You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ru...@apache.org on 2006/09/07 06:16:56 UTC
svn commit: r440971 - in /webservices/axis2/trunk/java/modules:
integration/test-resources/rahas/policy/ integration/test/org/apache/rahas/
rahas/src/org/apache/rahas/ rahas/src/org/apache/rahas/client/
rahas/src/org/apache/rahas/impl/ security/src/org...
Author: ruchithf
Date: Wed Sep 6 21:16:55 2006
New Revision: 440971
URL: http://svn.apache.org/viewvc?view=rev&rev=440971
Log:
- The STS client should extract the algo suite assertion from the STS's policy and should extract the trust10 assertion from the service's policy. Update the STSclient to handle this by accepting oth policies into requestSecurityToken() method
- Updated the Token* interfaces to use RahasData
- Got rid of the unwanted TokenVerifier
- Added TokenRenewer
- Make sure the all the OMElements held on to from a Token insatance are DOOM elements
- updated SAMLTokenIssuer not to add the RequestedProofToken when the issued token type is a bearer token
- Improved STS client to be able use an externally set Options object.
- Updated the rahas integration tests to use the new STSClient with service and STSpolicies - First Use of new SecPolicy stuff !!! :-)
Added:
webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/
webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-symm-binding.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-transport-binding.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-asymm-binding.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-symm-binding.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-transport-binding.xml
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRenewer.java
Removed:
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenVerifier.java
Modified:
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java
webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenCanceller.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenValidator.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllHandler.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java
Added: webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-symm-binding.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-symm-binding.xml?view=auto&rev=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-symm-binding.xml (added)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-symm-binding.xml Wed Sep 6 21:16:55 2006
@@ -0,0 +1,51 @@
+<wsp:Policy wsu:Id="4" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+<wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <sp:RequestSecurityTokenTemplate>
+ <t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
+ <t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</t:KeyType>
+ <t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ </sp:IssuedToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ <wspe:Utf816FFFECharacterEncoding xmlns:wspe="http://schemas.xmlsoap.org/ws/2004/09/policy/encoding"/>
+ </wsp:All>
+</wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-transport-binding.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-transport-binding.xml?view=auto&rev=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-transport-binding.xml (added)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/service-policy-transport-binding.xml Wed Sep 6 21:16:55 2006
@@ -0,0 +1,53 @@
+<wsp:Policy wsu:Id="5" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+<wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false"/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <sp:RequestSecurityTokenTemplate>
+ <t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
+ <t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</t:KeyType>
+ <t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ </sp:IssuedToken>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:All>
+</wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-asymm-binding.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-asymm-binding.xml?view=auto&rev=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-asymm-binding.xml (added)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-asymm-binding.xml Wed Sep 6 21:16:55 2006
@@ -0,0 +1,46 @@
+<wsp:Policy wsu:Id="1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-symm-binding.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-symm-binding.xml?view=auto&rev=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-symm-binding.xml (added)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-symm-binding.xml Wed Sep 6 21:16:55 2006
@@ -0,0 +1,53 @@
+<wsp:Policy wsu:Id="3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-transport-binding.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-transport-binding.xml?view=auto&rev=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-transport-binding.xml (added)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rahas/policy/sts-policy-transport-binding.xml Wed Sep 6 21:16:55 2006
@@ -0,0 +1,43 @@
+<wsp:Policy wsu:Id="2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false"/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java Wed Sep 6 21:16:55 2006
@@ -16,15 +16,19 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.databinding.types.URI;
