You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by sa...@apache.org on 2006/09/12 11:23:26 UTC
svn commit: r442539 [4/4] - in
/webservices/axis2/trunk/java/modules/security: src/META-INF/services/
src/org/apache/rampart/ src/org/apache/ws/security/policy/
src/org/apache/ws/security/policy1/
src/org/apache/ws/security/policy1/extension/ src/org/a...
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/TransportBindingProcessor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/TransportBindingProcessor.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/TransportBindingProcessor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/TransportBindingProcessor.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,128 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.security.policy1.model.Binding;
+import org.apache.ws.security.policy1.parser.SecurityPolicy;
+import org.apache.ws.security.policy1.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy1.parser.SecurityProcessorContext;
+
+public class TransportBindingProcessor {
+
+ private static final Log log = LogFactory.getLog(TransportBindingProcessor.class);
+
+ private boolean initializedTransportBinding = false;
+
+ private void initializeTransportBinding(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+
+ SecurityPolicyToken tmpSpt = SecurityPolicy.includeTimestamp.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.transportToken.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ //TODO: This is just ahack , have to move this to a proper processor
+ SecurityPolicyToken tmpSpt2 = SecurityPolicy.httpsToken.copy();
+ tmpSpt2.setProcessTokenMethod(this);
+ tmpSpt.setChildToken(tmpSpt2);
+
+ tmpSpt = SecurityPolicy.algorithmSuite.copy();
+ tmpSpt.setProcessTokenMethod(new AlgorithmSuiteProcessor());
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.layout.copy();
+ tmpSpt.setProcessTokenMethod(new LayoutProcessor());
+ spt.setChildToken(tmpSpt);
+
+
+
+ }
+
+ public Object doTransportBinding(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedTransportBinding) {
+ try {
+ initializeTransportBinding(spt);
+ initializedTransportBinding = true;
+ } catch (NoSuchMethodException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ }
+ break;
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doIncludeTimestamp(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Binding)spc.readCurrentPolicyEngineData()).setIncludeTimestamp(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doTransportToken(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ log.debug("TODO: doTransportToken");
+ return new Boolean(true);
+ }
+
+ public Object doAlgorithmSuite(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ log.debug("TODO: doAlgorithmSuite");
+ return new Boolean(true);
+ }
+
+ public Object doLayout(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ log.debug("TODO: doLayout");
+ return new Boolean(true);
+ }
+
+ public Object doHttpsToken(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ log.debug("TODO: doHttpsToken");
+ return new Boolean(true);
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Trust10Processor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Trust10Processor.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Trust10Processor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Trust10Processor.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,140 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy1.parser.SecurityPolicy;
+import org.apache.ws.security.policy1.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy1.parser.SecurityProcessorContext;
+
+
+public class Trust10Processor {
+
+ private static final Log log = LogFactory.getLog(Trust10Processor.class);
+
+ private boolean initializedTrust10 = false;
+
+ /**
+ * Intialize the Trust10 complex token.
+ *
+ * This method creates a copy of the Trust10 token and sets the handler object
+ * to the copy. Then it creates copies of the child tokens that are allowed
+ * for Trust10. These tokens are:
+ *
+ * These copies are also initialized with the handler object and then set as
+ * child tokens of Trust10.
+ *
+ * <p/> The handler object that must contain the methods
+ * <code>doTrust10</code>.
+ *
+ * @param spt
+ * The token that will hold the child tokens.
+ * @throws NoSuchMethodException
+ */
+ public void initializeTrust10(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+ SecurityPolicyToken tmpSpt = SecurityPolicy.mustSupportClientChallenge
+ .copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportServerChallenge.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireClientEntropy.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireServerEntropy.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportIssuedTokens.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+ }
+
+ public Object doTrust10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedTrust10) {
+ try {
+ initializeTrust10(spt);
+ initializedTrust10 = true;
+ } catch (NoSuchMethodException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ }
+ PrimitiveAssertion pa = spc.getAssertion();
+ String text = pa.getStrValue();
+ if (text != null) {
+ text = text.trim();
+ log.debug("Value: '" + text.toString() + "'");
+ }
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportClientChallenge(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportServerChallenge(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireClientEntropy(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireServerEntropy(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportIssuedTokens(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/UsernameTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/UsernameTokenProcessor.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/UsernameTokenProcessor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/UsernameTokenProcessor.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy1.Constants;
+import org.apache.ws.security.policy1.WSSPolicyException;
+import org.apache.ws.security.policy1.model.TokenWrapper;
+import org.apache.ws.security.policy1.model.UsernameToken;
+import org.apache.ws.security.policy1.parser.SecurityPolicy;
+import org.apache.ws.security.policy1.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy1.parser.SecurityProcessorContext;
+
+import javax.xml.namespace.QName;
+
+
+public class UsernameTokenProcessor {
+
+ private static final Log log = LogFactory.getLog(UsernameTokenProcessor.class);
+
+ private boolean initializedUsernameToken = false;
+
+ /**
+ * Intialize the UsernameToken complex token.
