You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ru...@apache.org on 2005/09/06 16:31:11 UTC
svn commit: r279007 - in /webservices/axis2/trunk/java/modules:
core/src/org/apache/axis2/transport/http/ integration/
integration/test-resources/security/
integration/test/org/apache/axis2/security/ security/
security/interop/org/apache/axis2/security...
Author: ruchithf
Date: Tue Sep 6 07:26:35 2005
New Revision: 279007
URL: http://svn.apache.org/viewcvs?rev=279007&view=rev
Log:
Adding support to preserve the orginal OM-SOAPEnvelope and insert the security header into it and adding support to MTOM-optimize elements specified by an XPath expression
Added:
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java
Modified:
webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/transport/http/HTTPTransportUtils.java
webservices/axis2/trunk/java/modules/integration/maven.xml
webservices/axis2/trunk/java/modules/integration/project.xml
webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml
webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/InteropTestBase.java
webservices/axis2/trunk/java/modules/security/interop/org/apache/axis2/security/InteropScenarioClient.java
webservices/axis2/trunk/java/modules/security/project.xml
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/Axis2Util.java
Modified: webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/transport/http/HTTPTransportUtils.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/transport/http/HTTPTransportUtils.java?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/transport/http/HTTPTransportUtils.java (original)
+++ webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/transport/http/HTTPTransportUtils.java Tue Sep 6 07:26:35 2005
@@ -427,6 +427,11 @@
Constants.VALUE_TRUE.equals(
msgContext.getParameter(
Constants.Configuration.ENABLE_MTOM).getValue());
+ } else if(msgContext.getProperty(Constants.Configuration.ENABLE_MTOM) != null) {
+ enableMTOM =
+ Constants.VALUE_TRUE.equals(
+ msgContext.getProperty(
+ Constants.Configuration.ENABLE_MTOM));
}
boolean envelopeContainsOptimise =
HTTPTransportUtils.checkEnvelopeForOptimise(
Modified: webservices/axis2/trunk/java/modules/integration/maven.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/maven.xml?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/maven.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/maven.xml Tue Sep 6 07:26:35 2005
@@ -260,7 +260,7 @@
<copy file="../security/target/PingPort.aar"
tofile="target/test-resources/scenario7_service_repo/services/PingPort.aar"/>
- <!-- Copying the DOM3 stuff to teh endorsed dir -->
+ <!-- Copying the DOM3 stuff to the endorsed dir -->
<mkdir dir="target/test-resources/endorsed"/>
<copy file="${maven.repo.local}/xerces/jars/xercesImpl-2.6.2.jar" todir="target/test-resources/endorsed"/>
<copy file="${maven.repo.local}/xerces/jars/xmlParserAPIs-2.6.2.jar" todir="target/test-resources/endorsed"/>
@@ -288,6 +288,29 @@
tofile="target/test-resources/scenarioST1_service_repo/modules/security.mar"/>
<copy file="../security/target/PingPort.aar"
tofile="target/test-resources/scenarioST1_service_repo/services/PingPort.aar"/>
+
+
+ <!-- MTOM Optimized Security Test -->
+ <mkdir dir="target/test-resources/mtom_sec_client_repo"/>
+ <mkdir dir="target/test-resources/mtom_sec_client_repo/modules"/>
+
+ <mkdir dir="target/test-resources/mtom_sec_service_repo"/>
+ <mkdir dir="target/test-resources/mtom_sec_service_repo/services"/>
+ <mkdir dir="target/test-resources/mtom_sec_service_repo/modules"/>
+
+ <!-- MTOM Optimized Security Test client repository-->
+ <copy file="test-resources/security/secMtom.client.axis2.xml"
+ tofile="target/test-resources/mtom_sec_client_repo/axis2.xml"/>
+ <copy file="../security/target/security.mar"
+ tofile="target/test-resources/mtom_sec_client_repo/modules/security.mar"/>
+
+ <!-- MTOM Optimized Security Test service repository-->
+ <copy file="test-resources/security/secMtom.service.axis2.xml"
+ tofile="target/test-resources/mtom_sec_service_repo/axis2.xml"/>
+ <copy file="../security/target/security.mar"
+ tofile="target/test-resources/mtom_sec_service_repo/modules/security.mar"/>
+ <copy file="../security/target/PingPort.aar"
