You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2013/06/19 17:19:03 UTC
svn commit: r1494653 - in /cxf/trunk/services/xkms/xkms-client: ./
src/main/java/org/apache/cxf/xkms/crypto/
src/main/resources/OSGI-INF/blueprint/
Author: ashakirin
Date: Wed Jun 19 15:19:03 2013
New Revision: 1494653
URL: http://svn.apache.org/r1494653
Log:
Added XKMS based WSS4J crypto provider
Added:
cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/
cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java
cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java
cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java
cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java
cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java
Modified:
cxf/trunk/services/xkms/xkms-client/pom.xml
cxf/trunk/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml
Modified: cxf/trunk/services/xkms/xkms-client/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/pom.xml?rev=1494653&r1=1494652&r2=1494653&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/pom.xml (original)
+++ cxf/trunk/services/xkms/xkms-client/pom.xml Wed Jun 19 15:19:03 2013
@@ -45,6 +45,26 @@
<version>${project.version}</version>
</dependency>
<dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-security</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.wss4j</groupId>
+ <artifactId>wss4j-ws-security-dom</artifactId>
+ <version>${cxf.wss4j.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xml-apis</groupId>
+ <artifactId>xml-apis</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
Added: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java?rev=1494653&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java (added)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java Wed Jun 19 15:19:03 2013
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.xkms.crypto;
+
+public class CryptoProviderException extends RuntimeException {
+
+ private static final long serialVersionUID = 7177198444823997289L;
+
+ public CryptoProviderException() {
+ super();
+ }
+
+ public CryptoProviderException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public CryptoProviderException(String message) {
+ super(message);
+ }
+
+ public CryptoProviderException(Throwable cause) {
+ super(cause);
+ }
+
+}
Added: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java?rev=1494653&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java (added)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java Wed Jun 19 15:19:03 2013
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import org.apache.cxf.message.Message;
+import org.apache.wss4j.common.crypto.Crypto;
+
+public interface CryptoProviderFactory {
+
+ Crypto create(Message message);
+
+}
Added: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java?rev=1494653&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java (added)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java Wed Jun 19 15:19:03 2013
@@ -0,0 +1,158 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.Properties;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.wss4j.common.crypto.Merlin;
+import org.apache.wss4j.common.ext.WSPasswordCallback;
+import org.apache.wss4j.common.ext.WSPasswordCallback.Usage;
+
+public final class CryptoProviderUtils {
+
+ private CryptoProviderUtils() {
+ }
+
+ public static Properties loadKeystoreProperties(Message message, String propKey) {
+ Object o = message.getContextualProperty(propKey);
+ if (o == null) {
+ throw new CryptoProviderException("Keystore properties path is not defined");
+ }
+
+ Properties properties = null;
+ if (o instanceof Properties) {
+ properties = (Properties)o;
+ } else if (o instanceof String) {
+ ResourceManager rm = message.getExchange().get(Bus.class)
+ .getExtension(ResourceManager.class);
