You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ru...@apache.org on 2005/09/18 00:31:14 UTC
svn commit: r289858 - in /webservices/axis2/trunk/java/modules:
integration/src/org/apache/axis2/interopt/whitemesa/round2/util/soap12/
integration/test-resources/security/ samples/resources/security/
samples/src/sample/security/META-INF/ security/src/...
Author: ruchithf
Date: Sat Sep 17 15:23:55 2005
New Revision: 289858
URL: http://svn.apache.org/viewcvs?rev=289858&view=rev
Log:
Updated security module to be activated by a service/client that requires WS-Security functionality. When the security module is engaged (globally) if a certain service/client requires it to be activated on the inflow or the outflow <parameter name='InflowSecurity'>on</parameter> or <parameter name='OutflowSecurity'>on</parameter> set accordingly in the services.xml or axis2.xml respectively. To turn any of the options off set the paramter value to 'off'
Modified:
webservices/axis2/trunk/java/modules/integration/src/org/apache/axis2/interopt/whitemesa/round2/util/soap12/Round2Soap12StringUtil.java
webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.service.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.service.xml
webservices/axis2/trunk/java/modules/samples/resources/security/README.txt
webservices/axis2/trunk/java/modules/samples/resources/security/client.axis2.xml
webservices/axis2/trunk/java/modules/samples/src/sample/security/META-INF/services.xml
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllReceiver.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/WSHandlerConstantsMapper.java
Modified: webservices/axis2/trunk/java/modules/integration/src/org/apache/axis2/interopt/whitemesa/round2/util/soap12/Round2Soap12StringUtil.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/src/org/apache/axis2/interopt/whitemesa/round2/util/soap12/Round2Soap12StringUtil.java?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/src/org/apache/axis2/interopt/whitemesa/round2/util/soap12/Round2Soap12StringUtil.java (original)
+++ webservices/axis2/trunk/java/modules/integration/src/org/apache/axis2/interopt/whitemesa/round2/util/soap12/Round2Soap12StringUtil.java Sat Sep 17 15:23:55 2005
@@ -1,5 +1,6 @@
-package org.apache.axis2.interopt.whitemesa.round2.util;
+package org.apache.axis2.interopt.whitemesa.round2.util.soap12;
//org.apache.axis2.interopt.whitemesa.round2.util
+import org.apache.axis2.interopt.whitemesa.round2.util.SunRound2ClientUtil;
import org.apache.axis2.om.OMAbstractFactory;
import org.apache.axis2.om.OMElement;
import org.apache.axis2.soap.SOAPBody;
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -9,10 +9,10 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Test with addressing and MTOM: Client's Configuration:START-->
+
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">Timestamp Signature Encrypt</parameter>
<parameter name="user" locked="false">alice</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/complete.service.xml Sat Sep 17 15:23:55 2005
@@ -5,6 +5,9 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
+
<parameter name="InAction" locked="false">Timestamp Signature Encrypt</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,17 +7,14 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 1: Client's Configuration:START-->
+ <parameter name="InflowSecurity">off</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">UsernameToken</parameter>
<parameter name="user" locked="false">Chris</parameter>
<parameter name="OutPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="passwordType" locked="false">PasswordText</parameter>
-
- <parameter name="InAction" locked="false">NoSecurity</parameter>
<!-- Scenario 1: Client's Configuration:END-->
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml Sat Sep 17 15:23:55 2005
@@ -5,9 +5,10 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">off</parameter>
+
<parameter name="InAction" locked="false">UsernameToken</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
-
- <parameter name="OutAction" locked="false">NoSecurity</parameter>
</service>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,11 +7,11 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to the normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 2: Client's Configuration:START-->
+ <parameter name="OutflowSecurity">on</parameter>
+ <parameter name="InflowSecurity">off</parameter>
+
<parameter name="OutAction" locked="false">UsernameToken Encrypt</parameter>
<parameter name="user" locked="false">Chris</parameter>
<parameter name="addUTElements" locked="false">Nonce Created</parameter>
@@ -21,8 +21,6 @@
<parameter name="OutPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="passwordType" locked="false">PasswordText</parameter>
<parameter name="encryptionKeyIdentifier" locked="false">SKIKeyIdentifier</parameter>
-
- <parameter name="InAction" locked="false">NoSecurity</parameter>
<!-- Scenario 2: Client's Configuration:END-->
