Return-Path: Delivered-To: apmail-xml-axis-dev-archive@xml.apache.org Received: (qmail 25844 invoked by uid 500); 8 Oct 2002 23:40:55 -0000 Mailing-List: contact axis-dev-help@xml.apache.org; run by ezmlm Precedence: bulk Reply-To: axis-dev@xml.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list axis-dev@xml.apache.org Received: (qmail 25835 invoked from network); 8 Oct 2002 23:40:54 -0000 In-Reply-To: To: axis-dev@xml.apache.org MIME-Version: 1.0 X-Mailer: Lotus Notes Build V60_M14_08012002 Release Candidate August 01, 2002 From: Richard Sitze Message-ID: Date: Tue, 8 Oct 2002 17:40:58 -0600 Subject: Re: cvs commit: xml-axis/java/xmls targets.xml X-MIMETrack: Serialize by Router on D03NM145/03/M/IBM(Release 6.0|September 26, 2002) at 10/08/2002 17:41:00, Serialize complete at 10/08/2002 17:41:00 Content-Type: text/plain; charset="US-ASCII" X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Dug, you assume that I have a direction :-) Seriously, What I've done is a) rename the files that had dependencies on com.sun.* to Sun*. b) for symmetry, I added IBMFakeTrustSocketFactory. How it's used, I don't know. The JDK14 use the javax version of *some* of the classes, but there are still sun.com.* dependencies. This could potentially be the common impl, but it should be noted that the API's change... particularly between Sun/IBMFakeTrustSocketFactory and JDK14FakeTrustSocketFactory. Note also that this is for JDK14. It's not clear to me if someone intended the sun/ibm for pre-1.4 or not. If it IS assumed that the base for this level of support is 14, then having it as a default dependency is even more wrong than it was originally (this is suppose to be 1.3+ based, right?). Regardless, I agree with your concerns, I'm simply trying to move some small step forward. Dims really needs to step in here, or some one who better understands the security. Minimum, we need a lively discussion to make some decisions. ******************************************* Richard A. Sitze IBM WebSphere WebServices Development Doug Davis/Raleigh/IBM@IBMUS 10/08/2002 05:56 PM Please respond to axis-dev To: axis-dev@xml.apache.org cc: Subject: Re: cvs commit: xml-axis/java/xmls targets.xml Richard, I'm still confused by the direction you and Dims are going with all of this - perhaps I just don't understand what's involved with j2ee but why do we need to have Sun, IBM and JDK14 versions of these files? Continuing down this path we'll be force to add code to Axis for each and every impl. We don't have this issue with parsers - people can any impl just so long as they adhere to the interfaces. Isn't J2EE the same way? -Dug rsitze@apache.org on 10/08/2002 06:24:00 PM Please respond to axis-dev@xml.apache.org To: xml-axis-cvs@apache.org cc: Subject: cvs commit: xml-axis/java/xmls targets.xml rsitze 2002/10/08 15:24:00 Modified: java/src/org/apache/axis/components/net SocketFactoryFactory.java IBMJSSESocketFactory.java java/lib commons-discovery.jar java/src/org/apache/axis/transport/http HTTPSender.java java/src/org/apache/axis/configuration EngineConfigurationFactoryFinder.java java/src/org/apache/axis AxisProperties.java java build.xml java/xmls targets.xml Added: java/src/org/apache/axis/components/net IBMFakeTrustSocketFactory.java JDK14FakeTrustSocketFactory.java SunFakeTrustSocketFactory.java SecureSocketFactory.java SunJSSESocketFactory.java JDK14JSSESocketFactory.java Removed: java/src/org/apache/axis/components/net FakeTrustSocketFactory.java JSSESocketFactory.java java/src/org/apache/axis/discovery DiscoverOldNamesInManagedProperties.java DiscoverConstNames.java Log: work around components.net.