You are viewing a plain text version of this content. The canonical link for it is here.
Posted to sandesha-dev@ws.apache.org by ch...@apache.org on 2006/07/31 15:32:15 UTC
svn commit: r427116 [1/2] - in /webservices/sandesha/trunk/java: ./ config/
src/org/apache/sandesha2/ src/org/apache/sandesha2/client/
src/org/apache/sandesha2/i18n/ src/org/apache/sandesha2/msgprocessors/
src/org/apache/sandesha2/policy/ src/org/apach...
Author: chamikara
Date: Mon Jul 31 06:32:13 2006
New Revision: 427116
URL: http://svn.apache.org/viewvc?rev=427116&view=rev
Log:
Matts patch for the Secure RM scenario
Added:
webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/processors/SecurityManagerProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityManager.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityToken.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/dummy/
webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/dummy/DummySecurityManager.java
webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/
webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java
webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java
webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java
Modified:
webservices/sandesha/trunk/java/config/module.xml
webservices/sandesha/trunk/java/maven.xml
webservices/sandesha/trunk/java/src/org/apache/sandesha2/Sandesha2Constants.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/SandeshaModule.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SandeshaClient.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SequenceReport.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AckRequestedProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AcknowledgementProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/ApplicationMsgProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CloseSequenceProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqMsgProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqResponseMsgProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqMsgProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqResponseMsgProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/PolicyEngineData.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicy.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicyProcessor.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/storage/beans/CreateSeqBean.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/PropertyManager.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/RMMsgCreator.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaPropertyBean.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SpecSpecificConstants.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/AckRequested.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequence.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequenceResponse.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequence.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequenceResponse.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/IOMRMPart.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/Sequence.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/SequenceAcknowledgement.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequence.java
webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequenceResponse.java
webservices/sandesha/trunk/java/test-resources/sandesha2.properties
webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/PropertyLoaderTest.java
webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/SandeshaClientTest.java
Modified: webservices/sandesha/trunk/java/config/module.xml
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/config/module.xml?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/config/module.xml (original)
+++ webservices/sandesha/trunk/java/config/module.xml Mon Jul 31 06:32:13 2006
@@ -111,7 +111,10 @@
</wsrm:PermanentStorageManager>
</wsrm:StorageManagers>
+
+ <!-- This will not be overriden by service level policies -->
+ <wsrm:SecurityManager>org.apache.sandesha2.security.dummy.DummySecurityManager</wsrm:SecurityManager>
</wsp:Policy>
-</module>
\ No newline at end of file
+</module>
Modified: webservices/sandesha/trunk/java/maven.xml
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/maven.xml?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/maven.xml (original)
+++ webservices/sandesha/trunk/java/maven.xml Mon Jul 31 06:32:13 2006
@@ -4,6 +4,7 @@
<j:set var="dist.name" value="${pom.artifactId}-${sandesha2.version}"/>
<j:set var="dist.module.name" value="${pom.artifactId}-${sandesha2.module.version}"/>
+ <j:set var="test.module.name" value="${pom.artifactId}-UnitTest"/>
<ant:property name="build.dist.dir" value="${maven.build.dir}/dist"/>
<ant:property name="build.temp.dir" value="${maven.build.dir}/temp"/>
@@ -121,9 +122,35 @@
<ant:copy file="${repo.addressing.mar}" toDir="${client.dist.path}/modules/" />
</goal>
+ <goal name="secure:create" prereqs="server:create,client:create">
+ <ant:property name="secure.client.path" value="${build.repo.dir}/secure-client"/>
+ <ant:property name="secure.server.path" value="${build.repo.dir}/secure-server"/>
+
+ <copy todir="${secure.client.path}">
+ <fileset dir="${build.repo.dir}/client">
+ <exclude name="modules/${mar.name}"/>
+ </fileset>
+ </copy>
+
+ <copy todir="${secure.server.path}">
+ <fileset dir="${build.repo.dir}/server">
+ <exclude name="modules/${mar.name}"/>
+ </fileset>
+ </copy>
+
+ <!-- Replace the security manager in the module.xml file -->
+ <ant:unjar src="${maven.build.dir}/${mar.name}" dest="${build.temp.dir}"/>
+ <ant:copy file="${dir.test.resources}/test.module.xml" tofile="${build.temp.dir}/META-INF/module.xml" overwrite="true"/>
+ <ant:jar jarfile="${secure.client.path}/modules/${test.module.name}.mar" basedir="${build.temp.dir}"/>
+ <ant:jar jarfile="${secure.server.path}/modules/${test.module.name}.mar" basedir="${build.temp.dir}"/>
+
+ <delete dir="${build.temp.dir}"/>
+ </goal>
+
<goal name="repo:create">
<attainGoal name="server:create"/>
<attainGoal name="client:create"/>
+ <attainGoal name="secure:create"/>
</goal>
<goal name="server:create" prereqs="mar,sample:create">
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/Sandesha2Constants.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/Sandesha2Constants.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/Sandesha2Constants.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/Sandesha2Constants.java Mon Jul 31 06:32:13 2006
@@ -34,6 +34,8 @@
String NS_URI = "http://schemas.xmlsoap.org/ws/2005/02/rm";
+ String SEC_NS_URI = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
+
public interface Actions {
String ACTION_CREATE_SEQUENCE = "http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequence";
@@ -283,6 +285,8 @@
String LAST_OUT_MESSAGE_NO = "LastOutMessage";
String LAST_IN_MESSAGE_NO = "LastInMessage";
+
+ String SECURITY_TOKEN = "SecurityToken";
}
public interface SOAPVersion {
@@ -384,6 +388,8 @@
String MessageTypesToDrop = "MessageTypesToDrop";
String RetransmissionCount = "RetransmissionCount";
+
+ String SecurityManager = "SecurityManager";
public interface DefaultValues {
@@ -410,6 +416,8 @@
int RetransmissionCount = 8;
int MaximumRetransmissionCount = 10;
+
+ String SecurityManager = "org.apache.sandesha2.security.dummy.DummySecurityManager";
}
}
@@ -495,4 +503,6 @@
String MODULE_CLASS_LOADER = "Sandesha2ModuleClassLoader";
-}
\ No newline at end of file
+ String SECURITY_MANAGER = "Sandesha2SecurityManager";
+
+}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/SandeshaModule.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/SandeshaModule.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/SandeshaModule.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/SandeshaModule.java Mon Jul 31 06:32:13 2006
@@ -29,6 +29,7 @@
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
import org.apache.sandesha2.policy.RMPolicyExtension;
+import org.apache.sandesha2.security.SecurityManager;
import org.apache.sandesha2.storage.SandeshaStorageException;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.util.PropertyManager;
@@ -88,6 +89,11 @@
e.toString());
log.debug(message,e);
}
+
+ configContext.setProperty(Sandesha2Constants.SECURITY_MANAGER,null);
+ SecurityManager util = SandeshaUtil.getSecurityManager(configContext);
+ util.initSecurity(module);
+
}
public void engageNotify(AxisDescription axisDescription) throws AxisFault {
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SandeshaClient.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SandeshaClient.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SandeshaClient.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SandeshaClient.java Mon Jul 31 06:32:13 2006
@@ -175,6 +175,7 @@
sequenceReport.setInternalSequenceID(internalSequenceID);