+ *
+ * This method creates copies of the child tokens that are allowed for
+ * UsernameToken. These tokens are WssUsernameToken10 and
+ * WssUsernameToken11. These copies are also initialized with the handler
+ * object and then set as child tokens of UsernameToken.
+ *
+ * <p/> The handler object must define the methods
+ * <code>doWssUsernameToken10, doWssUsernameToken11</code>.
+ *
+ * @param spt
+ * The token that will hold the child tokens.
+ * @throws NoSuchMethodException
+ */
+ public void initializeUsernameToken(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+
+ SecurityPolicyToken tmpSpt = SecurityPolicy.wssUsernameToken10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssUsernameToken11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+ }
+
+ public Object doUsernameToken(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedUsernameToken) {
+ try {
+ initializeUsernameToken(spt);
+ UsernameToken unt = (UsernameToken)spc.readCurrentPolicyEngineData();
+
+ //Get the includeToken attr info
+ String includetokenUri = spc.getAssertion().getAttribute(
+ new QName(Constants.SP_NS,
+ Constants.ATTR_INCLUDE_TOKEN));
+ try {
+ if(includetokenUri != null) { //since its optional
+ unt.setInclusion(includetokenUri);
+ }
+ ((TokenWrapper)spc.readPreviousPolicyEngineData()).setToken(unt);
+ } catch (WSSPolicyException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ initializedUsernameToken = true;
+ } catch (NoSuchMethodException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ }
+ log.debug(spt.getTokenName());
+ PrimitiveAssertion pa = spc.getAssertion();
+ String text = pa.getStrValue();
+ if (text != null) {
+ text = text.trim();
+ log.debug("Value: '" + text.toString() + "'");
+ }
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doWssUsernameToken10(SecurityProcessorContext spc) {
+ log.debug("Processing wssUsernameToken10");
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((UsernameToken)spc.readCurrentPolicyEngineData()).setUseUTProfile11(false);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doWssUsernameToken11(SecurityProcessorContext spc) {
+ log.debug("Processing wssUsernameToken11");
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((UsernameToken)spc.readCurrentPolicyEngineData()).setUseUTProfile11(true);
+ }
+ return new Boolean(true);
+ }
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss10Processor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss10Processor.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss10Processor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss10Processor.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,143 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy1.model.Wss10;
+import org.apache.ws.security.policy1.parser.SecurityPolicy;
+import org.apache.ws.security.policy1.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy1.parser.SecurityProcessorContext;
+
+
+public class Wss10Processor {
+
+ private static final Log log = LogFactory.getLog(Wss10Processor.class);
+
+ private boolean initializedWss10 = false;
+
+ /**
+ * Intialize the Wss10 complex token.
+ *
+ * This method creates a copy of the Wss10 token and sets the handler object
+ * to the copy. Then it creates copies of the child tokens that are allowed
+ * for Wss10. These tokens are:
+ *
+ * These copies are also initialized with the handler object and then set as
+ * child tokens of Wss10.
+ *
+ * <p/> The handler object that must contain the methods
+ * <code>doWss10</code>.
+ *
+ * @param spt
+ * The token that will hold the child tokens.