*: - Moved JSSE (and Fake*) classes to Sun*. - Introduced JDK14* version, though they need more work/cleanup. - No way to configure SocketFactory and SecureSocketFactories separately, so added new interface SecureSocketFactory to key off of during discovery process. other: - Moved discovery helper classes to discovery. Revision Changes Path 1.8 +27 -35 xml-axis/java/src/org/apache/axis/components/net/SocketFactoryFactory.java Index: SocketFactoryFactory.java =================================================================== RCS file: /home/cvs/xml-axis/java/src/org/apache/axis/components/net/SocketFactoryFactory.java,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- SocketFactoryFactory.java 8 Oct 2002 17:55:33 -0000 1.7 +++ SocketFactoryFactory.java 8 Oct 2002 22:23:59 -0000 1.8 @@ -79,53 +79,45 @@ LogFactory.getLog(SocketFactoryFactory.class.getName()); /** socket factory */ - private static SocketFactory theFactory = null; - - /** secure socket factory */ - private static SocketFactory theSecureFactory = null; + private static Hashtable factories = new Hashtable(); private static final Class classes[] = new Class[] { Hashtable.class }; /** * Returns a copy of the environment's default socket factory. - * + * + * @param protocol Today this only supports "http" & "https". * @param attributes * * @return */ - public static synchronized SocketFactory getFactory(Hashtable attributes) { + public static synchronized SocketFactory getFactory(String protocol, + Hashtable attributes) { + SocketFactory theFactory = (SocketFactory)factories.get(protocol); + if (theFactory == null) { Object objects[] = new Object[] { attributes }; - - theFactory = (SocketFactory)AxisProperties.newInstance( - new SPInterface(SocketFactory.class, - "axis.socketFactory", - classes, - objects), - "org.apache.axis.components.net.DefaultSocketFactory"); + + if (protocol.equalsIgnoreCase("http")) { + theFactory = (SocketFactory)AxisProperties.newInstance( + new SPInterface(SocketFactory.class, + "axis.socketFactory", + classes, + objects), + "org.apache.axis.components.net.DefaultSocketFactory"); + } else if (protocol.equalsIgnoreCase("https")) { + theFactory = (SocketFactory)AxisProperties.newInstance( + new SPInterface(SecureSocketFactory.class, + "axis.socketSecureFactory", + classes, + objects), + "org.apache.axis.components.net.DefaultSecureSocketFactory"); + } + + if (theFactory != null) { + factories.put(protocol, theFactory); + } } return theFactory; - } - - /** - * Returns a copy of the environment's default secure socket factory. - * - * @param attributes - * - * @return - */ - public static synchronized SocketFactory getSecureFactory( - Hashtable attributes) { - if (theSecureFactory == null) { - Object objects[] = new Object[] { attributes }; - - theSecureFactory = (SocketFactory)AxisProperties.newInstance( - new SPInterface(SocketFactory.class, - "axis.socketSecureFactory", - classes, - objects), - "org.apache.axis.components.net.DefaultSecureSocketFactory"); - } - return theSecureFactory; } } 1.2 +10 -8 xml-axis/java/src/org/apache/axis/components/net/IBMJSSESocketFactory.java Index: IBMJSSESocketFactory.java =================================================================== RCS file: /home/cvs/xml-axis/java/src/org/apache/axis/components/net/IBMJSSESocketFactory.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- IBMJSSESocketFactory.java 8 Oct 2002 12:12:47 -0000 1.1 +++ IBMJSSESocketFactory.java 8 Oct 2002 22:23:59 -0000 1.2 @@ -55,6 +55,11 @@ package org.apache.axis.components.net; import com.ibm.net.ssl.SSLContext; +import com.ibm.net.ssl.KeyManagerFactory; +import com.ibm.net.ssl.TrustManager; +import com.ibm.net.ssl.TrustManagerFactory; +import com.ibm.jsse.JSSEProvider; + import org.apache.axis.AxisProperties; import org.apache.axis.utils.JavaUtils; import org.apache.axis.utils.Messages; @@ -281,7 +286,7 @@ * @return SSLContext * @throws Exception */ - protected com.ibm.net.ssl.SSLContext getContext() throws Exception { + protected SSLContext getContext() throws Exception { // Please don't change the name of the attribute - other // software may depend on it ( j2ee for sure ) String keystoreFile = (String) attributes.get("keystore"); @@ -324,17 +329,15 @@ KeyStore kstore = initKeyStore(keystoreFile, keystorePass); // Key manager will extract the server key - com.ibm.net.ssl.KeyManagerFactory kmf = - com.ibm.net.ssl.KeyManagerFactory.getInstance(algorithm); + KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(kstore, keyPass.toCharArray()); // If client authentication is needed, set up TrustManager - com.ibm.net.ssl.TrustManager[] tm = null; + TrustManager[] tm = null; if (clientAuth) { - com.ibm.net.ssl.TrustManagerFactory tmf = - com.ibm.net.ssl.TrustManagerFactory.getInstance("SunX509"); + TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(kstore); tm = tmf.getTrustManagers(); @@ -342,8 +345,7 @@ // Create a SSLContext ( to create the ssl factory ) // This is the only way to use server sockets with JSSE 1.0.1 - com.ibm.net.ssl.SSLContext context = - com.ibm.net.ssl.SSLContext.getInstance(protocol); // SSL + SSLContext context = SSLContext.getInstance(protocol); // SSL // init context with the key managers context.init(kmf.getKeyManagers(), tm, 1.1 xml-axis/java/src/org/apache/axis/components/net/IBMFakeTrustSocketFactory.java Index: IBMFakeTrustSocketFactory.java =================================================================== /* * The Apache Software License, Version 1.1 * * * Copyright (c) 2001 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Axis" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . */ package org.apache.axis.components.net; import java.util.Hashtable; import org.apache.axis.components.logger.LogFactory; import org.apache.axis.utils.Messages; import org.apache.commons.logging.Log; import com.ibm.net.ssl.SSLContext; import com.ibm.net.ssl.TrustManager; import com.ibm.net.ssl.X509TrustManager; /** * Hook for Axis sender, allowing unsigned server certs */ public class IBMFakeTrustSocketFactory extends IBMJSSESocketFactory { /** Field log */ protected static Log log = LogFactory.getLog(IBMFakeTrustSocketFactory.class.getName()); /** * Constructor FakeTrustSocketFactory * * @param attributes */ public IBMFakeTrustSocketFactory(Hashtable attributes) { super(attributes); } /** * Method getContext * * @return * * @throws Exception */ protected SSLContext getContext() throws Exception { try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, // we don't need no stinkin KeyManager new TrustManager[]{new FakeX509TrustManager()}, new java.security.SecureRandom()); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf00")); } return sc; } catch (Exception exc) { log.error(Messages.getMessage("ftsf01"), exc); throw new Exception(Messages.getMessage("ftsf02")); } } /** * Class FakeX509TrustManager */ public static class FakeX509TrustManager implements X509TrustManager { /** Field log */ protected static Log log = LogFactory.getLog(FakeX509TrustManager.class.getName()); /** * Method isClientTrusted * * @param chain * * @return */ public boolean isClientTrusted(java.security.cert .X509Certificate[] chain) { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf03")); } return true; } /** * Method isServerTrusted * * @param chain * * @return */ public boolean isServerTrusted(java.security.cert .X509Certificate[] chain) { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf04")); } return true; } /** * Method getAcceptedIssuers * * @return */ public java.security.cert.X509Certificate[] getAcceptedIssuers() { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf05")); } return null; } } } 1.1 xml-axis/java/src/org/apache/axis/components/net/JDK14FakeTrustSocketFactory.java Index: JDK14FakeTrustSocketFactory.java =================================================================== /* * The Apache Software License, Version 1.1 * * * Copyright (c) 2001 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Axis" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . */ package org.apache.axis.components.net; import java.util.Hashtable; import org.apache.axis.components.logger.LogFactory; import org.apache.axis.utils.Messages; import org.apache.commons.logging.Log; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; /** * Hook for Axis sender, allowing unsigned server certs */ public class JDK14FakeTrustSocketFactory extends JDK14JSSESocketFactory { /** Field log */ protected static Log log = LogFactory.getLog(JDK14FakeTrustSocketFactory.class.getName()); /** * Constructor FakeTrustSocketFactory * * @param attributes */ public JDK14FakeTrustSocketFactory(Hashtable attributes) { super(attributes); } /** * Method getContext * * @return * * @throws Exception */ protected SSLContext getContext() throws Exception { try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, // we