sequenceReport.setSequenceStatus(SequenceReport.SEQUENCE_STATUS_INITIAL);
sequenceReport.setSequenceDirection(SequenceReport.SEQUENCE_DIRECTION_OUT);
+ if(createSeqBean.getSecurityTokenData() != null) sequenceReport.setSecureSequence(true);
return sequenceReport;
}
@@ -890,6 +891,9 @@
Long lng = new Long(Long.parseLong((String) iter.next()));
report.addCompletedMessage(lng);
}
+
+ SequencePropertyBean tokenBean = seqPropMgr.retrieve(outSequenceID, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) report.setSecureSequence(true);
}
private static byte getServerSequenceStatus(String sequenceID, StorageManager storageManager)
@@ -980,6 +984,9 @@
sequenceReport.setSequenceStatus(getServerSequenceStatus(sequenceID, storageManager));
+ SequencePropertyBean tokenBean = seqPropMgr.retrieve(sequenceID, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) sequenceReport.setSecureSequence(true);
+
return sequenceReport;
} catch (Exception e) {
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SequenceReport.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SequenceReport.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SequenceReport.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/client/SequenceReport.java Mon Jul 31 06:32:13 2006
@@ -41,6 +41,7 @@
private String sequenceID = null;
private String internalSequenceID = null; //only for outgoing sequences
private ArrayList completedMessages = null; //no of messages acked (both for incoming and outgoing)
+ private boolean secureSequence = false;
public SequenceReport () {
completedMessages = new ArrayList ();
@@ -92,6 +93,14 @@
public void setInternalSequenceID(String internalSequenceID) {
this.internalSequenceID = internalSequenceID;
+ }
+
+ public boolean isSecureSequence() {
+ return secureSequence;
+ }
+
+ public void setSecureSequence(boolean secureSequence) {
+ this.secureSequence = secureSequence;
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/SandeshaMessageKeys.java Mon Jul 31 06:32:13 2006
@@ -9,6 +9,8 @@
public static final String cannotGetStorageKey="cannotGetStorageKey";
public static final String cannotGetStorageManager="cannotGetStorageManager";
public static final String storageManagerMustImplement="storageManagerMustImplement";
+ public static final String cannotInitSecurityManager="cannotInitSecurityManager";
+ public static final String securityManagerMustImplement="securityManagerMustImplement";
public static final String commitError="commitError";
public static final String rollbackError="rollbackError";
@@ -214,5 +216,8 @@
public static final String invalidMsgNumberList="invalidMsgNumberList";
public static final String cannotFindReqMsgFromOpContext="cannotFindReqMsgFromOpContext";
-
+ public static final String secureDummyNoProof="secureDummyNoProof";
+ public static final String secureDummyNoToken="secureDummyNoToken";
+ public static final String secureDummyNoSTR ="secureDummyNoSTR";
+
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/i18n/resource.properties Mon Jul 31 06:32:13 2006
@@ -26,6 +26,8 @@
cannotGetStorageKey=Sandesha2 Internal Error: could not obtain the sandesha2 storage key in order to store the message.
cannotGetStorageManager=Sandesha2 Internal Error: could not load the specified storage manager.
storageManagerMustImplement=StorageManager {0} must implement the org.apache.sandesha2.storage.StorageManager interface.
+cannotInitSecurityManager=Cannot initialize the given security manager due to exception {0}.
+securityManagerMustImplement=SecurityManager {0} must implement the org.apache.sandesha2.storage.StorageManager interface.
commitError=Exception thrown when trying to commit the transaction: {0}
rollbackError=Exception thrown when trying to rollback the transaction: {0}
@@ -243,4 +245,9 @@
invalidMsgNumberList=Invalid msg number list
cannotFindReqMsgFromOpContext=Cannot find the request message from the operation context
-
+#------------------
+# Security messages
+#------------------
+secureDummyNoProof="Dummy security manager cannot check proof of possession"
+secureDummyNoToken="Dummy security manager cannot serialise or recover security tokens"
+secureDummyNoSTR ="Dummy security manager cannot parse or write security token references"
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AckRequestedProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AckRequestedProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AckRequestedProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AckRequestedProcessor.java Mon Jul 31 06:32:13 2006
@@ -41,6 +41,8 @@
import org.apache.sandesha2.SandeshaException;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.SenderBeanMgr;
import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
@@ -86,6 +88,14 @@
configurationContext.getAxisConfiguration());
SequencePropertyBeanMgr seqPropMgr = storageManager.getSequencePropertyBeanMgr();
+
+ // Check that the sender of this AckRequest holds the correct token
+ SequencePropertyBean tokenBean = seqPropMgr.retrieve(sequenceID, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(configurationContext);
+ SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
+ secManager.checkProofOfPossession(token, ackRequested.getOMElement(), msgContext);
+ }
// Setting the ack depending on AcksTo.
SequencePropertyBean acksToBean = seqPropMgr.retrieve(sequenceID,
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AcknowledgementProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AcknowledgementProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AcknowledgementProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/AcknowledgementProcessor.java Mon Jul 31 06:32:13 2006
@@ -32,6 +32,8 @@
import org.apache.sandesha2.SandeshaException;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.SenderBeanMgr;
import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
@@ -79,15 +81,23 @@
SenderBeanMgr retransmitterMgr = storageManager.getRetransmitterBeanMgr();
SequencePropertyBeanMgr seqPropMgr = storageManager.getSequencePropertyBeanMgr();
- Iterator ackRangeIterator = sequenceAck.getAcknowledgementRanges().iterator();
-
- Iterator nackIterator = sequenceAck.getNackList().iterator();
String outSequenceId = sequenceAck.getIdentifier().getIdentifier();
if (outSequenceId == null || "".equals(outSequenceId)) {
String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.outSeqIDIsNull);
log.debug(message);
throw new SandeshaException(message);
}
+
+ // Check that the sender of this Ack holds the correct token
+ SequencePropertyBean tokenBean = seqPropMgr.retrieve(outSequenceId, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
+ SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
+ secManager.checkProofOfPossession(token, sequenceAck.getOMElement(), msgCtx);
+ }
+
+ Iterator ackRangeIterator = sequenceAck.getAcknowledgementRanges().iterator();
+ Iterator nackIterator = sequenceAck.getNackList().iterator();
FaultManager faultManager = new FaultManager();
RMMsgContext faultMessageContext = faultManager
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/ApplicationMsgProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/ApplicationMsgProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/ApplicationMsgProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/ApplicationMsgProcessor.java Mon Jul 31 06:32:13 2006
@@ -19,6 +19,8 @@
import java.util.ArrayList;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.impl.llom.OMElementImpl;
import org.apache.axiom.soap.SOAPBody;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPFactory;
@@ -43,6 +45,8 @@
import org.apache.sandesha2.client.SandeshaListener;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.CreateSeqBeanMgr;
import org.apache.sandesha2.storage.beanmanagers.InvokerBeanMgr;
@@ -123,16 +127,28 @@
return;
}
- // RM will not send sync responses. If sync acks are there this will be
+ StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(msgCtx.getConfigurationContext(),msgCtx.getConfigurationContext().getAxisConfiguration());
+ SequencePropertyBeanMgr seqPropMgr = storageManager.getSequencePropertyBeanMgr();
+ Sequence sequence = (Sequence) rmMsgCtx.getMessagePart(Sandesha2Constants.MessageParts.SEQUENCE);
+ String sequenceId = sequence.getIdentifier().getIdentifier();
+
+ // Check that both the Sequence header and message body have been secured properly
+ SequencePropertyBean tokenBean = seqPropMgr.retrieve(sequenceId, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(msgCtx.getConfigurationContext());
+ OMElement body = msgCtx.getEnvelope().getBody();
+ SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
+ secManager.checkProofOfPossession(token, sequence.getOMElement(), msgCtx);
+ secManager.checkProofOfPossession(token, body, msgCtx);
+ }
+
+ //RM will not send sync responses. If sync acks are there this will be
// made true again later.
