You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by ru...@apache.org on 2006/07/21 21:52:25 UTC
svn commit: r424434 - in /webservices/wss4j/trunk/src/org/apache/ws/security:
components/crypto/CryptoFactory.java handler/WSHandler.java
handler/WSHandlerConstants.java
Author: ruchithf
Date: Fri Jul 21 12:52:24 2006
New Revision: 424434
URL: http://svn.apache.org/viewvc?rev=424434&view=rev
Log:
Modifying the handlers to specify the crypto implementation dynamically
Right now WSS4J allows users to specify the implementation of
org.apache.ws.security.components.crypto.Crypto to be specified using a property
file. I'd like to propose a few changes to optionally load provide a reference
to a java.util.Properties object with out specifying the .properties file.
This requires an extra method in the CryptoFactory class to create a Crypto
instance using a Properties object.
public static Crypto getInstance(Properties properties)
And then changes to the following methods in WSHandler to look for the Properties
object in the MessageContext:
loadSignatureCrypto(RequestData)
loadEncryptionCrypto(RequestData)
loadDecryptionCrypto(RequestData)
In the case where a client wants to use a Properties object rather than a
property file, he/she should create that object and add that to the
MessageContext under an id that he/she picks. This id MUST be specified in either
one of the handler parameters named (In axis2-rampart configuration these will
be child elements within the <action> element):
SignaturePropRefId
encryptionPropRefId
decryptionPropRefId
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java?rev=424434&r1=424433&r2=424434&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java Fri Jul 21 12:52:24 2006
@@ -58,6 +58,24 @@
* getInstance
* <p/>
* Returns an instance of Crypto. The properties are handed over the the crypto
+ * implementation. The porperties must at least contain the Crypto implementation
+ * class name as the value of the property : org.apache.ws.security.crypto.provider
+ * <p/>
+ *
+ * @param properties The Properties that are forwarded to the crypto implementaion
+ * and the Crypto impl class name.
+ * These properties are dependend on the crypto implementatin
+ * @return The cyrpto implementation or null if no cryptoClassName was defined
+ */
+ public static Crypto getInstance(Properties properties) {
+ String cryptoClassName = properties.getProperty("org.apache.ws.security.crypto.provider");
+ return loadClass(cryptoClassName, properties);
+ }
+
+ /**
+ * getInstance
+ * <p/>
+ * Returns an instance of Crypto. The properties are handed over the the crypto
* implementation. The porperties can be <code>null</code>. It is depenend on the
* Crypto implementation how the initialization is done in this case.
* <p/>
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java?rev=424434&r1=424433&r2=424434&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java Fri Jul 21 12:52:24 2006
@@ -27,14 +27,17 @@
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
-import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.util.Loader;
import org.apache.ws.security.util.StringUtil;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.text.DateFormat;
@@ -42,11 +45,9 @@
import java.util.Calendar;
import java.util.Date;
import java.util.Hashtable;
+import java.util.Properties;
import java.util.Vector;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-
/**
* Extracted from WSDoAllReceiver and WSDoAllSender
@@ -347,9 +348,30 @@
.getClassLoader(reqData.getMsgContext()));
cryptos.put(sigPropFile, crypto);
}
+ } else if (getString(WSHandlerConstants.SIG_PROP_REF_ID, reqData
+ .getMsgContext()) != null) {
+ /*
+ * If the property file is missing then
+ * look for the Properties object
+ */
+ String refId = getString(WSHandlerConstants.SIG_PROP_REF_ID,
+ reqData.getMsgContext());
+ if(refId != null) {
+ Object propObj = getProperty(reqData.getMsgContext(), refId);
+ if(propObj instanceof Properties) {
+ if ((crypto = (Crypto) cryptos.get(refId)) == null) {
+ crypto = CryptoFactory.getInstance((Properties)propObj);
+ cryptos.put(refId, crypto);
+ }
+ } else {
+ throw new WSSecurityException(
+ "WSHandler: Signature: signaturePropRefId must hold a " +