+ * @throws NoSuchMethodException
+ */
+ public void initializeWss10(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+ SecurityPolicyToken tmpSpt = SecurityPolicy.mustSupportRefKeyIdentifier
+ .copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefIssuerSerial.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefExternalUri.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefEmbeddedToken.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+ }
+
+
+ public Object doWss10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedWss10) {
+ try {
+ initializeWss10(spt);
+ initializedWss10 = true;
+ } catch (NoSuchMethodException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ }
+ PrimitiveAssertion pa = spc.getAssertion();
+ String text = pa.getStrValue();
+ if (text != null) {
+ text = text.trim();
+ log.debug("Value: '" + text.toString() + "'");
+ }
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefKeyIdentifier(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss10)spc.readCurrentPolicyEngineData()).setMustSupportRefKeyIdentifier(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefIssuerSerial(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss10)spc.readCurrentPolicyEngineData()).setMustSupportRefIssuerSerial(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefExternalURI(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss10)spc.readCurrentPolicyEngineData()).setMustSupportRefExternalURI(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefEmbeddedToken(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss10)spc.readCurrentPolicyEngineData()).setMustSupportRefEmbeddedToken(true);
+ }
+ return new Boolean(true);
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss11Processor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss11Processor.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss11Processor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/Wss11Processor.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,184 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy1.model.Wss11;
+import org.apache.ws.security.policy1.parser.SecurityPolicy;
+import org.apache.ws.security.policy1.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy1.parser.SecurityProcessorContext;
+
+
+public class Wss11Processor {
+
+ private static final Log log = LogFactory.getLog(Wss11Processor.class);
+
+ private boolean initializedWss11 = false;
+
+ /**
+ * Intialize the Wss11 complex token.
+ *
+ * This method creates a copy of the Wss11 token and sets the handler object
+ * to the copy. Then it creates copies of the child tokens that are allowed
+ * for Wss10. These tokens are:
+ *
+ * These copies are also initialized with the handler object and then set as
+ * child tokens of Wss11.
+ *
+ * <p/> The handler object that must contain the methods
+ * <code>doWss10</code>.
+ *
+ * @param spt
+ * The token that will hold the child tokens.
+ * @throws NoSuchMethodException
+ */
+ public void initializeWss11(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+ SecurityPolicyToken tmpSpt = SecurityPolicy.mustSupportRefKeyIdentifier
+ .copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefIssuerSerial.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefExternalUri.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefEmbeddedToken.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefThumbprint.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefEncryptedKey.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireSignatureConfirmation.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+ }
+
+ public Object doWss11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedWss11) {
+ try {
+ initializeWss11(spt);
+ initializedWss11 = true;
+ } catch (NoSuchMethodException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ }
+ PrimitiveAssertion pa = spc.getAssertion();
+ String text = pa.getStrValue();
+ if (text != null) {
+ text = text.trim();
+ log.debug("Value: '" + text.toString() + "'");
+ }
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefKeyIdentifier(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefKeyIdentifier(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefIssuerSerial(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefIssuerSerial(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefExternalURI(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefExternalURI(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefEmbeddedToken(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefEmbeddedToken(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefThumbprint(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefThumbprint(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefEncryptedKey(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefEncryptedKey(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doRequireSignatureConfirmation(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.START) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setRequireSignatureConfirmation(true);
+ }
+ return new Boolean(true);
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/X509TokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/X509TokenProcessor.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/X509TokenProcessor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/processors/X509TokenProcessor.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,239 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy1.Constants;
+import org.apache.ws.security.policy1.WSSPolicyException;
+import org.apache.ws.security.policy1.model.TokenWrapper;
+import org.apache.ws.security.policy1.model.X509Token;
+import org.apache.ws.security.policy1.parser.SecurityPolicy;
+import org.apache.ws.security.policy1.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy1.parser.SecurityProcessorContext;
+
+import javax.xml.namespace.QName;
+
+
+public class X509TokenProcessor {
+
+ private static final Log log = LogFactory.getLog(X509TokenProcessor.class);
+
+ private boolean initializedX509Token = false;
+
+ /**
+ * Intialize the X509 complex token.
+ *
+ * This method creates a copy of the X509Token token and sets the handler
+ * object to the copy. Then it creates copies of the child tokens that are
+ * allowed for X509Token. These tokens are:
+ *
+ * These copies are also initialized with the handler object and then set as
+ * child tokens of X509Token.
+ *
+ * <p/> The handler object that must contain the methods
+ * <code>doX509Token</code>.
+ *
+ * @param spt
+ * The token that will hold the child tokens.