if (rmMsgCtx.getMessageContext().getOperationContext() != null) {
rmMsgCtx.getMessageContext().getOperationContext().setProperty(Constants.RESPONSE_WRITTEN,
Constants.VALUE_FALSE);
}
- StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(msgCtx.getConfigurationContext(), msgCtx
- .getConfigurationContext().getAxisConfiguration());
-
FaultManager faultManager = new FaultManager();
RMMsgContext faultMessageContext = faultManager.checkForLastMsgNumberExceeded(rmMsgCtx, storageManager);
if (faultMessageContext != null) {
@@ -150,11 +166,7 @@
return;
}
- SequencePropertyBeanMgr seqPropMgr = storageManager.getSequencePropertyBeanMgr();
-
// setting acked msg no range
- Sequence sequence = (Sequence) rmMsgCtx.getMessagePart(Sandesha2Constants.MessageParts.SEQUENCE);
- String sequenceId = sequence.getIdentifier().getIdentifier();
ConfigurationContext configCtx = rmMsgCtx.getMessageContext().getConfigurationContext();
if (configCtx == null) {
String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.configContextNotSet);
@@ -810,6 +822,12 @@
// relateTo anything
CreateSeqBean createSeqBean = new CreateSeqBean(internalSequenceId, createSeqMsg.getMessageID(), null);
+ SecurityToken token = (SecurityToken) createSeqRMMessage.getProperty(Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(token != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
+ createSeqBean.setSecurityTokenData(secManager.getTokenRecoveryData(token));
+ }
+
createSeqMgr.insert(createSeqBean);
String addressingNamespaceURI = SandeshaUtil.getSequenceProperty(internalSequenceId,
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CloseSequenceProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CloseSequenceProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CloseSequenceProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CloseSequenceProcessor.java Mon Jul 31 06:32:13 2006
@@ -17,6 +17,7 @@
package org.apache.sandesha2.msgprocessors;
+import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPFactory;
import org.apache.axis2.AxisFault;
@@ -31,6 +32,8 @@
import org.apache.sandesha2.SandeshaException;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
import org.apache.sandesha2.storage.beans.SequencePropertyBean;
@@ -65,6 +68,16 @@
StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(configCtx, configCtx
.getAxisConfiguration());
+ SequencePropertyBeanMgr sequencePropMgr = storageManager.getSequencePropertyBeanMgr();
+
+ // Check that the sender of this CloseSequence holds the correct token
+ SequencePropertyBean tokenBean = sequencePropMgr.retrieve(sequenceID, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(msgCtx.getConfigurationContext());
+ OMElement body = msgCtx.getEnvelope().getBody();
+ SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
+ secManager.checkProofOfPossession(token, body, msgCtx);
+ }
FaultManager faultManager = new FaultManager();
RMMsgContext faultMessageContext = faultManager.checkForUnknownSequence(rmMsgCtx, sequenceID, storageManager);
@@ -83,7 +96,6 @@
return;
}
- SequencePropertyBeanMgr sequencePropMgr = storageManager.getSequencePropertyBeanMgr();
SequencePropertyBean sequenceClosedBean = new SequencePropertyBean();
sequenceClosedBean.setSequenceID(sequenceID);
sequenceClosedBean.setName(Sandesha2Constants.SequenceProperties.SEQUENCE_CLOSED);
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqMsgProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqMsgProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqMsgProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqMsgProcessor.java Mon Jul 31 06:32:13 2006
@@ -19,6 +19,7 @@
import java.util.Collection;
+import org.apache.axiom.om.OMElement;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.context.ConfigurationContext;
@@ -35,6 +36,8 @@
import org.apache.sandesha2.client.SandeshaListener;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.CreateSeqBeanMgr;
import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
@@ -88,6 +91,18 @@
createSeqMsg.pause();
return;
+ }
+
+ // If the inbound CreateSequence includes a SecurityTokenReference then
+ // ask the security manager to resolve that to a token for us. We also
+ // check that the Create was secured using the token.
+ OMElement theSTR = createSeqPart.getSecurityTokenReference();
+ SecurityToken token = null;
+ if(theSTR != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
+ MessageContext msgcontext = createSeqRMMsg.getMessageContext();
+ token = secManager.getSecurityToken(theSTR, msgcontext);
+ secManager.checkProofOfPossession(token, createSeqPart.getOMElement(), msgcontext);
}
MessageContext outMessage = null;
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqResponseMsgProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqResponseMsgProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqResponseMsgProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/CreateSeqResponseMsgProcessor.java Mon Jul 31 06:32:13 2006
@@ -19,6 +19,7 @@
import java.util.Iterator;
+import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPFactory;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
@@ -32,6 +33,8 @@
import org.apache.sandesha2.SandeshaException;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.CreateSeqBeanMgr;
import org.apache.sandesha2.storage.beanmanagers.NextMsgBeanMgr;
@@ -127,6 +130,16 @@
throw new SandeshaException(message);
}
+ // Check that the create sequence response message proves possession of the correct token
+ String tokenData = createSeqBean.getSecurityTokenData();
+ if(tokenData != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
+ MessageContext crtSeqResponseCtx = createSeqResponseRMMsgCtx.getMessageContext();
+ OMElement body = crtSeqResponseCtx.getEnvelope().getBody();
+ SecurityToken token = secManager.recoverSecurityToken(tokenData);
+ secManager.checkProofOfPossession(token, body, crtSeqResponseCtx);
+ }
+
String internalSequenceId = createSeqBean.getInternalSequenceID();
if (internalSequenceId == null || "".equals(internalSequenceId)) {
String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.tempSeqIdNotSet);
@@ -157,6 +170,13 @@
sequencePropMgr.insert(outSequenceBean);
sequencePropMgr.insert(internalSequenceBean);
+
+ // Store the security token under the new sequence id
+ if(tokenData != null) {
+ SequencePropertyBean newToken = new SequencePropertyBean(newOutSequenceId,
+ Sandesha2Constants.SequenceProperties.SECURITY_TOKEN, tokenData);
+ sequencePropMgr.insert(newToken);
+ }
// processing for accept (offer has been sent)
Accept accept = createSeqResponsePart.getAccept();
@@ -211,6 +231,12 @@
Sandesha2Constants.SequenceProperties.ADDRESSING_NAMESPACE_VALUE, addressingNamespace);
sequencePropMgr.insert(addressingVersionBean);
+ // Store the security token for the offered sequence
+ if(tokenData != null) {
+ SequencePropertyBean newToken = new SequencePropertyBean(offeredSequenceId,
+ Sandesha2Constants.SequenceProperties.SECURITY_TOKEN, tokenData);
+ sequencePropMgr.insert(newToken);
+ }
}
SenderBean target = new SenderBean();
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqMsgProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqMsgProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqMsgProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqMsgProcessor.java Mon Jul 31 06:32:13 2006
@@ -19,6 +19,7 @@
import javax.xml.namespace.QName;
+import org.apache.axiom.om.OMElement;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.Options;
@@ -41,6 +42,8 @@
import org.apache.sandesha2.client.SandeshaClientConstants;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.SenderBeanMgr;
import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
@@ -108,7 +111,17 @@
}
ConfigurationContext context = terminateSeqMsg.getConfigurationContext();
- StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context, context.getAxisConfiguration());
+ StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context,context.getAxisConfiguration());
+ SequencePropertyBeanMgr sequencePropertyBeanMgr = storageManager.getSequencePropertyBeanMgr();
+
+ // Check that the sender of this TerminateSequence holds the correct token
+ SequencePropertyBean tokenBean = sequencePropertyBeanMgr.retrieve(sequenceId, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
+ OMElement body = terminateSeqRMMsg.getSOAPEnvelope().getBody();
+ SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
+ secManager.checkProofOfPossession(token, body, terminateSeqRMMsg.getMessageContext());
+ }
FaultManager faultManager = new FaultManager();
RMMsgContext faultMessageContext = faultManager.checkForUnknownSequence(terminateSeqRMMsg, sequenceId,
@@ -128,7 +141,6 @@
return;
}
- SequencePropertyBeanMgr sequencePropertyBeanMgr = storageManager.getSequencePropertyBeanMgr();
SequencePropertyBean terminateReceivedBean = new SequencePropertyBean();
terminateReceivedBean.setSequenceID(sequenceId);
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqResponseMsgProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqResponseMsgProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqResponseMsgProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/msgprocessors/TerminateSeqResponseMsgProcessor.java Mon Jul 31 06:32:13 2006
@@ -17,10 +17,21 @@
package org.apache.sandesha2.msgprocessors;
+import org.apache.axiom.om.OMElement;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.sandesha2.RMMsgContext;
+import org.apache.sandesha2.Sandesha2Constants;
import org.apache.sandesha2.SandeshaException;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
+import org.apache.sandesha2.storage.StorageManager;
+import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
+import org.apache.sandesha2.storage.beans.SequencePropertyBean;
+import org.apache.sandesha2.util.SandeshaUtil;
+import org.apache.sandesha2.wsrm.TerminateSequenceResponse;
/**
* To process terminate sequence response messages.