don't need no stinkin KeyManager new TrustManager[]{new FakeX509TrustManager()}, new java.security.SecureRandom()); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf00")); } return sc; } catch (Exception exc) { log.error(Messages.getMessage("ftsf01"), exc); throw new Exception(Messages.getMessage("ftsf02")); } } /** * Class FakeX509TrustManager */ public static class FakeX509TrustManager implements X509TrustManager { /** Field log */ protected static Log log = LogFactory.getLog(FakeX509TrustManager.class.getName()); /** * Method isClientTrusted * * @param chain * * @return */ public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String arg) throws java.security.cert.CertificateException { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf03")); } } /** * Method isServerTrusted * * @param chain * * @return */ public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String arg) throws java.security.cert.CertificateException { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf04")); } } /** * Method getAcceptedIssuers * * @return */ public java.security.cert.X509Certificate[] getAcceptedIssuers() { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf05")); } return null; } } } 1.1 xml-axis/java/src/org/apache/axis/components/net/SunFakeTrustSocketFactory.java Index: SunFakeTrustSocketFactory.java =================================================================== /* * The Apache Software License, Version 1.1 * * * Copyright (c) 2001 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Axis" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . */ package org.apache.axis.components.net; import java.util.Hashtable; import org.apache.axis.components.logger.LogFactory; import org.apache.axis.utils.Messages; import org.apache.commons.logging.Log; import com.sun.net.ssl.SSLContext; import com.sun.net.ssl.TrustManager; import com.sun.net.ssl.X509TrustManager; /** * Hook for Axis sender, allowing unsigned server certs */ public class SunFakeTrustSocketFactory extends SunJSSESocketFactory { /** Field log */ protected static Log log = LogFactory.getLog(SunFakeTrustSocketFactory.class.getName()); /** * Constructor FakeTrustSocketFactory * * @param attributes */ public SunFakeTrustSocketFactory(Hashtable attributes) { super(attributes); } /** * Method getContext * * @return * * @throws Exception */ protected SSLContext getContext() throws Exception { try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, // we don't need no stinkin KeyManager new TrustManager[]{new FakeX509TrustManager()}, new java.security.SecureRandom()); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf00")); } return sc; } catch (Exception exc) { log.error(Messages.getMessage("ftsf01"), exc); throw new Exception(Messages.getMessage("ftsf02")); } } /** * Class FakeX509TrustManager */ public static class FakeX509TrustManager implements X509TrustManager { /** Field log */ protected static Log log = LogFactory.getLog(FakeX509TrustManager.class.getName()); /** * Method isClientTrusted * * @param chain * * @return */ public boolean isClientTrusted(java.security.cert .X509Certificate[] chain) { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf03")); } return true; } /** * Method isServerTrusted * * @param chain * * @return */ public boolean isServerTrusted(java.security.cert .X509Certificate[] chain) { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf04")); } return true; } /** * Method getAcceptedIssuers * * @return */ public java.security.cert.X509Certificate[] getAcceptedIssuers() { if (log.isDebugEnabled()) { log.debug(Messages.getMessage("ftsf05")); } return null; } } } 1.1 xml-axis/java/src/org/apache/axis/components/net/SecureSocketFactory.java Index: SecureSocketFactory.java =================================================================== /* * The Apache Software License, Version 1.1 * * * Copyright (c) 2002 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Axis" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . */ package org.apache.axis.components.net; /** * Secure Socket factory. * This has a separate interface to allow discovery (by interface) * and runtime