+ * @throws NoSuchMethodException
+ */
+ private void initializeX509Token(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+
+ SecurityPolicyToken tmpSpt = SecurityPolicy.requireKeyIdentifierReference
+ .copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireIssuerSerialReference.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireEmbeddedTokenReference.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireThumbprintReference.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V1Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V3Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509Pkcs7Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509PkiPathV1Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V1Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V3Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509Pkcs7Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509PkiPathV1Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+ }
+
+ public Object doX509Token(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedX509Token) {
+ try {
+ initializeX509Token(spt);
+ X509Token token = (X509Token)spc.readCurrentPolicyEngineData();
+ //Get the includeToken attr info
+ String includetokenUri = spc.getAssertion().getAttribute(
+ new QName(Constants.SP_NS,
+ Constants.ATTR_INCLUDE_TOKEN));
+ try {
+ if(includetokenUri != null) { //since its optional
+ token.setInclusion(includetokenUri);
+ }
+ ((TokenWrapper)spc.readPreviousPolicyEngineData()).setToken(token);
+ } catch (WSSPolicyException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ initializedX509Token = true;
+ } catch (NoSuchMethodException e) {
+ log.error(e.getMessage(), e);
+ return new Boolean(false);
+ }
+ }
+ PrimitiveAssertion pa = spc.getAssertion();
+ String text = pa.getStrValue();
+ if (text != null) {
+ text = text.trim();
+ log.debug("Value: '" + text.toString() + "'");
+ }
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doRequireKeyIdentifierReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireIssuerSerialReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireEmbeddedTokenReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireThumbprintReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V1Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V3Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509Pkcs7Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509PkiPathV1Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V1Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V3Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509Pkcs7Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509PkiPathV1Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+}
Added: webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy1/parser/WSSPolicyProcessorTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy1/parser/WSSPolicyProcessorTest.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy1/parser/WSSPolicyProcessorTest.java (added)
+++ webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy1/parser/WSSPolicyProcessorTest.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.parser;
+
+import junit.framework.TestCase;
+import org.apache.ws.security.policy1.Constants;
+import org.apache.ws.security.policy1.model.PolicyEngineData;
+import org.apache.ws.security.policy1.model.RootPolicyEngineData;
+import org.apache.ws.security.policy1.model.SignedEncryptedParts;
+import org.apache.ws.security.policy1.model.SymmetricBinding;
+import org.apache.ws.security.policy1.model.Wss11;
+import org.apache.ws.security.policy1.parser.WSSPolicyProcessor;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+
+public class WSSPolicyProcessorTest extends TestCase {
+
+ public WSSPolicyProcessorTest(String name) {
+ super(name);
+ }
+
+ public void testSymmetricBinding() {
+ try {
+ WSSPolicyProcessor processor = new WSSPolicyProcessor();
+ if (!processor.setup()) {
+ return;
+ }
+ String[] files = new String[2];
+ files[0] = "test-resources/policy/SecurityPolicyBindingsSymm.xml";
+ files[1] = "test-resources/policy/SecurityPolicyMsg.xml";
+ processor.go(files);
+
+ RootPolicyEngineData rootPolicyEngineData = (RootPolicyEngineData)processor.secProcessorContext.getPedStack().get(0);
+ assertNotNull("RootPolicyEngineData missing", rootPolicyEngineData);
+
+ ArrayList peds = rootPolicyEngineData.getTopLevelPEDs();
+ assertEquals("Incrrect number of PolicyEngineData", 4, peds.size());
+
+ Iterator pedIter = peds.iterator();
+ boolean symmBindingfound = false, wss11found = false, signedPartsFound = false, encryptedPartsFound = false;
+ while (pedIter.hasNext()) {
+ PolicyEngineData ped = (PolicyEngineData) pedIter.next();
+ if(ped instanceof SymmetricBinding) {
+ symmBindingfound = true;
+ SymmetricBinding symmetricBinding = (SymmetricBinding)ped;
+ assertEquals("Incorrect layout",Constants.LAYOUT_STRICT ,symmetricBinding.getLayout().getValue());
+ } else if(ped instanceof Wss11) {
+ wss11found = true;
+ Wss11 wss11 = (Wss11)ped;
+ assertEquals("Signature confirmation must be true", true,
+ wss11.isRequireSignatureConfirmation());
+ } else if(ped instanceof SignedEncryptedParts) {
+ SignedEncryptedParts parts = (SignedEncryptedParts)ped;
+ if(parts.isSignedParts()) {
+ signedPartsFound = true;
+ assertEquals(
+ "Incorrect number of headers in SignedParts",
+ 2, parts.getHeaders().size());
+ } else {
+ encryptedPartsFound = true;
+ assertEquals(
+ "Incorrect number of headers in EncryptedParts",
+ 1, parts.getHeaders().size());
+ }
+ }
+ }
+ assertTrue("SignedParts missing", signedPartsFound);
+ assertTrue("EncryptedParts missing", encryptedPartsFound);
+ assertTrue("SymmetricBinding missing", symmBindingfound);
+ assertTrue("Wss11 missing", wss11found);
+
+ } catch (NoSuchMethodException e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+ }
+ }
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org