@@ -28,15 +39,38 @@
public class TerminateSeqResponseMsgProcessor implements MsgProcessor {
private static final Log log = LogFactory.getLog(TerminateSeqResponseMsgProcessor.class);
+
+ public void processInMessage(RMMsgContext terminateResRMMsg)
+ throws SandeshaException {
+ if(log.isDebugEnabled()) log.debug("Enter: TerminateSeqResponseMsgProcessor::processInMessage");
+
+ MessageContext msgContext = terminateResRMMsg.getMessageContext();
+ ConfigurationContext context = terminateResRMMsg.getConfigurationContext();
+
+ StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context,context.getAxisConfiguration());
+ SequencePropertyBeanMgr sequencePropertyBeanMgr = storageManager.getSequencePropertyBeanMgr();
+
+ TerminateSequenceResponse tsResponse = (TerminateSequenceResponse)
+ terminateResRMMsg.getMessagePart(Sandesha2Constants.MessageParts.TERMINATE_SEQ_RESPONSE);
+ String sequenceId = tsResponse.getIdentifier().getIdentifier();
+
+ // Check that the sender of this TerminateSequence holds the correct token
+ SequencePropertyBean tokenBean = sequencePropertyBeanMgr.retrieve(sequenceId, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
+ if(tokenBean != null) {
+ SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
+ OMElement body = terminateResRMMsg.getSOAPEnvelope().getBody();
+ SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
+ secManager.checkProofOfPossession(token, body, msgContext);
+ }
- public void processInMessage(RMMsgContext terminateResRMMsg) throws SandeshaException {
-
- // TODO add processing logic
-
+ // Stop this message travelling further through the Axis runtime
terminateResRMMsg.pause();
- }
- public void processOutMessage(RMMsgContext rmMsgCtx) throws SandeshaException {
+ if(log.isDebugEnabled()) log.debug("Exit: TerminateSeqResponseMsgProcessor::processInMessage");
+ }
+ public void processOutMessage(RMMsgContext rmMsgCtx) throws SandeshaException {
+ if(log.isDebugEnabled()) log.debug("Enter: TerminateSeqResponseMsgProcessor::processOutMessage");
+ if(log.isDebugEnabled()) log.debug("Exit: TerminateSeqResponseMsgProcessor::processOutMessage");
}
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/PolicyEngineData.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/PolicyEngineData.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/PolicyEngineData.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/PolicyEngineData.java Mon Jul 31 06:32:13 2006
@@ -30,6 +30,7 @@
private String inMemoryStorageManager = null;
// private String storageManager = null;
private int maximumRetransmissionCount;
+ private String securityManager = null;
private boolean acknowledgementIntervalSet = false;
private boolean exponentialBackoffSet = false;
@@ -42,6 +43,7 @@
private boolean inMemoryStorageManagerSet = false;
// private boolean storageManagerSet = false;
private boolean maximumRetransmissionCountSet = false;
+ private boolean securityManagerSet = false;
public boolean isExponentialBackoff() {
return exponentialBackoff;
@@ -225,6 +227,18 @@
return retransmissionIntervalSet;
}
+ public String getSecurityManager() {
+ return securityManager;
+ }
+
+ public void setSecurityManager(String className) {
+ securityManager = className;
+ securityManagerSet = true;
+ }
+
+ public boolean isSecuritymanagerSet() {
+ return securityManagerSet;
+ }
// public boolean isStorageManagerSet() {
// return storageManagerSet;
// }
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicy.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicy.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicy.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicy.java Mon Jul 31 06:32:13 2006
@@ -57,6 +57,6 @@
public static final RMPolicyToken permanentStorageManager = new RMPolicyToken(
"PermanentStorageManager", RMPolicyToken.SIMPLE_TOKEN, new String[]{});
-// public static final RMPolicyToken storageManager = new RMPolicyToken(
-// "StorageManager", RMPolicyToken.SIMPLE_TOKEN, new String[]{});
+ public static final RMPolicyToken securityManager = new RMPolicyToken(
+ "SecurityManager", RMPolicyToken.SIMPLE_TOKEN, new String[]{});
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicyProcessor.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicyProcessor.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/RMPolicyProcessor.java Mon Jul 31 06:32:13 2006
@@ -33,6 +33,7 @@
import org.apache.sandesha2.policy.processors.MaximumRetransmissionCountProcessor;
import org.apache.sandesha2.policy.processors.MessageTypesToDropProcessor;
import org.apache.sandesha2.policy.processors.RetransmissionItervalProcessor;
+import org.apache.sandesha2.policy.processors.SecurityManagerProcessor;
import org.apache.sandesha2.policy.processors.StorageManagersProcessor;
import org.apache.ws.policy.All;
import org.apache.ws.policy.Assertion;
@@ -103,6 +104,11 @@
rpt.setProcessTokenMethod(smp);
topLevel.setChildToken(rpt);
+ SecurityManagerProcessor secmp = new SecurityManagerProcessor();
+ rpt = RMPolicy.securityManager.copy();
+ rpt.setProcessTokenMethod(secmp);
+ topLevel.setChildToken(rpt);
+
/*
* Now get the initial PolicyEngineData, initialize it and put it onto
* the PED stack.
