You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ru...@apache.org on 2006/09/10 16:22:00 UTC
svn commit: r441955 - in /webservices/axis2/trunk/java/modules/security:
src/org/apache/rampart/ src/org/apache/rampart/builder/
src/org/apache/rampart/handler/ src/org/apache/rampart/policy/
src/org/apache/rampart/util/ test-resources/policy/ test/org...
Author: ruchithf
Date: Sun Sep 10 07:21:59 2006
New Revision: 441955
URL: http://svn.apache.org/viewvc?view=rev&rev=441955
Log:
Added MessageBuilderTest and a test scenario to test the generation of a message using a TransportBinding and fixed bugs found with the test
Added the Sender handler
Added:
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java
webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding.xml
webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java
Modified:
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java?view=diff&rev=441955&r1=441954&r2=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java Sun Sep 10 07:21:59 2006
@@ -18,6 +18,7 @@
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.dom.jaxp.DocumentBuilderFactoryImpl;
+import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.Parameter;
@@ -26,6 +27,7 @@
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.rahas.TrustException;
+import org.apache.rampart.builder.TransportBindingBuilder;
import org.apache.rampart.policy.RampartPolicyBuilder;
import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.util.Axis2Util;
@@ -58,6 +60,8 @@
* header and insert into the document (Envelope)
*/
Document doc = Axis2Util.getDocumentFromSOAPEnvelope(msgCtx.getEnvelope(), false);
+ msgCtx.setEnvelope((SOAPEnvelope)doc.getDocumentElement());
+
SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
.getDocumentElement());
@@ -72,15 +76,17 @@
* extract the service policy is set in the msgCtx.
* If it is missing then try to obtain from the configuration files.
*/
- if(rmd.getServicePolicy() != null) {
+ if(rmd.getServicePolicy() == null) {
if(msgCtx.isServerSide()) {
String policyXml = msgCtx.getEffectivePolicy().toString();
policy = PolicyEngine.getPolicy(new ByteArrayInputStream(policyXml.getBytes()));
} else {
Parameter param = msgCtx.getParameter(RampartMessageData.KEY_RAMPART_POLICY);
- OMElement policyElem = param.getParameterElement().getFirstElement();
- policy = PolicyEngine.getPolicy(policyElem);
+ if(param != null) {
+ OMElement policyElem = param.getParameterElement().getFirstElement();
+ policy = PolicyEngine.getPolicy(policyElem);
+ }
}
//Set the policy in the config ctx
@@ -110,7 +116,11 @@
initializeTokens(rmd);
//Nothing to do to handle the other bindings
-
+ RampartPolicyData rpd = rmd.getPolicyData();
+ if(rpd.isTransportBinding()) {
+ TransportBindingBuilder building = new TransportBindingBuilder();
+ building.build(rmd);
+ }
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java?view=diff&rev=441955&r1=441954&r2=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java Sun Sep 10 07:21:59 2006
@@ -155,6 +155,7 @@
}
}
+ this.config = WSSConfig.getDefaultWSConfig();
} catch (TrustException e) {
throw new RampartException("errorInExtractingMsgProps", e);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java?view=diff&rev=441955&r1=441954&r2=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java Sun Sep 10 07:21:59 2006
@@ -228,7 +228,49 @@
sig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
bst = true;
}
+
+ //Get the user
+ String user = rpd.getRampartConfig().getUser();
+ String password = null;
+
+ if(user != null && !"".equals(user)) {
+ log.debug("User : " + user);
+
+ //Get the password
+ CallbackHandler handler = RampartUtil.getPasswordCB(rmd);
+
+ if(handler == null) {
+ //If the callback handler is missing
+ throw new RampartException("cbHandlerMissing");
+ }
+
+ WSPasswordCallback[] cb = { new WSPasswordCallback(user,
+ WSPasswordCallback.SIGNATURE) };
+
+ try {
+ handler.handle(cb);
+ if(cb[0].getPassword() != null && !"".equals(cb[0].getPassword())) {
+ password = cb[0].getPassword();
+ log.debug("Password : " + password);
+ } else {
+ //If there's no password then throw an exception
+ throw new RampartException("noPasswordForUser",
+ new String[]{user});
+ }
+ } catch (IOException e) {