import org.apache.axis2.security.sc.PWCallback;
import org.apache.axis2.util.StreamWrapper;
+import org.apache.neethi.Policy;
import org.apache.rahas.types.RequestSecurityTokenType;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.rampart.util.Axis2Util;
+import org.apache.ws.secpolicy.Constants;
import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -104,6 +108,38 @@
public String getRequestAction() throws TrustException {
return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getServicePolicy()
+ */
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-symm-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getSTSPolicy()
+ */
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-asymm-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getRSTTemplate()
+ */
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
+ TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_02;
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java Wed Sep 6 21:16:55 2006
@@ -16,10 +16,14 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.neethi.Policy;
import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
+import org.apache.ws.secpolicy.Constants;
import org.apache.xml.security.encryption.XMLCipher;
import org.opensaml.XML;
@@ -104,6 +108,29 @@
public String getRequestAction() throws TrustException {
return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
+
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-symm-binding.xml");
+ }
+
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-asymm-binding.xml");
+ }
+
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_12, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
+ TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_12, elem, 256);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_12;
+ }
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenTest.java Wed Sep 6 21:16:55 2006
@@ -16,15 +16,19 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.databinding.types.URI;
import org.apache.axis2.security.sc.PWCallback;
import org.apache.axis2.util.StreamWrapper;
+import org.apache.neethi.Policy;
import org.apache.rahas.types.RequestSecurityTokenType;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.rampart.util.Axis2Util;
+import org.apache.ws.secpolicy.Constants;
import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -109,4 +113,37 @@
return TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTON_ISSUE);
}
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getServicePolicy()
+ */
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-symm-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getSTSPolicy()
+ */
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-asymm-binding.xml");
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getRSTTemplate()
+ */
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
+ TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_02;
+ }
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java Wed Sep 6 21:16:55 2006
@@ -16,9 +16,13 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
+import org.apache.ws.secpolicy.Constants;
import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -84,4 +88,34 @@
assertNotNull("Missing SAML Assertoin", elem);
}
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getServicePolicy()
+ */
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-transport-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getSTSPolicy()
+ */
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-transport-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getRSTTemplate()
+ */
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, RahasConstants.KEY_TYPE_BEARER);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_02;
+ }
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java Wed Sep 6 21:16:55 2006
@@ -16,9 +16,13 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
+import org.apache.ws.secpolicy.Constants;
import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -83,5 +87,36 @@
assertNotNull("RequestedSecurityToken missing", rst);
OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getServicePolicy()
+ */
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-transport-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getSTSPolicy()
+ */
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-transport-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getRSTTemplate()
+ */
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_12, elem, RahasConstants.KEY_TYPE_BEARER);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_12;
}
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java Wed Sep 6 21:16:55 2006
@@ -16,9 +16,13 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
+import org.apache.ws.secpolicy.Constants;
import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -80,4 +84,35 @@
assertNotNull("Missing SAML Assertoin", elem);
}
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getServicePolicy()
+ */
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-transport-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getSTSPolicy()
+ */
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-transport-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getRSTTemplate()