Added: webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/processors/SecurityManagerProcessor.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/processors/SecurityManagerProcessor.java?rev=427116&view=auto
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/processors/SecurityManagerProcessor.java (added)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/policy/processors/SecurityManagerProcessor.java Mon Jul 31 06:32:13 2006
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sandesha2.policy.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.sandesha2.policy.PolicyEngineData;
+import org.apache.sandesha2.policy.RMPolicyToken;
+import org.apache.sandesha2.policy.RMProcessorContext;
+
+public class SecurityManagerProcessor {
+ private boolean initializedSecurityManager = false;
+
+ private Log logger = LogFactory.getLog(this.getClass().getName());
+
+ public void initializeSecurityManager(RMPolicyToken rmpt)
+ throws NoSuchMethodException {
+ }
+
+ public Object doSecurityManager(RMProcessorContext rmpc) {
+ RMPolicyToken rmpt = rmpc.readCurrentRMToken();
+ switch (rmpc.getAction()) {
+
+ case RMProcessorContext.START:
+ if (!initializedSecurityManager) {
+ try {
+ initializeSecurityManager(rmpt);
+ initializedSecurityManager = true;
+ } catch (NoSuchMethodException e) {
+ logger.error("Exception occured in initializeStorageManager", e);
+ return new Boolean(false);
+ }
+ }
+ logger.debug(rmpt.getTokenName());
+
+ case RMProcessorContext.COMMIT:
+ PolicyEngineData ped = rmpc.readCurrentPolicyEngineData();
+ String text = rmpc.getAssertion().getStrValue();
+ ped.setSecurityManager(text.trim());
+ break;
+ case RMProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+}
Added: webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityManager.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityManager.java?rev=427116&view=auto
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityManager.java (added)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityManager.java Mon Jul 31 06:32:13 2006
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.security;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.AxisModule;
+import org.apache.sandesha2.SandeshaException;
+
+/**
+ * SecurityManager interface. This manages the link between the RM layer and Security,
+ * so that the CreateSequence message can be secured using a SecurityTokenReference.
+ * Once the sequence is secured using the STR, each inbound messgae must be checked to
+ * ensure the sender has demonstrated proof-of-possession of the referenced token.
+ *
+ * See the WS-RM 1.0 spec for details.
+ */
+public abstract class SecurityManager {
+
+ public SecurityManager(ConfigurationContext context) {
+
+ }
+
+ /**
+ * Initialize the security manager. This may perfom setup such as checking the set
+ * of sequences that have been persisted over restart, and bootstrapping their
+ * security state.
+ */
+ public abstract void initSecurity(AxisModule moduleDesc);
+
+ /**
+ * Get a security token to secure an outbound create sequence message. This token
+ * will be the one referenced with the body of the CreateSequence. This method may
+ * return null, in which case the CreateSequence message will not contain the
+ * SecurityTokenReference.
+ */
+ public abstract SecurityToken getSecurityToken(MessageContext message)
+ throws SandeshaException;
+
+ /**
+ * Get a security token, from a SecurityTokenReference within an inbound message.
+ * This method should not return null, so if the Token cannot be found the implementation
+ * should throw an exception.
+ */
+ public abstract SecurityToken getSecurityToken(OMElement theSTR, MessageContext message)
+ throws SandeshaException;
+
+ /**
+ * Create a SecurityTokenReference, suitable for inclusion in the given message.
+ * The imelementation may choose to insert security headers into the SOAP envelope at
+ * this point, or it may choose to simple place some state into the message context
+ * and defer the real work until the security handlers execute.
+ */
+ public abstract OMElement createSecurityTokenReference(SecurityToken token, MessageContext message)
+ throws SandeshaException;
+
+ /**
+ * Check that the given element of the message demonstrated proof of possession of
+ * the given token. This allows Sandesha to implement the checking required by the
+ * RM spec. Proof is normally demonstrated by signing or encrypting the the given
+ * part using the token.
+ * If the elements is not secured with the given token the SecurityManager must
+ * throw an exception.
+ */
+ public abstract void checkProofOfPossession(SecurityToken token, OMElement messagePart, MessageContext message)
+ throws SandeshaException;
+
+ /**
+ * Write the data from this token in to a String. This is here to simplify storing
+ * token data into the storage layer - rather than rely on Java serialization we
+ * use this method, and the matching SecurityManager method to rebuild the token
+ * object.
+ */
+ public abstract String getTokenRecoveryData(SecurityToken token)
+ throws SandeshaException;
+
+ /**
+ * Reconstruct a token from a String. This method should not return null - if the
+ * security manager is unable to recover the token from the correlation data then
+ * it should throw an exception.
+ */
+ public abstract SecurityToken recoverSecurityToken(String tokenData)
+ throws SandeshaException;
+
+}
Added: webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityToken.java?rev=427116&view=auto
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityToken.java (added)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/SecurityToken.java Mon Jul 31 06:32:13 2006
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.security;
+
+/**
+ * SecurityToken interface. This is an opaque handle onto the state that the security
+ * layer needs to manage on behalf of RM. Each secure RM sequence will have an
+ * associated security token.
+ *
+ */
+public interface SecurityToken {
+
+}
Added: webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/dummy/DummySecurityManager.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/dummy/DummySecurityManager.java?rev=427116&view=auto
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/dummy/DummySecurityManager.java (added)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/security/dummy/DummySecurityManager.java Mon Jul 31 06:32:13 2006
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.security.dummy;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.AxisModule;
+import org.apache.sandesha2.SandeshaException;
+import org.apache.sandesha2.i18n.SandeshaMessageHelper;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
+
+/**
+ * A null implementation of a security manager. This manager cannot create tokens, so the
+ * messages sent using this manager will not be secured.
+ */
+public class DummySecurityManager extends SecurityManager {
+
+ public DummySecurityManager(ConfigurationContext context) {
+ super(context);
+ }
+
+ public void initSecurity(AxisModule moduleDesc) {
+ }
+
+ public void checkProofOfPossession(SecurityToken token, OMElement messagePart, MessageContext message)
+ throws SandeshaException
+ {
+ String msg = SandeshaMessageHelper.getMessage("secureDummyNoProof");
+ throw new SandeshaException(msg);
+ }
+
+ public SecurityToken getSecurityToken(MessageContext message) {
+ // Returning null will tell the rest of sandesha to continue without attempting to secure the sequence.
+ return null;
+ }
+
+ public String getTokenRecoveryData(SecurityToken token)
+ throws SandeshaException
+ {
+ String msg = SandeshaMessageHelper.getMessage("secureDummyNoToken");
+ throw new SandeshaException(msg);
+ }
+
+ public SecurityToken recoverSecurityToken(String tokenData)
+ throws SandeshaException
+ {
+ String msg = SandeshaMessageHelper.getMessage("secureDummyNoToken");
+ throw new SandeshaException(msg);
+ }
+
+
+ public SecurityToken getSecurityToken(OMElement theSTR, MessageContext message)
+ throws SandeshaException
+ {
+ String msg = SandeshaMessageHelper.getMessage("secureDummyNoSTR");
+ throw new SandeshaException(msg);
+ }
+
+ public OMElement createSecurityTokenReference(SecurityToken token, MessageContext message) throws SandeshaException {
+ String msg = SandeshaMessageHelper.getMessage("secureDummyNoSTR");
+ throw new SandeshaException(msg);
+ }
+
+
+}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/storage/beans/CreateSeqBean.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/storage/beans/CreateSeqBean.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/storage/beans/CreateSeqBean.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/storage/beans/CreateSeqBean.java Mon Jul 31 06:32:13 2006
@@ -44,6 +44,12 @@
* This is the actual Sequence ID of the sequence.