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s2.service.xml Sat Sep 17 15:23:55 2005
@@ -5,10 +5,11 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">off</parameter>
+
<parameter name="InAction" locked="false">UsernameToken Encrypt</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="decryptionPropFile" locked="false">interop.properties</parameter>
-
- <parameter name="OutAction" locked="false">NoSecurity</parameter>
</service>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,11 +7,11 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 2: Client's Configuration:START-->
+ <parameter name="OutflowSecurity">on</parameter>
+ <parameter name="InflowSecurity">off</parameter>
+
<parameter name="OutAction" locked="false">UsernameTokenSignature Encrypt Timestamp</parameter>
<parameter name="user" locked="false">Chris</parameter>
<parameter name="encryptionParts" locked="false">{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</parameter>
@@ -19,8 +19,6 @@
<parameter name="encryptionPropFile" locked="false">interop.properties</parameter>
<parameter name="OutPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="encryptionKeyIdentifier" locked="false">SKIKeyIdentifier</parameter>
-
- <parameter name="InAction" locked="false">NoSecurity</parameter>
<!-- Scenario 2: Client's Configuration:END-->
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s2a.service.xml Sat Sep 17 15:23:55 2005
@@ -5,9 +5,11 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">off</parameter>
+
<parameter name="InAction" locked="false">UsernameTokenSignature UsernameToken Encrypt Timestamp</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="decryptionPropFile" locked="false">interop.properties</parameter>
- <parameter name="OutAction" locked="false">NoSecurity</parameter>
</service>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,10 +7,10 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 3: Client's Configuration:START-->
+
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="user" locked="false">alice</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.service.xml Sat Sep 17 15:23:55 2005
@@ -5,6 +5,9 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
+
<parameter name="InAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,10 +7,10 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 4: Client's Configuration:START-->
+
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="user" locked="false">alice</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s4.service.xml Sat Sep 17 15:23:55 2005
@@ -5,6 +5,9 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
+
<parameter name="InAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,11 +7,11 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 5: Client's Configuration:START-->
+ <parameter name="OutflowSecurity">on</parameter>
+ <parameter name="InflowSecurity">off</parameter>
+
<parameter name="OutAction" locked="false">Signature NoSerialization</parameter>
<parameter name="user" locked="false">alice</parameter>
<parameter name="OutPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
@@ -27,8 +27,6 @@
<parameter name="OutAction1" locked="false">Signature Timestamp</parameter>
<parameter name="OutPasswordCallbackClass1" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="OutSignaturePropFile1" locked="false">interop.properties</parameter>
-
- <parameter name="InAction" locked="false">NoSecurity</parameter>
<!-- Scenario 5: Client's Configuration:END-->
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s5.service.xml Sat Sep 17 15:23:55 2005
@@ -5,9 +5,11 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">off</parameter>
+
<parameter name="InAction" locked="false">Signature Signature Timestamp</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
- <parameter name="OutAction" locked="false">NoSecurity</parameter>
</service>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,10 +7,10 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 6: Client's Configuration:START-->
+
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">Encrypt Signature Timestamp</parameter>
<parameter name="user" locked="false">alice</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s6.service.xml Sat Sep 17 15:23:55 2005
@@ -5,6 +5,9 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
+
<parameter name="InAction" locked="false">Encrypt Signature Timestamp</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,10 +7,10 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 7: Client's Configuration:START-->
+
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="user" locked="false">alice</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s7.service.xml Sat Sep 17 15:23:55 2005
@@ -3,7 +3,10 @@
<!--Mounting the method Ping-->
<operation name="Ping">
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
- </operation>
+ </operation>
+
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="InAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,15 +7,15 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario ST1: Client's Configuration:START-->