+ URL url = rm.resolveResource((String)o, URL.class);
+ try {
+ if (url == null) {
+ url = ClassLoaderUtils.getResource((String)o, CryptoProviderUtils.class);
+ }
+ if (url == null) {
+ try {
+ url = new URL((String)o);
+ } catch (Exception ex) {
+ // ignore
+ }
+ }
+ if (url != null) {
+ InputStream ins = url.openStream();
+ properties = new Properties();
+ properties.load(ins);
+ ins.close();
+ } else {
+ throw new CryptoProviderException("Keystore properties url is not resolved: "
+ + o);
+ }
+ } catch (IOException e) {
+ throw new CryptoProviderException("Cannot load keystore properties: "
+ + e.getMessage(), e);
+ }
+ } else if (o instanceof URL) {
+ properties = new Properties();
+ try {
+ InputStream ins = ((URL)o).openStream();
+ properties.load(ins);
+ ins.close();
+ } catch (IOException e) {
+ throw new CryptoProviderException("Cannot load keystore properties: "
+ + e.getMessage(), e);
+ }
+ }
+ if (properties == null) {
+ throw new CryptoProviderException("Cannot load keystore properties: " + o);
+ }
+
+ return properties;
+ }
+
+ public static String getKeystoreAlias(Properties keystoreProps) {
+ String keystoreAlias = null;
+
+ if (keystoreProps.containsKey(Merlin.KEYSTORE_ALIAS)) {
+ keystoreAlias = keystoreProps.getProperty(Merlin.KEYSTORE_ALIAS);
+ }
+
+ if (keystoreAlias == null) {
+ throw new CryptoProviderException("Alias is not found in keystore properties file: "
+ + Merlin.KEYSTORE_ALIAS);
+ }
+
+ return keystoreAlias;
+ }
+
+ public static CallbackHandler getCallbackHandler(Message message) {
+ Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+
+ CallbackHandler handler = null;
+ if (o instanceof CallbackHandler) {
+ handler = (CallbackHandler)o;
+ } else if (o instanceof String) {
+ try {
+ handler = (CallbackHandler)ClassLoaderUtils
+ .loadClass((String)o, CryptoProviderUtils.class).newInstance();
+ } catch (Exception e) {
+ handler = null;
+ }
+ }
+
+ return handler;
+ }
+
+ public static String getCallbackPwdFromMessage(Message message, String userName, Usage usage) {
+ // Then try to get the password from the given callback handler
+ CallbackHandler handler = getCallbackHandler(message);
+ if (handler == null) {
+ throw new CryptoProviderException("No callback handler and no password available");
+ }
+
+ return getCallbackPwd(userName, usage, handler);
+ }
+
+ public static String getCallbackPwd(String userName, Usage usage, CallbackHandler handler) {
+ if (handler == null) {
+ return null;
+ }
+ WSPasswordCallback[] cb = {
+ new WSPasswordCallback(userName, usage)
+ };
+ try {
+ handler.handle(cb);
+ } catch (Exception e) {
+ throw new CryptoProviderException("Cannot get password from callback: " + e, e);
+ }
+
+ // get the password
+ return cb[0].getPassword();
+ }
+
+}
Added: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java?rev=1494653&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java (added)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java Wed Jun 19 15:19:03 2013
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+public class MissingPrincipalException extends CryptoProviderException {
+
+ private static final long serialVersionUID = 7177198444823997289L;
+
+ public MissingPrincipalException() {
+ super();
+ }
+
+ public MissingPrincipalException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public MissingPrincipalException(String message) {
+ super(message);
+ }
+
+ public MissingPrincipalException(Throwable cause) {
+ super(cause);
+ }
+
+}
Added: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java?rev=1494653&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java (added)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java Wed Jun 19 15:19:03 2013
@@ -0,0 +1,194 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.xkms.client.XKMSInvoker;
