You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tuscany.apache.org by sv...@apache.org on 2007/12/28 12:33:06 UTC
svn commit: r607212 - in
/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account: ./
src/main/java/bigbank/security/ src/main/resources/
src/main/resources/META-INF/ src/main/resources/META-INF/services/
Author: svkrish
Date: Fri Dec 28 03:33:02 2007
New Revision: 607212
URL: http://svn.apache.org/viewvc?rev=607212&view=rev
Log:
adding authorization scenario to checkingsaccount service
Added:
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/BigbankCheckingsAcl.java
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthPolicy.java
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyHandler.java
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyProcessor.java
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.policy.util.PolicyHandler
Modified:
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/build.xml
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/pom.xml
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/CheckingsAccount.composite
incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/definitions.xml
Modified: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/build.xml
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/build.xml?rev=607212&r1=607211&r2=607212&view=diff
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/build.xml (original)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/build.xml Fri Dec 28 03:33:02 2007
@@ -24,11 +24,11 @@
<path id="test.classpath">
<pathelement location="target/classes"/>
- <pathelement location="../../modules/tuscany-host-jetty-1.1-incubating-SNAPSHOT.jar"/>
+ <!--pathelement location="../../modules/tuscany-host-jetty-1.1-incubating-SNAPSHOT.jar"/>
<pathelement location="../../modules/tuscany-binding-jsonrpc-1.1-incubating-SNAPSHOT.jar"/>
- <pathelement location="../../modules/tuscany-binding-rmi-1.1-incubating-SNAPSHOT.jar"/>
+ <pathelement location="../../modules/tuscany-binding-rmi-1.1-incubating-SNAPSHOT.jar"/-->
<pathelement location="../../lib/tuscany-sca-manifest.jar"/>
- <pathelement location="target/demo-bigbank-account.jar"/>
+ <!--pathelement location="target/demo-bigbank-account.jar"/-->
</path>
<target name="init">
Modified: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/pom.xml
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/pom.xml?rev=607212&r1=607211&r2=607212&view=diff
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/pom.xml (original)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/pom.xml Fri Dec 28 03:33:02 2007
@@ -44,6 +44,12 @@
</dependency>
<dependency>
+ <groupId>org.apache.tuscany.sca</groupId>
+ <artifactId>tuscany-core</artifactId>
+ <version>1.1-incubating-SNAPSHOT</version>
+ </dependency>
+
+ <dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>1.5.3</version>
Added: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/BigbankCheckingsAcl.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/BigbankCheckingsAcl.java?rev=607212&view=auto
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/BigbankCheckingsAcl.java (added)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/BigbankCheckingsAcl.java Fri Dec 28 03:33:02 2007
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package bigbank.security;
+
+import java.security.Principal;
+import java.util.Hashtable;
+import java.util.Map;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class BigbankCheckingsAcl {
+ private static Map<String, String>checkingsAcl = new Hashtable<String, String>();
+
+ static {
+ checkingsAcl.put("bbaservice", "Customer_01");
+ checkingsAcl.put("bbUser01", "Customer_01");
+ }
+
+
+ public static void authorize(Principal principal, String resource) {
+ if ( checkingsAcl.get(principal.getName()) == null ||
+ !checkingsAcl.get(principal.getName()).equals(resource) ) {
+ throw new RuntimeException("User - " + principal.getName() + " not authorized to access account " +
+ resource);
+ } else {
+ System.out.println("Successfully Authorized '" + principal.getName() + " to access accounts of " + resource);
+ }
+ }
+
+}
Added: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthPolicy.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthPolicy.java?rev=607212&view=auto
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthPolicy.java (added)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthPolicy.java Fri Dec 28 03:33:02 2007
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package bigbank.security;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class CheckingsDeptAuthPolicy {
+
+}
Added: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyHandler.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyHandler.java?rev=607212&view=auto
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyHandler.java (added)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyHandler.java Fri Dec 28 03:33:02 2007
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package bigbank.security;
+
+import java.security.Principal;
+
+import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.util.PolicyHandler;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class CheckingsDeptAuthorizationPolicyHandler implements PolicyHandler {
+ private PolicySet applicablePolicySet = null;
+
+ public void afterInvoke(Object... context) {
+ }
+
+ public void beforeInvoke(Object... context) {
+ for ( int count = 0 ; count < context.length ; ++count ) {
+ if ( context[count] instanceof Message ) {
+ Message msg = (Message)context[count];
+ Object args[] = (Object[])msg.getBody();
+ if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) {
+ BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL),
+ (String)args[0]);
+ }
+ }
+ }
+ }
+
+ public void cleanUp(Object... arg0) {
+ }
+
+ public PolicySet getApplicablePolicySet() {
+ return this.applicablePolicySet;
+ }
+
+ public void setApplicablePolicySet(PolicySet policySet) {