+
+ <parameter name="OutflowSecurity">on</parameter>
+ <parameter name="InflowSecurity">off</parameter>
+
<parameter name="OutAction" locked="false">Timestamp SAMLTokenUnsigned</parameter>
<parameter name="samlPropFile" locked="false">axis2.saml.properties</parameter>
- <parameter name="InAction" locked="false">NoSecurity</parameter>
<!-- Scenario ST1: Client's Configuration:END-->
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/sST1.service.xml Sat Sep 17 15:23:55 2005
@@ -5,8 +5,10 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">off</parameter>
+
<parameter name="InAction" locked="false">Timestamp SAMLTokenUnsigned</parameter>
- <parameter name="OutAction" locked="false">NoSecurity</parameter>
</service>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -7,10 +7,10 @@
<!-- Engage the security module -->
<module ref="security"/>
- <!-- This is only till we get the service specific parameters fixed in service.xml -->
- <!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
-
<!-- Scenario 3 with MTOM: Client's Configuration:START-->
+
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="user" locked="false">alice</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.service.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.service.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.service.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/secMtom.service.xml Sat Sep 17 15:23:55 2005
@@ -5,6 +5,9 @@
<messageReceiver class="org.apache.axis2.oasis.ping.PingPortMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
+
<parameter name="InAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
Modified: webservices/axis2/trunk/java/modules/samples/resources/security/README.txt
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/samples/resources/security/README.txt?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/resources/security/README.txt (original)
+++ webservices/axis2/trunk/java/modules/samples/resources/security/README.txt Sat Sep 17 15:23:55 2005
@@ -13,7 +13,6 @@
1.) To engage the security (WSS4J) module add the following line to axis2.xml in axis
<module ref="security"/>
- IMPORTANT: Please read [NOTE 1]
2.) Copy samples/security/SecureService.aar to axis2/WEB-INF/services/ directory
3.) Copy samples/security/secUtil.jar to axis2/WEB-INF/lib/
4.) Start Tomcat
@@ -35,13 +34,3 @@
Total time: XX seconds
If you want to see the signed and encrypted messages fireup tcpmon and change the securitySample ant task in the samples directory to set the required port number.
-
-------------------------------------------------------------------------------
-NOTE 1: When the WSS4J module is engaged it will be engaged globally. Then all services will require them to be provide configuration parameters for the security module. If a certain service(s) does not require any WS-Security functionality the relevant services.xml file should contain the following entries for service(s) in defined.
-
- <parameter name="OutAction" locked="false">NoSecurity</parameter>
- <parameter name="InAction" locked="false">NoSecurity</parameter>
-
-The above two lines will disable the WSS4J module for the defined scope.
-
-
Modified: webservices/axis2/trunk/java/modules/samples/resources/security/client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/samples/resources/security/client.axis2.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/resources/security/client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/samples/resources/security/client.axis2.xml Sat Sep 17 15:23:55 2005
@@ -13,6 +13,8 @@
<!-- Also we can switch back to hte normal parameter names when we can seperately assign them to the flows -->
<!-- Test with addressing and MTOM: Client's Configuration:START-->
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
<parameter name="OutAction" locked="false">Timestamp Signature Encrypt</parameter>
<parameter name="user" locked="false">alice</parameter>
Modified: webservices/axis2/trunk/java/modules/samples/src/sample/security/META-INF/services.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/samples/src/sample/security/META-INF/services.xml?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/src/sample/security/META-INF/services.xml (original)
+++ webservices/axis2/trunk/java/modules/samples/src/sample/security/META-INF/services.xml Sat Sep 17 15:23:55 2005
@@ -4,6 +4,9 @@
<messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
</operation>
+ <parameter name="InflowSecurity">on</parameter>
+ <parameter name="OutflowSecurity">on</parameter>
+
<parameter name="InAction" locked="false">Timestamp Signature Encrypt</parameter>
<parameter name="InPasswordCallbackClass" locked="false">sample.security.PWCallback</parameter>
<parameter name="InSignaturePropFile" locked="false">sec.properties</parameter>