+ tofile="target/test-resources/mtom_sec_service_repo/services/PingPort.aar"/>
<!-- Standard repository -->
<mkdir dir="target/Repository"/>
Modified: webservices/axis2/trunk/java/modules/integration/project.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/project.xml?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/project.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/project.xml Tue Sep 6 07:26:35 2005
@@ -233,7 +233,16 @@
<properties>
<module>true</module>
</properties>
- </dependency>
+ </dependency>
+ <dependency>
+ <groupId>jaxen</groupId>
+ <artifactId>jaxen</artifactId>
+ <version>1.1-beta-7</version>
+ <properties>
+ <module>true</module>
+ </properties>
+ </dependency>
+
</dependencies>
<!-- build information for the project -->
@@ -300,7 +309,7 @@
<includes>
<include>**/*.bin</include>
</includes>
- </resource>
+ </resource>
</resources>
</build>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/security/s3.client.axis2.xml Tue Sep 6 07:26:35 2005
@@ -24,6 +24,9 @@
<parameter name="InAction" locked="false">Signature Encrypt Timestamp</parameter>
<parameter name="InPasswordCallbackClass" locked="false">org.apache.axis2.security.PWCallback</parameter>
<parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
+
+ <parameter name="InSignaturePropFile" locked="false">interop.properties</parameter>
+
<!-- Scenario 3: Client's Configuration:END-->
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/InteropTestBase.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/InteropTestBase.java?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/InteropTestBase.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/InteropTestBase.java Tue Sep 6 07:26:35 2005
@@ -70,6 +70,10 @@
protected static final String SCENARIO_ST4_CLIENT_REPOSITORY = "scenarioST4_client_repo";
+ protected static final String MTOM_SEC_SERVICE_REPOSITORY = "mtom_sec_service_repo";
+
+ protected static final String MTOM_SEC_CLIENT_REPOSITORY = "mtom_sec_client_repo";
+
/*
* We have to create different a client repository and a service repository
* for each scenarion since we dont have the support to get the parameter
Modified: webservices/axis2/trunk/java/modules/security/interop/org/apache/axis2/security/InteropScenarioClient.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/interop/org/apache/axis2/security/InteropScenarioClient.java?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/interop/org/apache/axis2/security/InteropScenarioClient.java (original)
+++ webservices/axis2/trunk/java/modules/security/interop/org/apache/axis2/security/InteropScenarioClient.java Tue Sep 6 07:26:35 2005
@@ -16,6 +16,7 @@
package org.apache.axis2.security;
+import org.apache.axis2.Constants;
import org.apache.axis2.oasis.ping.PingPortStub;
import org.xmlsoap.ping.Ping;
import org.xmlsoap.ping.PingDocument;
@@ -46,6 +47,9 @@
pingDoc.setPing(ping);
PingPortStub stub = new PingPortStub(clientRepo,url);
+
+ stub._put(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
+
PingResponseDocument pingResDoc = stub.Ping(pingDoc);
PingResponse pingRes = pingResDoc.getPingResponse();
Modified: webservices/axis2/trunk/java/modules/security/project.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/project.xml?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/project.xml (original)
+++ webservices/axis2/trunk/java/modules/security/project.xml Tue Sep 6 07:26:35 2005
@@ -169,6 +169,14 @@
<module>true</module>
</properties>
</dependency>
+ <dependency>
+ <groupId>jaxen</groupId>
+ <artifactId>jaxen</artifactId>
+ <version>1.1-beta-7</version>
+ <properties>
+ <module>true</module>
+ </properties>
+ </dependency>
</dependencies>
<reports/>
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java Tue Sep 6 07:26:35 2005
@@ -26,6 +26,7 @@
import org.apache.axis2.security.handler.WSDoAllHandler;
import org.apache.axis2.security.handler.WSSHandlerConstants;
import org.apache.axis2.security.util.Axis2Util;
+import org.apache.axis2.security.util.MessageOptimizer;
import org.apache.axis2.soap.SOAPEnvelope;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -41,6 +42,15 @@
protected static Log log = LogFactory.getLog(WSDoAllSender.class.getName());
+ /**
