You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by ch...@apache.org on 2006/11/03 10:44:00 UTC
svn commit: r470737 [2/2] - in /webservices/sandesha/trunk/java:
src/org/apache/sandesha2/msgprocessors/ src/org/apache/sandesha2/security/
src/org/apache/sandesha2/security/dummy/
src/org/apache/sandesha2/security/rampart/ src/org/apache/sandesha2/uti...
Modified: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java?view=diff&rev=470737&r1=470736&r2=470737
==============================================================================
--- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java (original)
+++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java Fri Nov 3 01:43:59 2006
@@ -1,103 +1,164 @@
-/*
- * Copyright 2006 The Apache Software Foundation.
- * Copyright 2006 International Business Machines Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sandesha2.security;
-
-import java.util.HashMap;
-
-import javax.xml.namespace.QName;
-
-import org.apache.axiom.om.OMAbstractFactory;
-import org.apache.axiom.om.OMAttribute;
-import org.apache.axiom.om.OMElement;
-import org.apache.axiom.om.OMFactory;
-import org.apache.axiom.om.OMNamespace;
-import org.apache.axis2.context.ConfigurationContext;
-import org.apache.axis2.context.MessageContext;
-import org.apache.axis2.description.AxisModule;
-import org.apache.sandesha2.Sandesha2Constants;
-import org.apache.sandesha2.SandeshaException;
-
-public class UnitTestSecurityManager extends SecurityManager {
-
- private static HashMap tokens = new HashMap();
- private static int id = 0;
- private static String secNamespace = Sandesha2Constants.SPEC_2005_02.SEC_NS_URI;
-
- public UnitTestSecurityManager(ConfigurationContext context) {
- super(context);
- }
-
- public void initSecurity(AxisModule moduleDesc) {
- }
-
- public SecurityToken getSecurityToken(MessageContext message)
- throws SandeshaException
- {
- UnitTestSecurityToken result = new UnitTestSecurityToken(id++);
- tokens.put(getTokenRecoveryData(result), result);
- return result;
- }
-
- public SecurityToken getSecurityToken(OMElement theSTR, MessageContext message)
- throws SandeshaException
- {
- OMElement reference = theSTR.getFirstChildWithName(new QName(secNamespace, "Reference"));
- String securityTokenURI = reference.getAttributeValue(new QName("URI"));
- String key = securityTokenURI;
- return (SecurityToken) tokens.get(key);
- }
-
- public String getTokenRecoveryData(SecurityToken token) throws SandeshaException {
- String key = ((UnitTestSecurityToken)token).getURI();
- return key;
- }
-
- public SecurityToken recoverSecurityToken(String tokenData)
- throws SandeshaException {
- return (SecurityToken) tokens.get(tokenData);
- }
-
- public void checkProofOfPossession(SecurityToken token, OMElement messagePart,
- MessageContext message) throws SandeshaException {
- if(token == null) {
- throw new SandeshaException("Security manager was passed a null token");
- }
- }
-
- public OMElement createSecurityTokenReference(SecurityToken token, MessageContext message) throws SandeshaException {
- String uri = ((UnitTestSecurityToken)token).getURI();
- String type = ((UnitTestSecurityToken)token).getValueType();
-
- OMFactory factory = OMAbstractFactory.getOMFactory();
- OMNamespace secNS = factory.createOMNamespace(secNamespace, "wsse");
- OMElement str = factory.createOMElement("SecurityTokenReference", secNS);
-
- OMElement ref = factory.createOMElement("Reference", secNS);
- str.addChild(ref);
-
- OMAttribute uriAttr = factory.createOMAttribute("URI", null, uri);
- OMAttribute typeAttr = factory.createOMAttribute("ValueType", null, type);
-
- ref.addAttribute(uriAttr);
- ref.addAttribute(typeAttr);
-
- return str;
- }
-
-
-}
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.security;
+
+import java.util.HashMap;
+
+import javax.xml.namespace.QName;
+
+import org.apache.axiom.om.OMAbstractFactory;
+import org.apache.axiom.om.OMAttribute;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.axiom.om.OMNamespace;
+import org.apache.axiom.soap.SOAPEnvelope;
+import org.apache.axiom.soap.SOAPHeader;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.AxisModule;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.sandesha2.Sandesha2Constants;
+import org.apache.sandesha2.SandeshaException;
+
+public class UnitTestSecurityManager extends SecurityManager {
+ private static Log log = LogFactory.getLog(UnitTestSecurityManager.class);
+
+ private static HashMap tokens = new HashMap();
+ private static int id = 0;
+ private static String secNamespace = Sandesha2Constants.SPEC_2005_02.SEC_NS_URI;
+ private static QName unitTestHeader = new QName("http://unit.test.security", "tokenId");