+ this.applicablePolicySet = policySet;
+ }
+
+ public void setUp(Object... arg0) {
+
+ }
+
+}
Added: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyProcessor.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyProcessor.java?rev=607212&view=auto
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyProcessor.java (added)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/java/bigbank/security/CheckingsDeptAuthorizationPolicyProcessor.java Fri Dec 28 03:33:02 2007
@@ -0,0 +1,81 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package bigbank.security;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import java.util.logging.Level;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+
+/**
+ * @author administrator
+ *
+ */
+public class CheckingsDeptAuthorizationPolicyProcessor implements StAXArtifactProcessor<CheckingsDeptAuthPolicy> {
+ private static final QName CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME = new QName("http://bigbank/checkings", "AuthPolicy");
+ private static final String callbackHandler = "callbackHandler";
+ public static final QName CALLBACK_HANDLER_QNAME = new QName(Constants.SCA10_TUSCANY_NS,
+ callbackHandler);
+ public QName getArtifactType() {
+ return CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME;
+ }
+
+ public CheckingsDeptAuthorizationPolicyProcessor(ModelFactoryExtensionPoint modelFactories) {
+ }
+
+
+ public CheckingsDeptAuthPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+ CheckingsDeptAuthPolicy policy = new CheckingsDeptAuthPolicy();
+ return policy;
+ }
+
+ public void write(CheckingsDeptAuthPolicy policy, XMLStreamWriter writer) throws ContributionWriteException,
+ XMLStreamException {
+ String prefix = "tuscany";
+ writer.writeStartElement(prefix,
+ CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME.getLocalPart(),
+ CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME.getNamespaceURI());
+ writer.writeNamespace("chk", "http://bigbank/checkings");
+
+
+ writer.writeEndElement();
+ }
+
+ public Class<CheckingsDeptAuthPolicy> getModelType() {
+ return CheckingsDeptAuthPolicy.class;
+ }
+
+ public void resolve(CheckingsDeptAuthPolicy arg0, ModelResolver arg1) throws ContributionResolveException {
+
+ }
+
+}
Modified: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/CheckingsAccount.composite
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/CheckingsAccount.composite?rev=607212&r1=607211&r2=607212&view=diff
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/CheckingsAccount.composite (original)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/CheckingsAccount.composite Fri Dec 28 03:33:02 2007
@@ -28,7 +28,6 @@
</service>
<component name="CheckingAccountServiceComponent">
- <implementation.java class="bigbank.account.checking.CheckingAccountServiceImpl"/>
+ <implementation.java class="bigbank.account.checking.CheckingAccountServiceImpl" requires="bbck:chkDeptAuthorization"/>
</component>
-
</composite>
Added: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor?rev=607212&view=auto
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor (added)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor Fri Dec 28 03:33:02 2007
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# Implementation class for the artifact processor extension
+bigbank.security.CheckingsDeptAuthorizationPolicyProcessor;qname=http://bigbank/checkings#AuthPolicy,model=bigbank.security.CheckingsDeptAuthPolicy
Added: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.policy.util.PolicyHandler
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.policy.util.PolicyHandler?rev=607212&view=auto
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.policy.util.PolicyHandler (added)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/META-INF/services/org.apache.tuscany.sca.policy.util.PolicyHandler Fri Dec 28 03:33:02 2007
@@ -0,0 +1,20 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# PolicyHandlerClasses to interpret specific PolicyModels against specific QoS infrastructures
+# handler classname;qname=<policy intent addressed>;model=<policy model class>
+bigbank.security.CheckingsDeptAuthorizationPolicyHandler;intent=http://bigbank/checkings#chkDeptAuthorization,model=bigbank.security.CheckingsDeptAuthPolicy
Modified: incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/definitions.xml
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/definitions.xml?rev=607212&r1=607211&r2=607212&view=diff
==============================================================================
--- incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/definitions.xml (original)
+++ incubator/tuscany/java/sca/demos/secure-bigbank/secure-bigbank-account/src/main/resources/definitions.xml Fri Dec 28 03:33:02 2007
@@ -21,6 +21,7 @@
targetNamespace="http://www.osoa.org/xmlns/sca/1.0"
xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"
xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"
+ xmlns:chk="http://bigbank/checkings"
xmlns:bb="http://bigbank">
<sca:intent name="soap"
@@ -65,6 +66,15 @@
</description>
</sca:intent>
+ <sca:intent name="chk:chkDeptAuthorization"
+ constrains="sca:implementation.java">
+ <description>
+ Authorization enforced by checkings dept of bigbank
+ </description>
+ </sca:intent>
+
+
+
<!-- WS Security POLICY SETS -->
<sca:policySet name="tuscany:wsIntegrityPolicy"
provides="integrity"
@@ -114,6 +124,14 @@
</action>
</parameter>
</tuscany:wsConfigParam>
+ </sca:policySet>
+
+ <sca:policySet name="chk:chkDeptAuthorizationPolicy"
+ provides="chk:chkDeptAuthorization"
+ appliesTo="sca:implementation.java">
+ <chk:AuthPolicy>
+ <!-- need to evolve what should go in here -->
+ </chk:AuthPolicy>
</sca:policySet>
</sca:definitions>
---------------------------------------------------------------------
To unsubscribe, e-mail: tuscany-commits-unsubscribe@ws.apache.org
For additional commands, e-mail: tuscany-commits-help@ws.apache.org