+ */
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
+ TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_02;
+ }
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java Wed Sep 6 21:16:55 2006
@@ -16,45 +16,19 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
-import org.apache.axiom.om.OMNamespace;
-import org.apache.axiom.om.impl.builder.StAXOMBuilder;
-import org.apache.axiom.om.impl.dom.DocumentImpl;
-import org.apache.axiom.om.impl.dom.factory.OMDOMFactory;
-import org.apache.axiom.om.impl.dom.jaxp.DocumentBuilderFactoryImpl;
-import org.apache.axiom.soap.SOAPEnvelope;
-import org.apache.axiom.soap.SOAPFactory;
-import org.apache.axiom.soap.impl.dom.soap11.SOAP11Factory;
-import org.apache.axis2.Constants;
-import org.apache.axis2.addressing.EndpointReference;
-import org.apache.axis2.client.OperationClient;
-import org.apache.axis2.client.ServiceClient;
-import org.apache.axis2.context.ConfigurationContextFactory;
-import org.apache.axis2.context.MessageContext;
-import org.apache.axis2.description.AxisOperation;
-import org.apache.axis2.description.AxisService;
-import org.apache.axis2.description.OutInAxisOperation;
+import org.apache.axiom.om.OMFactory;
import org.apache.axis2.util.Base64;
-import org.apache.axis2.wsdl.WSDLConstants;
+import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
+import org.apache.ws.secpolicy.Constants;
import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSEncryptionPart;
-import org.apache.ws.security.conversation.dkalgo.P_SHA1;
-import org.apache.ws.security.message.WSSecDKSign;
-import org.apache.ws.security.message.WSSecHeader;
-import org.apache.ws.security.message.WSSecTimestamp;
-import org.apache.ws.security.message.token.SecurityTokenReference;
import org.apache.ws.security.util.WSSecurityUtil;
-import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.XML;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
import javax.xml.namespace.QName;
-import javax.xml.parsers.DocumentBuilderFactory;
-
-import java.util.Vector;
public class RahasSAMLTokenUTForHoKV1205Test extends TestClient {
@@ -153,6 +127,33 @@
+ }
+
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-transport-binding.xml");
+ }
+
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-transport-binding.xml");
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getRSTTemplate()
+ */
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_12, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
+ TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_12, elem, 256);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_12;
}
// private void requestService(OMElement assertion, byte[] reqEnt, byte[] respEnt) throws Exception {
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/RahasSAMLTokenV1205Test.java Wed Sep 6 21:16:55 2006
@@ -16,10 +16,14 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.neethi.Policy;
import org.apache.rahas.PWCallback;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
+import org.apache.ws.secpolicy.Constants;
import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -89,6 +93,38 @@
public String getRequestAction() throws TrustException {
return TrustUtil.getActionValue(RahasConstants.VERSION_05_12, RahasConstants.RST_ACTON_ISSUE);
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getServicePolicy()
+ */
+ public Policy getServicePolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/service-policy-symm-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getSTSPolicy()
+ */
+ public Policy getSTSPolicy() throws Exception {
+ return this.getPolicy("test-resources/rahas/policy/sts-policy-asymm-binding.xml");
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.rahas.TestClient#getRSTTemplate()
+ */
+ public OMElement getRSTTemplate() throws TrustException {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMElement elem = factory.createOMElement(Constants.RST_TEMPLATE.getLocalPart(), factory.createOMNamespace(Constants.RST_TEMPLATE.getNamespaceURI(),"wsp"));
+
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_12, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
+ TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_12, elem, 256);
+
+ return elem;
+ }
+
+ public int getTrstVersion() {
+ return RahasConstants.VERSION_05_12;
}
}
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java Wed Sep 6 21:16:55 2006
@@ -16,6 +16,7 @@
package org.apache.rahas;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.Constants;
import org.apache.axis2.addressing.AddressingConstants;
import org.apache.axis2.addressing.EndpointReference;
@@ -24,6 +25,9 @@
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.integration.UtilServer;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.rahas.client.STSClient;
import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
@@ -129,4 +133,65 @@
public abstract String getRequestAction() throws TrustException;
public abstract void validateRsponse(OMElement resp);
+
+
+
+ /**
+ * This test will use WS-SecPolicy
+ */
+ public void testWithStsClient() {
+
+ STSClient client = new STSClient();
+
+ // Get the repository location from the args