*/
private String sequenceID;
+
+ /**
+ * Comment for <code>securityTokenData</code>
+ * This is the security token data needed to reconstruct the token that secures this sequence.
+ */
+ private String securityTokenData;
public CreateSeqBean() {
}
@@ -79,4 +85,12 @@
this.internalSequenceID = internalSequenceID;
}
-}
\ No newline at end of file
+ public String getSecurityTokenData() {
+ return securityTokenData;
+ }
+
+ public void setSecurityTokenData(String securityTokenData) {
+ this.securityTokenData = securityTokenData;
+ }
+
+}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/PropertyManager.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/PropertyManager.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/PropertyManager.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/PropertyManager.java Mon Jul 31 06:32:13 2006
@@ -66,6 +66,8 @@
String msgTypesToDrop = Sandesha2Constants.Properties.DefaultValues.MessageTypesToDrop;
loadMessageTypesToDrop(msgTypesToDrop, propertyBean);
+ propertyBean.setSecurityManagerClass(Sandesha2Constants.Properties.DefaultValues.SecurityManager);
+
return propertyBean;
}
@@ -114,6 +116,9 @@
String messageTypesToDrop = properties.getProperty(Sandesha2Constants.Properties.MessageTypesToDrop);
loadMessageTypesToDrop(messageTypesToDrop, propertyBean);
+ String securityManagerClassStr = properties
+ .getProperty(Sandesha2Constants.Properties.SecurityManager);
+ loadSecurityManagerClass(securityManagerClassStr,propertyBean);
} catch (IOException e) {
throw new SandeshaException(e);
}
@@ -166,6 +171,10 @@
String messageTypesToDrop = (String) messageTypesToDropParam.getValue();
loadMessageTypesToDrop(messageTypesToDrop, propertyBean);
+ Parameter securityManagerClassParam = desc.getParameter(Sandesha2Constants.Properties.SecurityManager);
+ String securityManagerClassStr = (String) securityManagerClassParam.getValue();
+ loadSecurityManagerClass(securityManagerClassStr,propertyBean);
+
return propertyBean;
}
@@ -225,21 +234,6 @@
else
propertyBean.setRetransmissionInterval(parentPropertyBean.getRetransmissionInterval());
- // if (data.isStorageManagerSet())
- // propertyBean.setStorageManagerClass(data.getStorageManager());
- // else
- // propertyBean.setStorageManagerClass(data.getStorageManager());
-
- if (data.isInMemoryStorageManagerSet())
- propertyBean.setInMemoryStorageManagerClass(data.getInMemoryStorageManager());
- else
- propertyBean.setInMemoryStorageManagerClass(data.getInMemoryStorageManager());
-
- // if (data.isStorageManagerSet())
- // propertyBean.setStorageManagerClass(data.getStorageManager());
- // else
- // propertyBean.setStorageManagerClass(data.getStorageManager());
-
if (data.isInMemoryStorageManagerSet())
propertyBean.setInMemoryStorageManagerClass(data.getInMemoryStorageManager());
else
@@ -255,6 +249,8 @@
else
propertyBean.setMsgTypesToDrop(parentPropertyBean.getMsgTypesToDrop());
+ propertyBean.setSecurityManagerClass(data.getSecurityManager());
+
return propertyBean;
}
@@ -333,6 +329,8 @@
else
propertyBean.setMsgTypesToDrop(parentPropertyBean.getMsgTypesToDrop());
+ propertyBean.setSecurityManagerClass(data.getSecurityManager());
+
return propertyBean;
}
@@ -498,6 +496,18 @@
String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.propertyInvalidValue,
Sandesha2Constants.Properties.MessageTypesToDrop);
throw new SandeshaException(message, e);
+ }
+ }
+
+ /**
+ * Loads the SecurityManager class name.
+ *
+ * @param properties
+ */
+ private static void loadSecurityManagerClass(String securityManagerClassStr, SandeshaPropertyBean propertyBean) throws SandeshaException {
+ if (securityManagerClassStr != null) {
+ securityManagerClassStr = securityManagerClassStr.trim();
+ propertyBean.setSecurityManagerClass(securityManagerClassStr);
}
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/RMMsgCreator.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/RMMsgCreator.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/RMMsgCreator.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/RMMsgCreator.java Mon Jul 31 06:32:13 2006
@@ -23,6 +23,7 @@
import javax.xml.namespace.QName;
+import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPFactory;
import org.apache.axis2.AxisFault;
@@ -44,6 +45,8 @@
import org.apache.sandesha2.client.SandeshaClientConstants;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
+import org.apache.sandesha2.security.SecurityToken;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
import org.apache.sandesha2.storage.beans.SequencePropertyBean;
@@ -306,6 +309,17 @@
createSequencePart.setAcksTo(new AcksTo(new Address(acksToEPR, factory, addressingNamespaceValue), factory,
rmNamespaceValue, addressingNamespaceValue));
+
+ // Find the token that should be used to secure this new sequence. If there is a token, then we
+ // save it in the properties so that the caller can store the token within the create sequence
+ // bean.
+ SecurityManager secMgr = SandeshaUtil.getSecurityManager(context);
+ SecurityToken token = secMgr.getSecurityToken(createSeqmsgContext);
+ if(token != null) {
+ OMElement str = secMgr.createSecurityTokenReference(token, createSeqmsgContext);
+ createSequencePart.setSecurityTokenReference(str);
+ createSeqRMMsg.setProperty(Sandesha2Constants.SequenceProperties.SECURITY_TOKEN, token);
+ }
createSeqRMMsg.setMessagePart(Sandesha2Constants.MessageParts.CREATE_SEQ, createSequencePart);
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaPropertyBean.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaPropertyBean.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaPropertyBean.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaPropertyBean.java Mon Jul 31 06:32:13 2006
@@ -38,6 +38,8 @@
private String inMemoryStorageManagerClass = null;
private String permanentStorageManagerClass = null;
+
+ private String securityManagerClass = null;
public long getInactiveTimeoutInterval() {
return policyBean.getInactiveTimeoutInterval();
@@ -152,5 +154,12 @@
public void setMaximumRetransmissionCount(int maximumRetransmissionCount) {
policyBean.setMaximumRetransmissionCount(maximumRetransmissionCount);
}
-
+
+ public String getSecurityManagerClass() {
+ return securityManagerClass;
+ }
+
+ public void setSecurityManagerClass(String className) {
+ this.securityManagerClass = className;
+ }
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SandeshaUtil.java Mon Jul 31 06:32:13 2006
@@ -61,6 +61,7 @@
import org.apache.sandesha2.SandeshaException;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.security.SecurityManager;
import org.apache.sandesha2.storage.StorageManager;
import org.apache.sandesha2.storage.beanmanagers.SequencePropertyBeanMgr;
import org.apache.sandesha2.storage.beans.SequencePropertyBean;
@@ -911,4 +912,40 @@
return sequenceID;
}
+ public static SecurityManager getSecurityManager(ConfigurationContext context) throws SandeshaException {
+ SecurityManager util = (SecurityManager) context.getProperty(Sandesha2Constants.SECURITY_MANAGER);
+ if (util != null) return util;
+
+ //Currently module policies are used to find the security impl. These cant be overriden
+ String securityManagerClassStr = getDefaultPropertyBean(context.getAxisConfiguration()).getSecurityManagerClass();
+ util = getSecurityManagerInstance(securityManagerClassStr,context);
+ context.setProperty(Sandesha2Constants.SECURITY_MANAGER,util);
+
+ return util;
+ }
+
+ private static SecurityManager getSecurityManagerInstance (String className,ConfigurationContext context) throws SandeshaException {
