wsm.axis.security.Role;
+
+public class MemoryRoleImpl implements Role {
+
+ private String name;
+
+ public MemoryRoleImpl ()
+ {
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public void setName( String name )
+ {
+ this.name = name;
+ }
+
+}
+
+
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,119 @@
+package org.apache.beehive.wsm.axis.security.model;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import java.util.Collection;
+import java.util.Hashtable;
+import java.util.Map;
+
+import org.apache.commons.codec.digest.DigestUtils;
+
+import org.apache.beehive.wsm.axis.security.User;
+import org.apache.beehive.wsm.axis.security.UserList;
+import org.apache.beehive.wsm.axis.security.Role;
+
+
+public class MemoryUserImpl implements User {
+
+ private String name;
+ private String password;
+ private boolean md5;
+
+ private Map<String,Role> roles;
+
+ public MemoryUserImpl ()
+ {
+ roles = new Hashtable<String,Role>();
+ }
+
+ public void setName ( String name )
+ {
+ this.name = name;
+ }
+
+ public String getName ()
+ {
+ return name;
+ }
+
+ public void setPassword ( String password )
+ {
+ this.password = password;
+ }
+
+ public String getPassword ()
+ {
+ return password;
+ }
+
+ public void setMd5 ( boolean isMd5 )
+ {
+ this.md5 = isMd5;
+ }
+
+ public boolean isMd5 ()
+ {
+ return md5;
+ }
+
+ public boolean authenticate ( String password )
+ {
+ try{
+ if ( ( this.password == null ) && ( password == null ) ){
+ // if both null, returns true; Probably a user intentionally set null for both.
+ return true;
+ }
+
+ if ( isMd5() )
+ {
+ // todo: implement in case md5 is used.
+ if ( this.password.equals( DigestUtils.md5Hex(password)) )
+ return true;
+ }
+ else
+ {
+ if ( this.password.equals( password ) )
+ return true;
+ }
+ }catch(NullPointerException npe){
+ return false;
+ }
+
+ return false;
+
+ }
+
+ public void addRole( Role role )
+ {
+ roles.put(role.getName(), role);
+ }
+
+ public Role getRole ( String role )
+ {
+ return roles.get(role);
+ }
+
+ public Collection<Role> getRoles ()
+ {
+ return roles.values();
+ }
+
+}
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,74 @@
+package org.apache.beehive.wsm.axis.security.model;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import java.util.Collection;
+import java.util.Hashtable;
+import java.util.Map;
+
+import org.apache.beehive.wsm.axis.security.User;
+import org.apache.beehive.wsm.axis.security.UserList;
+import org.apache.beehive.wsm.axis.security.Role;
+
+public class MemoryUserListImpl implements UserList {
+
+ private Map<String,User> users;
+ private Map<String,Role> roles;
+
+ public MemoryUserListImpl()
+ {
+ users = new Hashtable<String,User>();
+ roles = new Hashtable<String,Role>();
+ }
+
+ public void addUser ( User user )
+ {
+ users.put(user.getName(), user);
+ }
+
+ public User getUser ( String name )
+ {
+ return users.get( name );
+ }
+
+ public Collection<User> getUsers ()
+ {
+ return users.values();
+ }
+
+
+ public void addRole ( Role role )
+ {
+ roles.put(role.getName(), role);
+ }
+
+ public Role getRole ( String role )
+ {
+ return roles.get( role );
+ }
+
+ public Collection<Role> getRoles ()
+ {
+ return roles.values();
+ }
+
+}
+
Added: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/ServletSecurityModel.java
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/ServletSecurityModel.java?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/ServletSecurityModel.java Thu Dec 2 15:18:05 2004
@@ -0,0 +1,108 @@
+package org.apache.beehive.wsm.axis.security.model;
+
+/*
+ * DropInDeploymentHandler.java
+ *
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import java.util.Collection;
+
+import org.apache.beehive.wsm.axis.security.SecurityModel ;
+
+import org.apache.axis.MessageContext;
+import org.apache.axis.components.logger.LogFactory;
+import org.apache.axis.security.AuthenticatedUser;
+import org.apache.axis.security.SecurityProvider;
+import org.apache.axis.security.simple.SimpleSecurityProvider;
+import org.apache.commons.logging.Log;
+
+public class ServletSecurityModel implements SecurityModel {
+
+ protected static Log log =
+ LogFactory.getLog(ServletSecurityModel.class.getName());
+
+ public void init ( MessageContext msgContext )
+ {
+ // do nothing
+ }
+
+ /**
+ * mostly copied from org/apache/axis/handlers/SimpleAuthenticationHandler.java
+ */
+ public boolean isUserInRole ( MessageContext msgContext, Collection<String> rolesAllowed ){
+
+ if (log.isDebugEnabled()) {
+ log.debug("Enter: ServletSecurityModel::isUserInRole");
+ }
+
+ SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER);
+ if (provider == null) {
+ provider = new SimpleSecurityProvider();
+ msgContext.setProperty(MessageContext.SECURITY_PROVIDER, provider);
+ }
+
+ if (provider != null) {
+ String userID = msgContext.getUsername();
+ if (log.isDebugEnabled()) {
+ log.debug("user : " + userID );
+ }
+
+ // in order to authenticate, the user must exist
+ if ( userID == null || userID.equals("") )
+ {
+ log.debug("userID is null");
+ return false;
+ }
+
+ String passwd = msgContext.getPassword();
+ if (log.isDebugEnabled()) {
+ log.debug("password : " + passwd );
+ }
+
+ AuthenticatedUser authUser = provider.authenticate(msgContext);
+
+ // if a password is defined, then it must match
+ if ( authUser == null) {
+ log.debug("authuser is null");
+ return false;
+ }
+
+ for ( String role : rolesAllowed )
+ {
+ if (provider.userMatches( authUser, role ) )
+ {
+ // BINGO !!
+
+ if (log.isDebugEnabled()) {
+ log.debug( "auth : " + userID + " is in role [" + role + "]");
+ }
+ msgContext.setProperty(SecurityModel.BEEHIVE_AUTHUSER, authUser);
+ return true;
+ }
+ }
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("Exit: ServletSecurityModel::isUserInRole");
+ }
+
+ return false;
+ }
+
+
+}
Added: incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd
Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd?view=auto&rev=109585
==============================================================================
--- (empty file)
+++ incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd Thu Dec 2 15:18:05 2004
@@ -0,0 +1,43 @@
+<!-- Copyright 2004 The Apache Software Foundation
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. -->
+<xs:schema
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:bh="http://www.apache.org/beehive/wsm/axis/security/xmlbeans"
+ targetNamespace="http://www.apache.org/beehive/wsm/axis/security/xmlbeans"
+ elementFormDefault="qualified">
+
+ <xs:element name="beehive-role">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="role" type="bh:role" minOccurs="0" maxOccurs="unbounded" />
+ <xs:element name="user" type="bh:user" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:complexType name="role">
+ <xs:sequence>
+ <xs:element name="user" type="xs:string" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" />
+ </xs:complexType>
+
+ <xs:complexType name="user">
+ <xs:attribute name="name" type="xs:string" />
+ <xs:attribute name="password" type="xs:string" />
+ <xs:attribute name="md5" type="xs:boolean" default="false" />
+ </xs:complexType>
+
+</xs:schema>
+