+ String repo = Constants.TESTING_PATH + "rahas_client_repo";
+
+ try {
+ ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repo,
+ null);
+
+ Options options = new Options();
+ OutflowConfiguration clientOutflowConfiguration = getClientOutflowConfiguration();
+ if(clientOutflowConfiguration != null) {
+ options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY, clientOutflowConfiguration.getProperty());
+ }
+ InflowConfiguration clientInflowConfiguration = getClientInflowConfiguration();
+ if(clientInflowConfiguration != null) {
+ options.setProperty(WSSHandlerConstants.INFLOW_SECURITY, clientInflowConfiguration.getProperty());
+ }
+
+ client.setAction(this.getRequestAction());
+ client.setOptions(options);
+
+ Token tok = client.requestSecurityToken(configContext,
+ this.getTrstVersion(), this.getServicePolicy(),
+ "http://127.0.0.1:" + port+ "/axis2/services/SecureService",
+ this.getSTSPolicy(),
+ this.getRSTTemplate(),
+ TrustUtil.getWSTNamespace(this.getTrstVersion())+ RahasConstants.REQ_TYPE_ISSUE,
+ "http://localhost:5555/axis2/services/SecureService");
+
+ assertNotNull("Response token missing", tok);
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+ }
+
+ }
+
+ public abstract int getTrstVersion() ;
+
+ public abstract Policy getServicePolicy() throws Exception;
+
+ public abstract Policy getSTSPolicy() throws Exception;
+
+ public abstract OMElement getRSTTemplate() throws TrustException;
+
+ protected Policy getPolicy(String filePath) throws Exception {
+ StAXOMBuilder builder = new StAXOMBuilder(filePath);
+ OMElement elem = builder.getDocumentElement();
+ return PolicyEngine.getPolicy(elem);
+ }
+
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java Wed Sep 6 21:16:55 2006
@@ -16,7 +16,6 @@
package org.apache.rahas;
-import org.apache.axis2.addressing.AddressingConstants;
public class RahasConstants {
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/Token.java Wed Sep 6 21:16:55 2006
@@ -18,18 +18,16 @@
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMException;
-import org.apache.axiom.om.impl.dom.factory.OMDOMFactory;
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axiom.om.impl.dom.DOOMAbstractFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.util.XmlSchemaDateFormat;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
import javax.xml.namespace.QName;
import java.text.DateFormat;
import java.text.ParseException;
import java.util.Date;
-import java.util.HashMap;
import java.util.Properties;
/**
@@ -49,8 +47,6 @@
*/
public class Token {
- private static Document dummyDoc = new OMDOMFactory().getDocument();
-
public final static int ISSUED = 1;
public final static int EXPIRED = 2;
public final static int CANCELLED = 3;
@@ -132,14 +128,16 @@
public Token(String id, OMElement tokenElem, Date created, Date expires) throws TrustException {
this.id = id;
- this.token = (OMElement)dummyDoc.importNode((Element)tokenElem, true);
+ this.token = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
+ tokenElem.getXMLStreamReader()).getDocumentElement();
this.created = created;
this.expires = expires;
}
public Token(String id, OMElement tokenElem, OMElement lifetimeElem) throws TrustException {
this.id = id;
- this.token = (OMElement)dummyDoc.importNode((Element)tokenElem, true);
+ this.token = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
+ tokenElem.getXMLStreamReader()).getDocumentElement();
this.processLifeTime(lifetimeElem);
}
@@ -236,7 +234,8 @@
* @param presivousToken The presivousToken to set.
*/
public void setPreviousToken(OMElement presivousToken) {
- this.previousToken = presivousToken;
+ this.previousToken = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
+ presivousToken.getXMLStreamReader()).getDocumentElement();
}
/**
@@ -265,8 +264,9 @@
*/
public void setAttachedReference(OMElement attachedReference) {
if(attachedReference != null) {
- this.attachedReference = (OMElement) dummyDoc.importNode(
- (Element) attachedReference, true);
+ this.attachedReference = new StAXOMBuilder(DOOMAbstractFactory
+ .getOMFactory(), attachedReference.getXMLStreamReader())
+ .getDocumentElement();
}
}
@@ -282,8 +282,9 @@
*/
public void setUnattachedReference(OMElement unattachedReference) {
if(unattachedReference != null) {
- this.unattachedReference = (OMElement) dummyDoc.importNode(
- (Element) unattachedReference, true);
+ this.unattachedReference = new StAXOMBuilder(DOOMAbstractFactory
+ .getOMFactory(), unattachedReference.getXMLStreamReader())
+ .getDocumentElement();
}
}
@@ -307,7 +308,4 @@
public void setExpires(Date expires) {
this.expires = expires;
}
-
-
-
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenCanceller.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenCanceller.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenCanceller.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenCanceller.java Wed Sep 6 21:16:55 2006
@@ -16,13 +16,18 @@
package org.apache.rahas;
-import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
-import org.apache.axis2.context.MessageContext;
public interface TokenCanceller {
- public SOAPEnvelope cancel(OMElement request, MessageContext msgCtx) throws TrustException;
+ /**
+ * Cancel the token specified in the request.