+import org.apache.cxf.xkms.handlers.Applications;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoBase;
+import org.apache.wss4j.common.crypto.CryptoType;
+import org.apache.wss4j.common.crypto.CryptoType.TYPE;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.w3._2002._03.xkms_wsdl.XKMSPortType;
+
+public class XkmsCryptoProvider extends CryptoBase {
+
+ private static final Logger LOG = LogUtils.getL7dLogger(XkmsCryptoProvider.class);
+
+ private final XKMSInvoker xkmsInvoker;
+ private final Map<String, X509Certificate> certsCache = new ConcurrentHashMap<String, X509Certificate>();
+ private Crypto defaultCrypto;
+
+ public XkmsCryptoProvider(XKMSPortType xkmsConsumer) {
+ this(xkmsConsumer, null);
+ }
+
+ public XkmsCryptoProvider(XKMSPortType xkmsConsumer, Crypto defaultCrypto) {
+ if (xkmsConsumer == null) {
+ throw new IllegalArgumentException("xkmsConsumer may not be null");
+ }
+ this.xkmsInvoker = new XKMSInvoker(xkmsConsumer);
+ this.defaultCrypto = defaultCrypto;
+ }
+
+ @Override
+ public X509Certificate[] getX509Certificates(CryptoType cryptoType) throws WSSecurityException {
+ if (LOG.isLoggable(Level.INFO)) {
+ LOG.info(String
+ .format("TESB Runtime: getting public certificate for alias: %s; issuer: %s; subjectDN: %s",
+ cryptoType.getAlias(), cryptoType.getIssuer(), cryptoType.getSubjectDN()));
+ }
+ X509Certificate[] certs = getX509CertificatesInternal(cryptoType);
+ if (certs == null) {
+ LOG.severe(String
+ .format(
+ "Cannot find certificate for alias: %s, issuer: %s; subjectDN: %s",
+ cryptoType.getAlias(), cryptoType.getIssuer(), cryptoType.getSubjectDN()));
+ }
+ return certs;
+ }
+
+ @Override
+ public String getX509Identifier(X509Certificate cert) throws WSSecurityException {
+ assertDefaultCryptoProvider();
+ return defaultCrypto.getX509Identifier(cert);
+ }
+
+ @Override
+ public PrivateKey getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler)
+ throws WSSecurityException {
+ assertDefaultCryptoProvider();
+ return defaultCrypto.getPrivateKey(certificate, callbackHandler);
+ }
+
+ @Override
+ public PrivateKey getPrivateKey(String identifier, String password) throws WSSecurityException {
+ assertDefaultCryptoProvider();
+ return defaultCrypto.getPrivateKey(identifier, password);
+ }
+
+ @Override
+ public boolean verifyTrust(X509Certificate[] certs, boolean enableRevocation)
+ throws WSSecurityException {
+ if (certs == null) {
+ return false;
+ }
+ LOG.fine(String.format("Verifying certificate id: %s", certs[0].getSubjectDN()));
+ return xkmsInvoker.validateCertificate(certs[0]);
+ }
+
+ @Override
+ public boolean verifyTrust(PublicKey publicKey) throws WSSecurityException {
+ return false;
+ }
+
+ private void assertDefaultCryptoProvider() {
+ if (defaultCrypto == null) {
+ throw new UnsupportedOperationException("Not supported by this crypto provider");
+ }
+ }
+
+ private X509Certificate[] getX509CertificatesInternal(CryptoType cryptoType) {
+ CryptoType.TYPE type = cryptoType.getType();
+ if (type == TYPE.SUBJECT_DN) {
+ return getX509CertificatesFromXKMS(Applications.PKIX, cryptoType.getSubjectDN());
+ } else if (type == TYPE.ALIAS) {
+ return getX509CertificatesFromXKMS(cryptoType);
+ } else if (type == TYPE.ISSUER_SERIAL) {
+ X509Certificate certificate = xkmsInvoker.getCertificateForIssuerSerial(cryptoType
+ .getIssuer(), cryptoType.getSerial());
+ return new X509Certificate[] {
+ certificate
+ };
+ }
+ throw new IllegalArgumentException("Unsupported type " + type);
+ }
+
+ private X509Certificate[] getX509CertificatesFromXKMS(CryptoType cryptoType) {
+ Applications appId = null;
+ boolean isServiceName = isServiceName(cryptoType);
+ if (!isServiceName) {
+ X509Certificate[] localCerts = getCertificateLocally(cryptoType);
+ if (localCerts != null) {
+ return localCerts;
+ }