+ try {
+ ClassLoader classLoader = (ClassLoader) context.getProperty(Sandesha2Constants.MODULE_CLASS_LOADER);
+
+ if (classLoader==null)
+ throw new SandeshaException (SandeshaMessageHelper.getMessage(SandeshaMessageKeys.classLoaderNotFound));
+
+ Class c = classLoader.loadClass(className);
+ Class configContextClass = context.getClass();
+
+ Constructor constructor = c.getConstructor(new Class[] { configContextClass });
+ Object obj = constructor.newInstance(new Object[] {context});
+
+ if (!(obj instanceof SecurityManager)) {
+ String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.securityManagerMustImplement, className);
+ throw new SandeshaException(message);
+ }
+ return (SecurityManager) obj;
+
+ } catch (Exception e) {
+ String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.cannotInitSecurityManager, e.toString());
+ throw new SandeshaException(message,e);
+ }
+ }
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SpecSpecificConstants.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SpecSpecificConstants.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SpecSpecificConstants.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/util/SpecSpecificConstants.java Mon Jul 31 06:32:13 2006
@@ -290,4 +290,11 @@
addressingNSURI));
}
+ public static String getSecurityNamespace (String rmNamespace) {
+ if(rmNamespace.equals(Sandesha2Constants.SPEC_2005_02.NS_URI)) {
+ return Sandesha2Constants.SPEC_2005_02.SEC_NS_URI;
+ }
+ // Other spec levels do not have security interop defined (yet)
+ return null;
+ }
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/AckRequested.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/AckRequested.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/AckRequested.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/AckRequested.java Mon Jul 31 06:32:13 2006
@@ -46,6 +46,8 @@
private String namespaceValue = null;
private boolean mustUnderstand = false;
+
+ private OMElement ackElement = null;
public AckRequested(OMFactory factory,String namespaceValue) throws SandeshaException {
if (!isNamespaceSupported(namespaceValue))
@@ -74,6 +76,7 @@
SandeshaMessageKeys.noAckRequestedElement,
header.toString()));
+ ackElement = ackReqPart;
identifier = new Identifier(defaultFactory,namespaceValue);
identifier.fromOMElement(ackReqPart);
@@ -159,5 +162,9 @@
return true;
return false;
+ }
+
+ public OMElement getOMElement() {
+ return ackElement;
}
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequence.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequence.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequence.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequence.java Mon Jul 31 06:32:13 2006
@@ -42,6 +42,8 @@
private String namespaceValue = null;
+ private OMElement element = null;
+
public CloseSequence(OMFactory factory, String namespaceValue) throws SandeshaException {
if (!isNamespaceSupported(namespaceValue))
throw new SandeshaException (SandeshaMessageHelper.getMessage(
@@ -62,6 +64,8 @@
throw new OMException(SandeshaMessageHelper.getMessage(
SandeshaMessageKeys.closeSeqCannotBeAddedToNonBody));
+ element = body;
+
OMElement closeSeqPart = body.getFirstChildWithName(new QName(
namespaceValue, Sandesha2Constants.WSRM_COMMON.CLOSE_SEQUENCE));
@@ -128,5 +132,9 @@
return true;
return false;
+ }
+
+ public OMElement getOMElement() {
+ return element;
}
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequenceResponse.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequenceResponse.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequenceResponse.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CloseSequenceResponse.java Mon Jul 31 06:32:13 2006
@@ -41,6 +41,8 @@
private String namespaceValue = null;
+ private OMElement element;
+
public CloseSequenceResponse(OMFactory factory, String namespaceValue) throws SandeshaException {
if (!isNamespaceSupported(namespaceValue))
throw new SandeshaException (SandeshaMessageHelper.getMessage(
@@ -62,6 +64,8 @@
SandeshaMessageHelper.getMessage(
SandeshaMessageKeys.closeSeqResponseCannotBeAddedToNonBody));
+ element = body;
+
OMElement closeSeqResponsePart = body.getFirstChildWithName(new QName(
namespaceValue, Sandesha2Constants.WSRM_COMMON.CLOSE_SEQUENCE_RESPONSE));
@@ -131,5 +135,8 @@
return false;
}
+ public OMElement getOMElement() {
+ return element;
+ }
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequence.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequence.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequence.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequence.java Mon Jul 31 06:32:13 2006
@@ -19,6 +19,7 @@
import javax.xml.namespace.QName;
+import org.apache.axiom.om.OMAttribute;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMException;
import org.apache.axiom.om.OMFactory;
@@ -30,6 +31,7 @@
import org.apache.sandesha2.SandeshaException;
import org.apache.sandesha2.i18n.SandeshaMessageHelper;
import org.apache.sandesha2.i18n.SandeshaMessageKeys;
+import org.apache.sandesha2.util.SpecSpecificConstants;
/**
* Represent the CreateSequence body element.
@@ -49,6 +51,12 @@
private String addressingNamespaceValue = null;
+ private String secNamespaceValue = null;
+
+ private OMElement securityTokenReference = null;
+
+ private OMElement element;
+
public CreateSequence(OMFactory factory,String rmNamespaceValue,String addressingNamespaceValue) throws SandeshaException {
if (!isNamespaceSupported(rmNamespaceValue))
throw new SandeshaException (SandeshaMessageHelper.getMessage(
@@ -58,6 +66,7 @@
this.defaultFactory = factory;
this.rmNamespaceValue = rmNamespaceValue;
this.addressingNamespaceValue = addressingNamespaceValue;
+ this.secNamespaceValue = SpecSpecificConstants.getSecurityNamespace(rmNamespaceValue);
}
public CreateSequence (AcksTo acksTo,SOAPFactory factory,String rmNamespaceValue,String addressingNamespaceValue) throws SandeshaException {
@@ -79,6 +88,8 @@
SandeshaMessageKeys.noCreateSeqPartInElement,
bodyElement.toString()));
+ element = bodyElement;
+
acksTo = new AcksTo(defaultFactory,rmNamespaceValue,addressingNamespaceValue);
acksTo.fromOMElement(createSequencePart);
@@ -96,7 +107,11 @@
expires = new Expires(defaultFactory,rmNamespaceValue);
expires.fromOMElement(createSequencePart);
}
-
+
+ if(secNamespaceValue != null) {
+ securityTokenReference = createSequencePart.getFirstChildWithName(
+ new QName(secNamespaceValue, "SecurityTokenReference"));
+ }
return this;
}
@@ -128,6 +143,10 @@
if (expires != null) {
expires.toOMElement(createSequenceElement);
}
+
+ if(securityTokenReference != null) {
+ createSequenceElement.addChild(securityTokenReference);
+ }
soapBody.addChild(createSequenceElement);
return soapBody;
@@ -170,4 +189,17 @@
return false;
}
+
+ public OMElement getSecurityTokenReference() {
+ return securityTokenReference;
+ }
+
+ public void setSecurityTokenReference(OMElement theSTR) {
+ this.securityTokenReference = theSTR;
+ }
+
+ public OMElement getOMElement() {
+ return element;
+ }
+
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequenceResponse.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequenceResponse.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequenceResponse.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/CreateSequenceResponse.java Mon Jul 31 06:32:13 2006
@@ -47,6 +47,8 @@
private String rmNamespaceValue = null;
private String addressingNamespaceValue = null;
+
+ private OMElement element;
public CreateSequenceResponse(OMFactory factory, String rmNamespaceValue, String addressingNamespaceValue) throws SandeshaException {