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllReceiver.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllReceiver.java?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllReceiver.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllReceiver.java Sat Sep 17 15:23:55 2005
@@ -16,6 +16,12 @@
package org.apache.axis2.security;
+import java.security.cert.X509Certificate;
+import java.util.Iterator;
+import java.util.Vector;
+
+import javax.security.auth.callback.CallbackHandler;
+
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.om.OMException;
@@ -38,11 +44,6 @@
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
-import javax.security.auth.callback.CallbackHandler;
-import java.security.cert.X509Certificate;
-import java.util.Iterator;
-import java.util.Vector;
-
public class WSDoAllReceiver extends WSDoAllHandler {
protected static Log log = LogFactory.getLog(WSDoAllReceiver.class.getName());
@@ -63,6 +64,18 @@
try {
reqData.setMsgContext(msgContext);
+
+ //Figureout if the handler should run
+ String inFlowSecurity = null;
+ if((inFlowSecurity = (String) getOption(WSSHandlerConstants.INFLOW_SECURITY)) == null) {
+ inFlowSecurity = (String) getProperty(msgContext, WSSHandlerConstants.INFLOW_SECURITY);
+ }
+ //If the option is not specified or if it is set to false do not do
+ //any security processing
+ if(inFlowSecurity == null || inFlowSecurity.equals(WSSHandlerConstants.OFF_OPTION)) {
+ return;
+ }
+
Vector actions = new Vector();
String action = null;
if ((action = (String) getOption(WSHandlerConstants.ACTION)) == null) {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java Sat Sep 17 15:23:55 2005
@@ -16,6 +16,8 @@
package org.apache.axis2.security;
+import java.util.Vector;
+
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.context.OperationContext;
@@ -34,8 +36,6 @@
import org.apache.wsdl.WSDLConstants;
import org.w3c.dom.Document;
-import java.util.Vector;
-
public class WSDoAllSender extends WSDoAllHandler {
protected static Log log = LogFactory.getLog(WSDoAllSender.class.getName());
@@ -61,7 +61,7 @@
if (doDebug) {
log.debug("WSDoAllSender: enter invoke()");
}
-
+
/*
* Copy the RECV_RESULTS over to the current message context
* - IF available
@@ -78,6 +78,18 @@
reqData.setNoSerialization(false);
reqData.setMsgContext(msgContext);
+
+ //Figureout if the handler should run
+ String outFlowSecurity;
+ if((outFlowSecurity = (String) getOption(WSSHandlerConstants.OUTFLOW_SECURITY)) == null) {
+ outFlowSecurity = (String) getProperty(msgContext, WSSHandlerConstants.OUTFLOW_SECURITY);
+ }
+ //If the option is not specified or if it is set to false do not do
+ //any security processing
+ if(outFlowSecurity == null || outFlowSecurity.equals(WSSHandlerConstants.OFF_OPTION)) {
+ return;
+ }
+
try {
Vector actions = new Vector();
String action = null;
@@ -318,7 +330,7 @@
//of the same handler
repetition++;
msgContext.setProperty(WSSHandlerConstants.Out.REPETITON,new Integer(repetition));
-
+ msgContext.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY,outFlowSecurity);
/**
* eserving the OM stuff doesn't work for the repeting case
*/
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java Sat Sep 17 15:23:55 2005
@@ -20,6 +20,28 @@
public static final String ENFORCE_ACTION_ORDER = "EnforceActionOrder";
+ /**
+ * A service that requires the security module to be activated in the
+ * inflow, can use this option by specifying (in services.xml):
+ * <parameter name="InflowSecurity">on</parameter>
+ * And if a certain service does NOT require security module to be
+ * activated in the inflow the it should include (in services.xml):
+ * <parameter name="InflowSecurity">off</parameter>
+ */
+ public static final String INFLOW_SECURITY = "InflowSecurity";
+
+ /**
+ * A service that requires the security module to be activated in the
+ * outflow, can use this option by specifying (in services.xml):
+ * <parameter name="OutflowSecurity">on</parameter>
+ * And if a certain service does NOT require security module to be
+ * activated in the outflow the it should include (in services.xml):
+ * <parameter name="OutflowSecurity">off</parameter>
+ */
+ public static final String OUTFLOW_SECURITY = "OutflowSecurity";
+
+ public static final String ON_OPTION = "on";
+ public static final String OFF_OPTION = "off";
/**
* The following two seot the constants are used to introduce new
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/WSHandlerConstantsMapper.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/WSHandlerConstantsMapper.java?rev=289858&r1=289857&r2=289858&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/WSHandlerConstantsMapper.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/WSHandlerConstantsMapper.java Sat Sep 17 15:23:55 2005
@@ -60,7 +60,7 @@
} else {
newKey = (String)outHandlerConstants.get(axiskey);
}
- if(repetition > 0 && axiskey != WSSHandlerConstants.Out.SENDER_REPEAT_COUNT && !inHandler) {
+ if(repetition > 0 && axiskey != WSSHandlerConstants.Out.SENDER_REPEAT_COUNT && axiskey != WSSHandlerConstants.OUTFLOW_SECURITY && !inHandler) {
if(newKey == null) {
return axiskey + repetition;
} else {