+ * @param data
+ * A populated <code>RahasData</code> instance
+ * @return
+ * @throws TrustException
+ */
+ public SOAPEnvelope cancel(RahasData data) throws TrustException;
/**
* Set the configuration file of this TokenCanceller.
@@ -42,5 +47,17 @@
* @param configElement <code>OMElement</code> representing the configuation
*/
public void setConfigurationElement(String configElement);
+
+ /**
+ * Set the name of the configuration parameter.
+ *
+ * If this is used then there must be a
+ * <code>org.apache.axis2.description.Parameter</code> object available in
+ * the via the messageContext when the <code>TokenIssuer</code> is called.
+ *
+ * @see org.apache.axis2.description.Parameter
+ * @param configParamName
+ */
+ public void setConfigurationParamName(String configParamName);
}
Added: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRenewer.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRenewer.java?view=auto&rev=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRenewer.java (added)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRenewer.java Wed Sep 6 21:16:55 2006
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rahas;
+
+import org.apache.axiom.soap.SOAPEnvelope;
+
+public interface TokenRenewer {
+
+ /**
+ * Renew the token specified in the given request.
+ *
+ * @param data
+ * A populated <code>RahasData</code> instance
+ * @return
+ * @throws TrustException
+ */
+ public SOAPEnvelope renew(RahasData data) throws TrustException;
+
+ /**
+ * Set the configuration file of this TokenRenewer.
+ *
+ * This is the text value of the <configuration-file> element of the
+ * token-dispatcher-configuration
+ *
+ * @param configFile
+ */
+ public void setConfigurationFile(String configFile);
+
+ /**
+ * Set the configuration element of this TokenRenewer.
+ *
+ * This is the <configuration> element of the
+ * token-dispatcher-configuration
+ *
+ * @param configElement
+ * <code>OMElement</code> representing the configuation
+ */
+ public void setConfigurationElement(String configElement);
+
+ /**
+ * Set the name of the configuration parameter.
+ *
+ * If this is used then there must be a
+ * <code>org.apache.axis2.description.Parameter</code> object available in
+ * the via the messageContext when the <code>TokenIssuer</code> is called.
+ *
+ * @see org.apache.axis2.description.Parameter
+ * @param configParamName
+ */
+ public void setConfigurationParamName(String configParamName);
+}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenValidator.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenValidator.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenValidator.java Wed Sep 6 21:16:55 2006
@@ -16,31 +16,50 @@
package org.apache.rahas;
-import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
-import org.apache.axis2.context.MessageContext;
public interface TokenValidator {
- public SOAPEnvelope validate(OMElement request, MessageContext msgCtx) throws TrustException;
-
-
+ /**
+ * Validate the token specified in the given request.
+ *
+ * @param data
+ * A populated <code>RahasData</code> instance
+ * @return
+ * @throws TrustException
+ */
+ public SOAPEnvelope validate(RahasData data) throws TrustException;
+
/**
* Set the configuration file of this TokenValidator.
*
- * This is the text value of the <configuration-file> element of the
+ * This is the text value of the <configuration-file> element of the
* token-dispatcher-configuration
+ *
* @param configFile
*/
public void setConfigurationFile(String configFile);
-
+
/**
* Set the configuration element of this TokenValidator.
*
- * This is the <configuration> element of the
+ * This is the <configuration> element of the
* token-dispatcher-configuration
*
- * @param configElement <code>OMElement</code> representing the configuation
+ * @param configElement
+ * <code>OMElement</code> representing the configuation
*/
public void setConfigurationElement(String configElement);
+
+ /**
+ * Set the name of the configuration parameter.