if (!isNamespaceSupported(rmNamespaceValue))
@@ -70,6 +72,7 @@
SandeshaMessageKeys.createSeqResponseCannotBeAddedToNonBody));
SOAPBody SOAPBody = (SOAPBody) bodyElement;
+ element = bodyElement;
OMElement createSeqResponsePart = SOAPBody
.getFirstChildWithName(new QName(rmNamespaceValue,Sandesha2Constants.WSRM_COMMON.CREATE_SEQUENCE_RESPONSE));
@@ -186,5 +189,9 @@
return true;
return false;
+ }
+
+ public OMElement getOMElement() {
+ return element;
}
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/IOMRMPart.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/IOMRMPart.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/IOMRMPart.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/IOMRMPart.java Mon Jul 31 06:32:13 2006
@@ -18,6 +18,7 @@
package org.apache.sandesha2.wsrm;
import org.apache.sandesha2.SandeshaException;
+import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
/**
@@ -27,4 +28,5 @@
public interface IOMRMPart extends IOMRMElement {
public void toSOAPEnvelope (SOAPEnvelope envelope) throws SandeshaException;
+ public OMElement getOMElement();
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/Sequence.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/Sequence.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/Sequence.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/Sequence.java Mon Jul 31 06:32:13 2006
@@ -45,6 +45,7 @@
private SOAPFactory defaultFactory;
private boolean mustUnderstand = true;
private String namespaceValue = null;
+ private OMElement element;
public Sequence(SOAPFactory factory,String namespaceValue) throws SandeshaException {
if (!isNamespaceSupported(namespaceValue))
@@ -74,7 +75,8 @@
throw new OMException(SandeshaMessageHelper.getMessage(
SandeshaMessageKeys.noSequencePartInElement,
headerElement.toString()));
-
+
+ element = sequencePart;
identifier = new Identifier(defaultFactory,namespaceValue);
messageNumber = new MessageNumber(defaultFactory,namespaceValue);
identifier.fromOMElement(sequencePart);
@@ -178,4 +180,7 @@
return false;
}
+ public OMElement getOMElement() {
+ return element;
+ }
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/SequenceAcknowledgement.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/SequenceAcknowledgement.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/SequenceAcknowledgement.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/SequenceAcknowledgement.java Mon Jul 31 06:32:13 2006
@@ -51,6 +51,7 @@
private boolean mustUnderstand = false;
private AckNone ackNone = null;
private AckFinal ackFinal = null;
+ private OMElement ackElement = null;
public SequenceAcknowledgement(SOAPFactory factory,String namespaceValue) throws SandeshaException {
if (!isNamespaceSupported(namespaceValue))
@@ -82,6 +83,8 @@
throw new OMException(SandeshaMessageHelper.getMessage(
SandeshaMessageKeys.seqAckPartIsNull));
+ ackElement = sequenceAckPart;
+
OMFactory factory = element.getOMFactory();
if (factory==null)
factory = defaultFactory;
@@ -296,5 +299,9 @@
public void setAckNone(AckNone ackNone) {
this.ackNone = ackNone;
+ }
+
+ public OMElement getOMElement() {
+ return ackElement;
}
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequence.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequence.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequence.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequence.java Mon Jul 31 06:32:13 2006
@@ -43,6 +43,8 @@
private String namespaceValue = null;
+ private OMElement element;
+
public TerminateSequence(SOAPFactory factory, String namespaceValue) throws SandeshaException {
if (!isNamespaceSupported(namespaceValue))
throw new SandeshaException (SandeshaMessageHelper.getMessage(
@@ -63,6 +65,8 @@
throw new OMException(SandeshaMessageHelper.getMessage(
SandeshaMessageKeys.terminateSeqCannotBeAddedToNonBody));
+ element = body;
+
OMElement terminateSeqPart = body.getFirstChildWithName(new QName(
namespaceValue, Sandesha2Constants.WSRM_COMMON.TERMINATE_SEQUENCE));
@@ -129,5 +133,9 @@
return true;
return false;
+ }
+
+ public OMElement getOMElement() {
+ return element;
}
}
Modified: webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequenceResponse.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequenceResponse.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequenceResponse.java (original)
+++ webservices/sandesha/trunk/java/src/org/apache/sandesha2/wsrm/TerminateSequenceResponse.java Mon Jul 31 06:32:13 2006
@@ -43,6 +43,7 @@
private String namespaceValue = null;
+ private OMElement element;
public TerminateSequenceResponse(SOAPFactory factory, String namespaceValue) throws SandeshaException {
if (!isNamespaceSupported(namespaceValue))
@@ -65,6 +66,8 @@
SandeshaMessageHelper.getMessage(
SandeshaMessageKeys.terminateSeqResponseCannotBeAddedToNonBody));
+ element = body;
+
OMElement terminateSeqResponsePart = body.getFirstChildWithName(new QName(
namespaceValue, Sandesha2Constants.WSRM_COMMON.TERMINATE_SEQUENCE_RESPONSE));
@@ -131,5 +134,8 @@
return false;
}
+ public OMElement getOMElement() {
+ return element;
+ }
}
Modified: webservices/sandesha/trunk/java/test-resources/sandesha2.properties
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test-resources/sandesha2.properties?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/test-resources/sandesha2.properties (original)
+++ webservices/sandesha/trunk/java/test-resources/sandesha2.properties Mon Jul 31 06:32:13 2006
@@ -9,7 +9,10 @@
InactivityTimeout=3
InactivityTimeoutMeasure=hours
+#Security Manager Class
+#----------------------
+SecurityManager=org.apache.sandesha2.security.SecurityManager1
#Storage Manager Class
#----------------------
-InMemoryStorageManager=org.apache.sandesha2.storage.inmemory.InMemoryStorageManager1
\ No newline at end of file
+InMemoryStorageManager=org.apache.sandesha2.storage.inmemory.InMemoryStorageManager1
Modified: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/PropertyLoaderTest.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/PropertyLoaderTest.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/PropertyLoaderTest.java (original)
+++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/PropertyLoaderTest.java Mon Jul 31 06:32:13 2006
@@ -70,4 +70,9 @@
String storageMgr = propertyBean.getInMemoryStorageManagerClass();
assertEquals(storageMgr,"org.apache.sandesha2.storage.inmemory.InMemoryStorageManager1");
}
+
+ public void testSecurityManager() {
+ String secMgr = propertyBean.getSecurityManagerClass();
+ assertEquals(secMgr,"org.apache.sandesha2.security.SecurityManager1");
+ }
}
Modified: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/SandeshaClientTest.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/SandeshaClientTest.java?rev=427116&r1=427115&r2=427116&view=diff
==============================================================================
--- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/SandeshaClientTest.java (original)
+++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/SandeshaClientTest.java Mon Jul 31 06:32:13 2006
@@ -124,6 +124,7 @@
SequenceReport sequenceReport = SandeshaClient.getOutgoingSequenceReport(serviceClient);
assertNotNull(sequenceReport.getSequenceID());
+ assertFalse(sequenceReport.isSecureSequence());
serviceClient.finalizeInvoke();
}
---------------------------------------------------------------------
To unsubscribe, e-mail: sandesha-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: sandesha-dev-help@ws.apache.org