+
+ public UnitTestSecurityManager(ConfigurationContext context) {
+ super(context);
+ log.debug("UnitTestSecurityManager::UnitTestSecurityManager");
+ }
+
+ public void initSecurity(AxisModule moduleDesc) {
+ log.debug("UnitTestSecurityManager::initSecurity");
+ }
+
+ public SecurityToken getSecurityToken(MessageContext message)
+ throws SandeshaException
+ {
+ log.debug("Enter: UnitTestSecurityManager::getSecurityToken(MessageContext)");
+
+ UnitTestSecurityToken result = new UnitTestSecurityToken(id++);
+ tokens.put(getTokenRecoveryData(result), result);
+
+ log.debug("Exit: UnitTestSecurityManager::getSecurityToken " + result);
+ return result;
+ }
+
+ public SecurityToken getSecurityToken(OMElement theSTR, MessageContext message)
+ throws SandeshaException
+ {
+ log.debug("Enter: UnitTestSecurityManager::getSecurityToken(OMElement,MessageContext)");
+
+ OMElement reference = theSTR.getFirstChildWithName(new QName(secNamespace, "Reference"));
+ String securityTokenURI = reference.getAttributeValue(new QName("URI"));
+ String key = securityTokenURI;
+ SecurityToken result = (SecurityToken) tokens.get(key);
+
+ log.debug("Exit: UnitTestSecurityManager::getSecurityToken " + result);
+ return result;
+ }
+
+ public String getTokenRecoveryData(SecurityToken token) throws SandeshaException {
+ log.debug("Enter: UnitTestSecurityManager::getTokenRecoveryData");
+ String key = ((UnitTestSecurityToken)token).getURI();
+ log.debug("Exit: UnitTestSecurityManager::getTokenRecoveryData " + key);
+ return key;
+ }
+
+ public SecurityToken recoverSecurityToken(String tokenData)
+ throws SandeshaException {
+ log.debug("Enter: UnitTestSecurityManager::recoverSecurityToken");
+ SecurityToken result = (SecurityToken) tokens.get(tokenData);
+ log.debug("Exit: UnitTestSecurityManager::recoverSecurityToken " + result);
+ return result;
+ }
+
+ public void checkProofOfPossession(SecurityToken token, OMElement messagePart,
+ MessageContext message) throws SandeshaException {
+ log.debug("Enter: UnitTestSecurityManager::checkProofOfPossession");
+ if(token == null) {
+ throw new SandeshaException("Security manager was passed a null token");
+ }
+
+ // Look for the header that we should have introduced in the 'apply' method
+ String key = ((UnitTestSecurityToken)token).getURI();
+ String foundToken = null;
+ SOAPEnvelope env = message.getEnvelope();
+ SOAPHeader headers = env.getHeader();
+ if(headers != null) {
+ OMElement myHeader = headers.getFirstChildWithName(unitTestHeader);
+ if(myHeader != null) {
+ foundToken = myHeader.getText();
+ }
+ }
+ if(!key.equals(foundToken)) {
+ throw new SandeshaException("Message was not secured with the correct token");
+ }
+ log.debug("Exit: UnitTestSecurityManager::checkProofOfPossession");
+ }
+
+ public OMElement createSecurityTokenReference(SecurityToken token, MessageContext message) throws SandeshaException {
+ log.debug("Enter: UnitTestSecurityManager::createSecurityTokenReference");
+
+ String uri = ((UnitTestSecurityToken)token).getURI();
+ String type = ((UnitTestSecurityToken)token).getValueType();
+
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMNamespace secNS = factory.createOMNamespace(secNamespace, "wsse");
+ OMElement str = factory.createOMElement("SecurityTokenReference", secNS);
+
+ OMElement ref = factory.createOMElement("Reference", secNS);
+ str.addChild(ref);
+
+ OMAttribute uriAttr = factory.createOMAttribute("URI", null, uri);
+ OMAttribute typeAttr = factory.createOMAttribute("ValueType", null, type);
+
+ ref.addAttribute(uriAttr);
+ ref.addAttribute(typeAttr);
+
+ log.debug("Exit: UnitTestSecurityManager::createSecurityTokenReference " + str);
+ return str;
+ }
+
+ public void applySecurityToken(SecurityToken token, MessageContext outboundMessage) throws SandeshaException {
+ log.debug("Enter: UnitTestSecurityManager::applySecurityToken");
+ if(token == null) {
+ throw new SandeshaException("Security manager was passed a null token");
+ }
+
+ // Add the header that pretends to secure the message
+ String key = ((UnitTestSecurityToken)token).getURI();
+ SOAPEnvelope env = outboundMessage.getEnvelope();
+ OMFactory factory = env.getOMFactory();
+
+ SOAPHeader headers = env.getHeader();
+
+ OMNamespace namespace = factory.createOMNamespace(unitTestHeader.getNamespaceURI(), "sec");
+ OMElement header = headers.addHeaderBlock(unitTestHeader.getLocalPart(), namespace);
+ header.setText(key);
+
+ log.debug("Exit: UnitTestSecurityManager::applySecurityToken");
+ }
+
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: sandesha-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: sandesha-dev-help@ws.apache.org