+ *
+ * If this is used then there must be a
+ * <code>org.apache.axis2.description.Parameter</code> object available in
+ * the via the messageContext when the <code>TokenIssuer</code> is called.
+ *
+ * @see org.apache.axis2.description.Parameter
+ * @param configParamName
+ */
+ public void setConfigurationParamName(String configParamName);
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java Wed Sep 6 21:16:55 2006
@@ -23,6 +23,8 @@
import org.apache.axiom.om.util.Base64;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.AddressingConstants;
+import org.apache.axis2.addressing.EndpointReference;
+import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.description.AxisService;
@@ -53,12 +55,18 @@
import java.io.IOException;
import java.util.Iterator;
+import java.util.List;
import java.util.Vector;
public class STSClient {
+ private String action;
+
+ private Options options;
+
private Trust10 trust10;
+// /get the algo suite from the issuer's policy ... not service policy
private AlgorithmSuite algorithmSuite;
private byte[] requestorEntropy;
@@ -76,28 +84,37 @@
private Crypto crypto;
private CallbackHandler cbHandler;
-
+
public Token requestSecurityToken(ConfigurationContext configCtx,
- int version, Policy policy, String issuerAddress,
- OMElement rstTemplate, String requestType, String appliesTo)
- throws TrustException {
+ int version, Policy servicePolicy, String issuerAddress,
+ Policy IssuerPolicy, OMElement rstTemplate, String requestType,
+ String appliesTo) throws TrustException {
try {
AxisService axisService = new AxisService("SecurityTokenService");
QName rstQn = new QName("requestSecurityToken");
OutInAxisOperation operation = new OutInAxisOperation(rstQn);
axisService.addOperation(operation);
ServiceClient client = new ServiceClient(configCtx, axisService);
+
+ if(this.options != null) {
+ client.setOptions(options);
+ }
+ //Set the action
+ client.getOptions().setAction(action);
+ client.getOptions().setTo(new EndpointReference(issuerAddress));
+ client.engageModule(new QName("rampart"));
//TODO Set policy in the options to be picked up by the modules
//such as rampart
- //Process the STS policy
- this.processPolicy(policy);
+ //Process the STS and service policy policy
+ this.processPolicy(IssuerPolicy, servicePolicy);
- OMElement result = client.sendReceive(this.createRequest(version, rstTemplate, requestType, appliesTo));
+ OMElement result = client.sendReceive(rstQn, this.createRequest(version, rstTemplate, requestType, appliesTo));
return this.processResult(version, result);
} catch (AxisFault e) {
+ e.printStackTrace();
throw new TrustException("errorInObtainingToken", new String[]{issuerAddress});
}
}
@@ -180,8 +197,9 @@
//Get service entropy
OMElement serviceEntrElem = rstr.getFirstChildWithName(new QName(ns, RahasConstants.ENTROPY_LN));
- if(serviceEntrElem != null && serviceEntrElem.getText() != null && !"".equals(serviceEntrElem.getText().trim())) {
- byte[] serviceEntr = Base64.decode(serviceEntrElem.getText());
+ OMElement binSecElem = serviceEntrElem.getFirstElement();
+ if(binSecElem != null && binSecElem.getText() != null && !"".equals(binSecElem.getText().trim())) {
+ byte[] serviceEntr = Base64.decode(binSecElem.getText());
//Right now we only use PSHA1 as the computed key algo
P_SHA1 p_sha1 = new P_SHA1();
@@ -258,15 +276,27 @@
/**
* Process the goven service policy and extract the info required to create
* the RST.