+ throw new RampartException("errorInGettingPasswordForUser",
+ new String[]{user}, e);
+ } catch (UnsupportedCallbackException e) {
+ throw new RampartException("errorInGettingPasswordForUser",
+ new String[]{user}, e);
+ }
+
+ } else {
+ log.debug("No user value specified in the configuration");
+ throw new RampartException("userMissing");
+ }
+ sig.setUserInfo(user, password);
sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getAsymmetricSignature());
sig.setSigCanonicalization(rpd.getAlgorithmSuite().getInclusiveC14n());
@@ -401,8 +443,9 @@
//TODO Get the UT type, only WS-Sx spec supports this
utBuilder.setUserInfo(user, password);
+ utBuilder.prepare(doc);
//Add the UT
- utBuilder.build(doc, rmd.getSecHeader());
+ utBuilder.appendToHeader(rmd.getSecHeader());
return utBuilder.getId();
} else {
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java?view=auto&rev=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java Sun Sep 10 07:21:59 2006
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.handler;
+
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.HandlerDescription;
+import org.apache.axis2.description.Parameter;
+import org.apache.axis2.engine.Handler;
+import org.apache.rampart.MessageBuilder;
+import org.apache.rampart.RampartException;
+import org.apache.ws.secpolicy.WSSPolicyException;
+import org.apache.ws.security.WSSecurityException;
+
+
+public class RampartSender implements Handler {
+
+ private static HandlerDescription EMPTY_HANDLER_METADATA =
+ new HandlerDescription("deafult Handler");
+
+ private HandlerDescription handlerDesc;
+
+
+ public RampartSender() {
+ this.handlerDesc = EMPTY_HANDLER_METADATA;
+ }
+
+ public void cleanup() {
+ }
+
+ public void init(HandlerDescription handlerdesc) {
+ this.handlerDesc = handlerdesc;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.axis2.engine.Handler#invoke(org.apache.axis2.context.MessageContext)
+ */
+ public void invoke(MessageContext msgContext) throws AxisFault {
+
+ MessageBuilder builder = new MessageBuilder();
+ try {
+ builder.build(msgContext);
+ } catch (WSSecurityException e) {
+ throw new AxisFault(e.getMessage(), e);
+ } catch (WSSPolicyException e) {
+ throw new AxisFault(e.getMessage(), e);
+ } catch (RampartException e) {
+ throw new AxisFault(e.getMessage(), e);
+ }
+ }
+
+ public HandlerDescription getHandlerDesc() {
+ return this.handlerDesc;
+ }
+
+ public String getName() {
+ return "Apache Rampart outflow handler";
+ }
+
+ public Parameter getParameter(String name) {
+ return this.handlerDesc.getParameter(name);
+ }
+
+}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyBuilder.java?view=diff&rev=441955&r1=441954&r2=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyBuilder.java Sun Sep 10 07:21:59 2006
@@ -96,6 +96,7 @@
} else if (assertion instanceof RampartConfig) {
processRampartConfig((RampartConfig)assertion, rpd);
} else {
+
System.out.println("Unknown top level PED found: "
+ assertion.getClass().getName());
}
@@ -237,6 +238,7 @@
private static void binding(Binding binding, RampartPolicyData rpd) {
rpd.setLayout(binding.getLayout().getValue());
rpd.setIncludeTimestamp(binding.isIncludeTimestamp());
+ rpd.setAlgorithmSuite(binding.getAlgorithmSuite());
}
/**
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java?view=diff&rev=441955&r1=441954&r2=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java Sun Sep 10 07:21:59 2006
@@ -345,7 +345,7 @@
public void setSupportingTokens(SupportingToken suppTokens)
throws WSSPolicyException {
- int tokenType = suppTokens.getType();
+ int tokenType = suppTokens.getTokenType();
if (tokenType == Constants.SUPPORTING_TOKEN_SUPPORTING) {
supportingTokens = suppTokens;
} else if (tokenType == Constants.SUPPORTING_TOKEN_SIGNED) {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java?view=diff&rev=441955&r1=441954&r2=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java Sun Sep 10 07:21:59 2006
@@ -21,7 +21,6 @@
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
-import org.apache.axiom.soap.SOAPBody;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -282,8 +281,9 @@
public static int getTimeToLive(RampartMessageData messageData) {
- String ttl = messageData.getPolicyData().getRampartConfig()
- .getTimestampTTL();