+ appId = Applications.PKIX;
+ } else {
+ appId = Applications.SERVICE_SOAP;
+ }
+ return getX509CertificatesFromXKMS(appId, cryptoType.getAlias());
+ }
+
+ private X509Certificate[] getX509CertificatesFromXKMS(Applications application, String id) {
+ LOG.fine(String.format("Getting public certificate from XKMS for application:%s; id: %s",
+ application, id));
+ if (id == null) {
+ throw new CryptoProviderException("Id is not specified for certificate request");
+ }
+ X509Certificate cert;
+ if (certsCache.containsKey(id.toLowerCase())) {
+ cert = certsCache.get(id.toLowerCase());
+ } else {
+ cert = xkmsInvoker.getCertificateForId(application, id);
+ certsCache.put(id.toLowerCase(), cert);
+ }
+ return new X509Certificate[] {
+ cert
+ };
+ }
+
+ /**
+ * Try to get certificate locally
+ *
+ * @param cryptoType
+ * @return if found certificate otherwise null returned
+ */
+ private X509Certificate[] getCertificateLocally(CryptoType cryptoType) {
+ X509Certificate[] localCerts = null;
+ try {
+ localCerts = defaultCrypto.getX509Certificates(cryptoType);
+ } catch (Exception e) {
+ LOG.info("Certificate is not found in local keystore and will be requested from XKMS: "
+ + cryptoType.getAlias());
+ }
+ return localCerts;
+ }
+
+ /**
+ * Service Aliases contain namespace
+ *
+ * @param cryptoType
+ * @return
+ */
+ private boolean isServiceName(CryptoType cryptoType) {
+ return cryptoType.getAlias().contains("{");
+ }
+}
Added: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java?rev=1494653&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java (added)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java Wed Jun 19 15:19:03 2013
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import java.util.Properties;
+
+import org.apache.cxf.message.Message;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.w3._2002._03.xkms_wsdl.XKMSPortType;
+
+public class XkmsCryptoProviderFactory implements CryptoProviderFactory {
+
+ private final XKMSPortType xkmsConsumer;
+
+ public XkmsCryptoProviderFactory(XKMSPortType xkmsConsumer) {
+ this.xkmsConsumer = xkmsConsumer;
+ }
+
+ public Crypto create(Message message) {
+ Properties keystoreProps = CryptoProviderUtils
+ .loadKeystoreProperties(message,
+ SecurityConstants.SIGNATURE_PROPERTIES);
+ try {
+ Crypto defaultCrypto = CryptoFactory.getInstance(keystoreProps);
+ return new XkmsCryptoProvider(xkmsConsumer, defaultCrypto);
+ } catch (WSSecurityException e) {
+ throw new CryptoProviderException("Cannot instantiate crypto factory: "
+ + e.getMessage(), e);
+ }
+ }
+}
Modified: cxf/trunk/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml?rev=1494653&r1=1494652&r2=1494653&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml (original)
+++ cxf/trunk/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml Wed Jun 19 15:19:03 2013
@@ -38,7 +38,7 @@
<bean id="additionalClasses"
class="org.apache.cxf.xkms.model.extensions.AdditionalClassesFactory" />
- <jaxws:client id="XKMSConsumer" xmlns:serviceNamespace="http://www.w3.org/2002/03/xkms#wsdl"
+ <jaxws:client id="xkmsClient" xmlns:serviceNamespace="http://www.w3.org/2002/03/xkms#wsdl"
serviceClass="org.w3._2002._03.xkms_wsdl.XKMSPortType"
serviceName="serviceNamespace:XKMSPortType" endpointName="serviceNamespace:XKMSService"
address="${xkms.endpoint}">
@@ -50,6 +50,13 @@
</jaxws:properties>
</jaxws:client>
- <service ref="XKMSConsumer" interface="org.w3._2002._03.xkms_wsdl.XKMSPortType" />
+ <service ref="xkmsClient" interface="org.w3._2002._03.xkms_wsdl.XKMSPortType" />
+
+ <bean id="xkmsCryptoProviderFactory"
+ class="org.apache.cxf.xkms.crypto.XkmsCryptoProviderFactory">
+ <argument ref="xkmsClient" />
+ </bean>
+
+ <service ref="xkmsCryptoProviderFactory" interface="org.apache.cxf.xkms.crypto.CryptoProviderFactory" />
</blueprint>