- * @param policy
+ * @param servicePolicy
*/
- private void processPolicy(Policy policy) {
+ private void processPolicy(Policy issuerPolicy, Policy servicePolicy) {
//Get the policy assertions
//Assumption: there's only one alternative
- Iterator assertions = (Iterator)policy.getAlternatives().next();
- while (assertions.hasNext()) {
- Assertion tempAssertion = (Assertion) assertions.next();
+ List issuerAssertions = (List)issuerPolicy.getAlternatives().next();
+
+ for (Iterator iter = issuerAssertions.iterator(); iter.hasNext();) {
+ Assertion tempAssertion = (Assertion) iter.next();
+ //find the AlgorithmSuite assertion
+ if(tempAssertion instanceof Binding) {
+ this.algorithmSuite = ((Binding) tempAssertion)
+ .getAlgorithmSuite();
+ }
+ }
+
+ List assertions = (List)servicePolicy.getAlternatives().next();
+
+ for (Iterator iter = assertions.iterator(); iter.hasNext();) {
+ Assertion tempAssertion = (Assertion) iter.next();
//find the Trust10 assertion
if(tempAssertion instanceof Trust10) {
this.trust10 = (Trust10) tempAssertion;
@@ -289,7 +319,7 @@
OMElement rst = TrustUtil.createRequestSecurityTokenElement(version);
TrustUtil.createRequestTypeElement(version, rst, requestType);
- TrustUtil.createAppliesToElement(rst, requestType, this.addressingNs);
+ TrustUtil.createAppliesToElement(rst, appliesTo, this.addressingNs);
TrustUtil.createLifetimeElement(version, rst, this.ttl * 1000);
//Copy over the elements from the template
@@ -400,4 +430,19 @@
}
}
+
+ /**
+ * @param action The action to set.
+ */
+ public void setAction(String action) {
+ this.action = action;
+ }
+
+ /**
+ * @param options The options to set.
+ */
+ public void setOptions(Options options) {
+ this.options = options;
+ }
+
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SAMLTokenIssuer.java Wed Sep 6 21:16:55 2006
@@ -220,12 +220,13 @@
throw new TrustException("samlConverstionError", e);
}
- //Add the RequestedProofToken
- OMElement reqProofTokElem = TrustUtil.createRequestedProofTokenElement(
- version, rstrElem);
if(keyType.endsWith(RahasConstants.KEY_TYPE_SYMM_KEY)) {
-
+
+ //Add the RequestedProofToken
+ OMElement reqProofTokElem = TrustUtil.createRequestedProofTokenElement(
+ version, rstrElem);
+
if (config.keyComputation == SAMLTokenIssuerConfig.KEY_COMP_PROVIDE_ENT
&& data.getRequestEntropy() != null) {
//If we there's requestor entropy and its configured to provide
@@ -236,7 +237,8 @@
version, rstrElem);
TrustUtil.createBinarySecretElement(version, respEntrElem,
- RahasConstants.BIN_SEC_TYPE_NONCE);
+ RahasConstants.BIN_SEC_TYPE_NONCE).setText(
+ Base64.encode(data.getResponseEntropy()));
OMElement compKeyElem = TrustUtil.createComputedKeyElement(
version, reqProofTokElem);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllHandler.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllHandler.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllHandler.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllHandler.java Wed Sep 6 21:16:55 2006
@@ -199,7 +199,6 @@
*/
public java.lang.ClassLoader getClassLoader(Object msgCtx) {
try {
-
return ((MessageContext) msgCtx).getAxisService().getClassLoader();
} catch (Throwable t) {
return super.getClassLoader(msgCtx);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java?view=diff&rev=440971&r1=440970&r2=440971
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java Wed Sep 6 21:16:55 2006
@@ -265,12 +265,6 @@
doSenderAction(doAction, doc, reqData, actions, !msgContext.isServerSide());
/*
- * If required convert the resulting document into a message first.
- * The outputDOM() method performs the necessary c14n call. After
- * that we extract it as a string for further processing.
- *
- * Set the resulting byte array as the new SOAP message.
- *
* If noSerialization is false, this handler shall be the last (or
* only) one in a handler chain. If noSerialization is true, just
* set the processed Document in the transfer property. The next
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org