+ * Right now we convert the processed DOM - SOAP Envelope into
+ * and OM-SOAPEnvelope
+ * But in the simple case where only the wsse:Security header is inserted into the document
+ * we can insert only the wsse:Security header into the OM-SOAPEnvelope and preserve the
+ * metadata of OM such as base64 MTOM optimization
+ */
+ private boolean preserveOriginalEnvelope = true;
+
public WSDoAllSender() {
super();
inHandler = false;
@@ -209,6 +219,7 @@
case WSConstants.ENCR:
performENCRAction(mu, actionToDo, doc, reqData);
+ this.preserveOriginalEnvelope = false;
break;
case WSConstants.SIGN:
@@ -255,15 +266,34 @@
((MessageContext)reqData.getMsgContext()).setProperty(WSHandlerConstants.SND_SECURITY,
doc);
} else {
- SOAPEnvelope processedEnv = Axis2Util.getSOAPEnvelopeFromDocument(doc, reqData.getSoapConstants().getEnvelopeURI());
+ SOAPEnvelope processedEnv = null;
+ if(preserveOriginalEnvelope) {
+ processedEnv = Axis2Util.getSOAPEnvelopeFromDocument(doc,reqData.getSoapConstants(), msgContext.getEnvelope());
+ } else {
+ processedEnv = Axis2Util.getSOAPEnvelopeFromDocument(doc, reqData.getSoapConstants().getEnvelopeURI());
+ }
msgContext.setEnvelope(processedEnv);
((MessageContext)reqData.getMsgContext()).setProperty(WSHandlerConstants.SND_SECURITY, null);
}
- if (doDebug) {
- log.debug("WSDoAllSender: exit invoke()");
+ msgContext.getEnvelope().build();
+
+
+ /**
+ * If the optimizeParts parts are set then optimize them
+ */
+ String optimizeParts;
+
+ if((optimizeParts = (String) getOption(WSSHandlerConstants.Out.OPTIMIZE_PARTS)) == null) {
+ optimizeParts = (String)
+ getProperty(reqData.getMsgContext(), WSSHandlerConstants.Out.OPTIMIZE_PARTS);
+ }
+ if(optimizeParts != null) {
+ // Optimize the Envelope
+ MessageOptimizer.optimize(msgContext.getEnvelope(),optimizeParts);
}
+
//Enable handler repetition
String repeat;
int repeatCount;
@@ -290,9 +320,19 @@
//of the same handler
repetition++;
msgContext.setProperty(WSSHandlerConstants.Out.REPETITON,new Integer(repetition));
+
+ /**
+ * eserving the OM stuff doesn't work for the repeting case
+ */
+ this.preserveOriginalEnvelope = false;
+
this.invoke(msgContext);
}
}
+
+ if (doDebug) {
+ log.debug("WSDoAllSender: exit invoke()");
+ }
} catch (WSSecurityException e) {
e.printStackTrace();
throw new AxisFault(e.getMessage(), e);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java Tue Sep 6 07:26:35 2005
@@ -37,6 +37,8 @@
//Repetition count
public static final String SENDER_REPEAT_COUNT = "senderRepeteCount";
public static final String REPETITON = "repetition";
+
+ public static final String OPTIMIZE_PARTS = "optimizeParts";
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/Axis2Util.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/Axis2Util.java?rev=279007&r1=279006&r2=279007&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/Axis2Util.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/Axis2Util.java Tue Sep 6 07:26:35 2005
@@ -23,12 +23,19 @@
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLStreamReader;
+import org.apache.axis2.om.OMElement;
import org.apache.axis2.om.impl.OMOutputImpl;
+import org.apache.axis2.om.impl.llom.builder.StAXOMBuilder;
import org.apache.axis2.soap.SOAPEnvelope;
import org.apache.axis2.soap.impl.llom.builder.StAXSOAPModelBuilder;
+import org.apache.ws.security.SOAPConstants;
+import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.xml.security.utils.XMLUtils;
+import org.apache.xml.serialize.XMLSerializer;
import org.w3c.dom.Document;
+import org.w3c.dom.Element;
/**
* Utility class for the Axis2-WSS4J Module
@@ -99,5 +106,62 @@
}
}
+
+ /**
+ * This is to be used only in the signature situation
+ * where the security header can be inserted into the original SOAPEnvelope
+ * rather than replacing the whole envelope
+ * @param doc
+ * @param envelopeNS
+ * @param reqEnv
+ * @return
+ * @throws WSSecurityException
+ */
+ public static SOAPEnvelope getSOAPEnvelopeFromDocument(Document doc,
+ SOAPConstants constants, SOAPEnvelope reqEnv) throws WSSecurityException {
+
+ //Get holdof the security header
+ Element secElem = WSSecurityUtil.getSecurityHeader(WSSConfig.getDefaultWSConfig(), doc,null, constants);
+
+ //insert the header into the OM-SOAPEnvelope
+