+ RampartConfig rampartConfig = messageData.getPolicyData().getRampartConfig();
+
+ String ttl = rampartConfig.getTimestampTTL();
int ttl_i = 0;
if (ttl != null) {
try {
@@ -446,17 +446,20 @@
}
public static String getSoapBodyId(SOAPEnvelope env) {
+ return addWsuIdToElement(env.getBody());
+ }
+
+ public static String addWsuIdToElement(OMElement elem) {
String id = null;
- SOAPBody body = env.getBody();
- OMAttribute idAttr = body.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
+ OMAttribute idAttr = elem.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
if(idAttr != null) {
id = idAttr.getAttributeValue();
} else {
//Add an id
- OMNamespace ns = env.getOMFactory().createOMNamespace(WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
- id = "Id-" + body.hashCode();
- idAttr = env.getOMFactory().createOMAttribute("Id", ns, id);
- body.addAttribute(idAttr);
+ OMNamespace ns = elem.getOMFactory().createOMNamespace(WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ id = "Id-" + elem.hashCode();
+ idAttr = elem.getOMFactory().createOMAttribute("Id", ns, id);
+ elem.addAttribute(idAttr);
}
return id;
Added: webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding.xml?view=auto&rev=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding.xml (added)
+++ webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding.xml Sun Sep 10 07:21:59 2006
@@ -0,0 +1,64 @@
+<wsp:Policy wsu:Id="5" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+<wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false"/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:SignedEndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedEndorsingSupportingTokens>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.TestCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">interop/interop2.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+</wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java?view=auto&rev=441955
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java (added)
+++ webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java Sun Sep 10 07:21:59 2006
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder;
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.AxisService;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+
+import javax.xml.stream.FactoryConfigurationError;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+
+import java.io.ByteArrayInputStream;
+
+import junit.framework.TestCase;
+
+/**
+ *
+ * @author Ruchith Fernando (ruchith.fernando@gmail.com)
+ */
+public class MessageBuilderTest extends TestCase {
+
+ static final String soapMsg = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + "<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" + "<SOAP-ENV:Body>" + "<add xmlns=\"http://ws.apache.org/counter/counter_port_type\">" + "<value xmlns=\"\">15</value>" + "</add>" + "</SOAP-ENV:Body>\r\n \r\n" + "</SOAP-ENV:Envelope>";
+
+ public MessageBuilderTest() {
+ super();
+ }
+
+ public MessageBuilderTest(String arg0) {
+ super(arg0);
+ }
+
+
+
+ public void testTransportBinding() {
+ try {
+ MessageContext ctx = getMsgCtx();
+
+ String policyXml = "test-resources/policy/rampart-transport-binding.xml";
+ Policy policy = this.loadPolicy(policyXml);
+
+ ctx.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
+
+ MessageBuilder builder = new MessageBuilder();
+ builder.build(ctx);
+
+ System.out.println(ctx.getEnvelope());
+ } catch (Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+ }
+ }
+
+ /**
+ * @throws XMLStreamException
+ * @throws FactoryConfigurationError
+ * @throws AxisFault
+ */
+ private MessageContext getMsgCtx() throws XMLStreamException, FactoryConfigurationError, AxisFault {
+ MessageContext ctx = new MessageContext();
+ ctx.setAxisService(new AxisService("TestService"));
+
+ XMLStreamReader reader = XMLInputFactory.newInstance().createXMLStreamReader(new ByteArrayInputStream(soapMsg.getBytes()));
+ ctx.setEnvelope(new StAXSOAPModelBuilder(reader, null).getSOAPEnvelope());
+ return ctx;
+ }
+
+ private Policy loadPolicy(String xmlPath) throws Exception {
+ StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
+ return PolicyEngine.getPolicy(builder.getDocumentElement());
+ }
+
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org