+ "java.util.Properties object");
+ }
+ }
} else {
throw new WSSecurityException(
- "WSHandler: Signature: no crypto property file");
+ "WSHandler: Signature: no crypto properties");
}
return crypto;
}
@@ -373,6 +395,27 @@
.getClassLoader(reqData.getMsgContext()));
cryptos.put(encPropFile, crypto);
}
+ } else if (getString(WSHandlerConstants.ENC_PROP_REF_ID, reqData
+ .getMsgContext()) != null) {
+ /*
+ * If the property file is missing then
+ * look for the Properties object
+ */
+ String refId = getString(WSHandlerConstants.ENC_PROP_REF_ID,
+ reqData.getMsgContext());
+ if(refId != null) {
+ Object propObj = getProperty(reqData.getMsgContext(), refId);
+ if(propObj instanceof Properties) {
+ if ((crypto = (Crypto) cryptos.get(refId)) == null) {
+ crypto = CryptoFactory.getInstance((Properties)propObj);
+ cryptos.put(refId, crypto);
+ }
+ } else {
+ throw new WSSecurityException(
+ "WSHandler: Encryption: encryptionPropRefId must hold a" +
+ " java.util.Properties object");
+ }
+ }
} else if ((crypto = reqData.getSigCrypto()) == null) {
throw new WSSecurityException(
"WSHandler: Encryption: no crypto property file");
@@ -771,6 +814,27 @@
crypto = CryptoFactory.getInstance(decPropFile, this
.getClassLoader(reqData.getMsgContext()));
cryptos.put(decPropFile, crypto);
+ }
+ } else if (getString(WSHandlerConstants.DEC_PROP_REF_ID, reqData
+ .getMsgContext()) != null) {
+ /*
+ * If the property file is missing then
+ * look for the Properties object
+ */
+ String refId = getString(WSHandlerConstants.DEC_PROP_REF_ID,
+ reqData.getMsgContext());
+ if(refId != null) {
+ Object propObj = getProperty(reqData.getMsgContext(), refId);
+ if(propObj instanceof Properties) {
+ if ((crypto = (Crypto) cryptos.get(refId)) == null) {
+ crypto = CryptoFactory.getInstance((Properties)propObj);
+ cryptos.put(refId, crypto);
+ }
+ } else {
+ throw new WSSecurityException(
+ "WSHandler: Decrytion: decryptionPropRefId must hold a" +
+ " java.util.Properties object");
+ }
}
} else if ((crypto = reqData.getSigCrypto()) == null) {
throw new WSSecurityException(
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java?rev=424434&r1=424433&r2=424434&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java Fri Jul 21 12:52:24 2006
@@ -402,6 +402,16 @@
public static final String SIG_PROP_FILE = "signaturePropFile";
/**
+ * The key that hold the refernce of the <code>java.util.Properties</code>
+ * object holding complete info about signature Crypto implementation.
+ * This should contain all information that would contain in an equivalent
+ * .properties file which includes the Crypto implementation class name.
+ *
+ * Refer to documentation of {@link #SIG_PROP_FILE}.
+ */
+ public final static String SIG_PROP_REF_ID = "SignaturePropRefId";
+
+ /**
* The WSDoAllReceiver handler stores a result <code>Vector</code>
* in this property.
* <p/>
@@ -431,6 +441,16 @@
* an <code>AxisFault</code>.
*/
public static final String DEC_PROP_FILE = "decryptionPropFile";
+
+ /**
+ * The key that hold the refernce of the <code>java.util.Properties</code>
+ * object holding complete info about decryption Crypto implementation. This
+ * should contain all information that would contain in an equivalent
+ * .properties file which includes the Crypto implementation class name.
+ *
+ * Refer to documentation of {@link #DEC_PROP_FILE}.
+ */
+ public final static String DEC_PROP_REF_ID = "decryptionPropRefId";
/**
* Specific parameter for UsernameToken action to define the encoding
@@ -541,6 +561,18 @@
* handler throws an <code>AxisFault</code>.
*/
public static final String ENC_PROP_FILE = "encryptionPropFile";
+
+ /**
+ * The key that hold the refernce of the
+ * <code>java.util.Properties</code> object holding complete info about
+ * encryption Crypto implementation. This should contain all information
+ * that would contain in an equivalent .properties file which includes the
+ * Crypto implementation class name.
+ *
+ * Refer to documentation of {@link #DEC_PROP_FILE}.
+ */
+ public final static String ENC_PROP_REF_ID = "encryptionPropRefId";
+
/**
* Defines which key identifier type to use. The WS-Security specifications
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org