+ OMElement secOmElem = convertToOMelement(secElem, constants);
+
+ reqEnv.getHeader().addChild(secOmElem);
+
+ return reqEnv;
+
+ }
+
+
+ private static OMElement convertToOMelement(Element elem, SOAPConstants constants) throws WSSecurityException {
+
+ try {
+ XMLSerializer xmlSer = new XMLSerializer();
+
+ /*
+ *When we extract the wsse:Security header by serializing it
+ *The namespaces declared globally will not be copied into the
+ *serialized element. Therefore we have to add the missing namespaces
+ *in to the element before DOm serialization
+ */
+ elem.setAttribute("xmlns:soapenv",constants.getEnvelopeURI());
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ xmlSer.setOutputByteStream(baos);
+
+ xmlSer.serialize(elem);
+
+ ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
+ XMLStreamReader reader = XMLInputFactory.newInstance().createXMLStreamReader(bais);
+ StAXOMBuilder builder = new StAXOMBuilder(reader);
+ builder.setCache(true);
+
+ return builder.getDocumentElement();
+
+ } catch (Exception e) {
+ throw new WSSecurityException(e.getMessage(),e);
+ }
-}
\ No newline at end of file
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java?rev=279007&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java Tue Sep 6 07:26:35 2005
@@ -0,0 +1,109 @@
+
+package org.apache.axis2.security.util;
+
+import java.util.Iterator;
+import java.util.List;
+import java.util.Vector;
+
+import org.apache.axis2.om.OMElement;
+import org.apache.axis2.om.OMNode;
+import org.apache.axis2.om.OMText;
+import org.apache.axis2.om.xpath.AXIOMXPath;
+import org.apache.axis2.soap.SOAPEnvelope;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityException;
+import org.jaxen.JaxenException;
+import org.jaxen.SimpleNamespaceContext;
+import org.jaxen.XPath;
+
+public class MessageOptimizer {
+
+ /**
+ *
+ * @param env
+ * @param optimizeParts This is a set of xPath expressions
+ * (NOTE: Right now we support only one expression)
+ * @throws WSSecurityException
+ */
+ public static void optimize(SOAPEnvelope env, String optimizeParts) throws WSSecurityException {
+
+ //Find binary content
+ List list = findElements(env,optimizeParts);
+
+ Iterator cipherValueElements = list.iterator();
+
+ while (cipherValueElements.hasNext()) {
+ OMElement element = (OMElement) cipherValueElements.next();
+ OMText text = (OMText)element.getFirstChild();
+ text.setOptimize(true);
+ }
+ }
+
+
+ private static List findElements(OMElement elem, String expression) throws WSSecurityException {
+ try {
+ XPath xp = new AXIOMXPath(expression);
+
+ //Set namespaces
+ SimpleNamespaceContext encNsCtx = new SimpleNamespaceContext();
+ encNsCtx.addNamespace(WSConstants.ENC_PREFIX,WSConstants.ENC_NS);
+
+// SimpleNamespaceContext sigNsCtx = new SimpleNamespaceContext();
+// encNsCtx.addNamespace(WSConstants.SIG_PREFIX,WSConstants.SIG_NS);
+//
+// SimpleNamespaceContext wsseNsCtx = new SimpleNamespaceContext();
+// encNsCtx.addNamespace(WSConstants.WSSE_PREFIX,WSConstants.WSSE_NS);
+
+ xp.setNamespaceContext(encNsCtx);
+// xp.setNamespaceContext(sigNsCtx);
+// xp.setNamespaceContext(wsseNsCtx);
+
+ return xp.selectNodes(elem);
+
+ } catch (JaxenException e) {
+ throw new WSSecurityException(e.getMessage(), e);
+ }
+
+ }
+
+
+ /**
+ * Returns all the child elements under the given parent
+ * It is assumend that the children of the given of elements
+ * will not be of the same
+ * @param env
+ * @param ln
+ * @param ns
+ * @return
+ */
+ public void findElements(OMNode elem, String ln, String ns, Vector elements ) {
+
+ if(elem == null || ln == null || ns == null) {
+ return;
+ }
+
+ OMNode startNode = elem;
+ if (startNode.getType() == OMNode.ELEMENT_NODE
+ && ((OMElement) startNode).getLocalName().equals(ln)
+ && ns.equals(((OMElement) startNode).getNamespace().getName())) {
+
+ // An element found
+ elements.add(startNode);
+
+ // move to the next sibling
+ OMNode node = startNode.getNextSibling();
+
+ if (startNode != null) {
+ findElements(node, ln, ns, elements);
+ }
+ } else {
+ if(startNode.getType() == OMNode.ELEMENT_NODE) {
+ OMNode node = ((OMElement)startNode).getFirstChild();
+ findElements(node, ln, ns, elements);
+ }
+ }
+
+
+ }
+
+}
\ No newline at end of file