distinction to be made between Socket & SecureSockets. * * @author Richard A. Sitze * @author Davanum Srinivas (dims@yahoo.com) */ public interface SecureSocketFactory extends SocketFactory { } 1.1 xml-axis/java/src/org/apache/axis/components/net/SunJSSESocketFactory.java Index: SunJSSESocketFactory.java =================================================================== /* * The Apache Software License, Version 1.1 * * * Copyright (c) 2001 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Axis" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . */ package org.apache.axis.components.net; import com.sun.net.ssl.SSLContext; import org.apache.axis.AxisProperties; import org.apache.axis.utils.JavaUtils; import org.apache.axis.utils.Messages; import org.apache.axis.utils.XMLUtils; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import java.io.BufferedWriter; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.net.Socket; import java.security.KeyStore; import java.security.Security; import java.util.Hashtable; /** * SSL socket factory. It _requires_ a valid RSA key and * JSSE. (borrowed code from tomcat) * * @author Davanum Srinivas (dims@yahoo.com) */ public class SunJSSESocketFactory extends DefaultSocketFactory { /** Field keystoreType */ private String keystoreType; /** Field defaultKeystoreType */ static String defaultKeystoreType = "JKS"; /** Field defaultProtocol */ static String defaultProtocol = "TLS"; /** Field defaultAlgorithm */ static String defaultAlgorithm = "SunX509"; /** Field defaultClientAuth */ static boolean defaultClientAuth = false; /** Field clientAuth */ private boolean clientAuth = false; /** Field sslFactory */ private SSLSocketFactory sslFactory = null; /** Field defaultKeystoreFile */ static String defaultKeystoreFile = System.getProperty("user.home") + "/.keystore"; /** Field defaultKeyPass */ static String defaultKeyPass = "changeit"; /** * Constructor JSSESocketFactory * * @param attributes */ public SunJSSESocketFactory(Hashtable attributes) { super(attributes); } /** * creates a secure socket * * @param host * @param port * @param otherHeaders * @param useFullURL * * @return Socket * @throws Exception */ public Socket create( String host, int port, StringBuffer otherHeaders, BooleanHolder useFullURL) throws Exception { Socket sslSocket = null; if (sslFactory == null) { initFactory(); } if (port == -1) { port = 443; } TransportClientProperties tcp = TransportClientPropertiesFactory.create("https"); boolean hostInNonProxyList = isHostInNonProxyList(host, tcp.getNonProxyHosts()); if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) { // direct SSL connection sslSocket = sslFactory.createSocket(host, port); } else { // Default proxy port is 80, even for https int tunnelPort = (tcp.getProxyPort().length() != 0) ? Integer.parseInt(tcp.getProxyPort()) : 80; if (tunnelPort < 0) tunnelPort = 80; // Create the regular socket connection to the proxy Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort); // The tunnel handshake method (condensed and made reflexive) OutputStream tunnelOutputStream = tunnel.getOutputStream(); PrintWriter out = new PrintWriter( new BufferedWriter(new OutputStreamWriter(tunnelOutputStream))); // More secure version... engage later? // PasswordAuthentication pa = // Authenticator.requestPasswordAuthentication( // InetAddress.getByName(tunnelHost), // tunnelPort, "SOCK", "Proxy","HTTP"); // if(pa == null){ // printDebug("No Authenticator set."); // }else{ // printDebug("Using Authenticator."); // tunnelUser = pa.getUserName(); // tunnelPassword = new String(pa.getPassword()); // } out.print("CONNECT " + host + ":" + port + " HTTP/1.0\r\n" + "User-Agent: AxisClient"); if (tcp.getProxyUser().length() != 0 && tcp.getProxyPassword().length() != 0) { // add basic authentication header for the proxy String encodedPassword = XMLUtils.base64encode((tcp.getProxyUser() + ":" + tcp.getProxyPassword()).getBytes()); out.print("\nProxy-Authorization: Basic " + encodedPassword); } out.print("\nContent-Length: 0"); out.print("\nPragma: no-cache"); out.print("\r\n\r\n"); out.flush(); InputStream tunnelInputStream = tunnel.getInputStream(); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("isNull00", "tunnelInputStream", "" + (tunnelInputStream == null))); } String replyStr = ""; // Make sure to read all the response from the proxy to prevent SSL negotiation failure // Response message terminated by two sequential newlines int newlinesSeen = 0; boolean headerDone = false; /* Done on first newline */ while (newlinesSeen < 2) { int i = tunnelInputStream.read(); if (i < 0) { throw new IOException("Unexpected EOF from proxy"); } if (i == '\n') { headerDone = true; ++newlinesSeen; } else if (i != '\r') { newlinesSeen = 0; if (!headerDone) { replyStr += String.valueOf((char) i); } } } if (!replyStr.startsWith("HTTP/1.0 200") && !replyStr.startsWith("HTTP/1.1 200")) { throw new IOException(Messages.getMessage("cantTunnel00", new String[]{ tcp.getProxyHost(), "" + tunnelPort, replyStr})); } // End of condensed reflective tunnel handshake method sslSocket = sslFactory.createSocket(tunnel, host, port, true); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("setupTunnel00", tcp.getProxyHost(), "" + tunnelPort)); } } ((SSLSocket) sslSocket).startHandshake(); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("createdSSL00")); } return sslSocket; } /** * Read the keystore, init the SSL socket factory * * @throws IOException */ private void initFactory() throws IOException { try { Security.addProvider(new sun.security.provider.Sun()); Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); if(attributes == null) { //No configuration specified. Get the default. sslFactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); } else { //Configuration specified in wsdd. SSLContext context = getContext(); sslFactory = context.getSocketFactory(); } } catch (Exception e) { if (e instanceof IOException) { throw (IOException) e; } throw new IOException(e.getMessage()); } } /** * gets a SSL Context * * @return SSLContext * @throws Exception */ protected SSLContext getContext() throws Exception { // Please don't change the name of the attribute - other // software may depend on it ( j2ee for sure ) String keystoreFile = (String) attributes.get("keystore"); if (keystoreFile == null) { keystoreFile = defaultKeystoreFile; } keystoreType = (String) attributes.get("keystoreType"); if (keystoreType == null) { keystoreType = defaultKeystoreType; } // determine whether we want client authentication // the presence of the attribute enables client auth clientAuth = null != (String) attributes.get("clientauth"); String keyPass = (String) attributes.get("keypass"); if (keyPass == null) { keyPass = defaultKeyPass; } String keystorePass = (String) attributes.get("keystorePass"); if (keystorePass == null) { keystorePass = keyPass; } // protocol for the SSL ie - TLS, SSL v3 etc. String protocol = (String) attributes.get("protocol"); if (protocol == null) { protocol = defaultProtocol; } // Algorithm used to encode the certificate ie - SunX509 String algorithm = (String) attributes.get("algorithm"); if (algorithm == null) { algorithm = defaultAlgorithm; } // You can't use ssl without a server certificate. // Create a KeyStore ( to get server certs ) KeyStore kstore = initKeyStore(keystoreFile, keystorePass); // Key manager will extract the server key com.sun.net.ssl.KeyManagerFactory kmf = com.sun.net.ssl.KeyManagerFactory.getInstance(algorithm); kmf.init(kstore, keyPass.toCharArray()); // If client authentication is needed, set up TrustManager com.sun.net.ssl.TrustManager[] tm = null; if (clientAuth) { com.sun.net.ssl.TrustManagerFactory tmf = com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509"); tmf.init(kstore); tm = tmf.getTrustManagers(); } // Create a SSLContext ( to create the ssl factory ) // This is the only way to use server sockets with JSSE 1.0.1 SSLContext context = com.sun.net.ssl.SSLContext.getInstance(protocol); // SSL // init context with the key managers context.init(kmf.getKeyManagers(), tm, new java.security.SecureRandom()); return context; } /** * intializes a keystore. * * @param keystoreFile * @param keyPass * * @return keystore * @throws IOException */ private KeyStore initKeyStore(String keystoreFile, String keyPass) throws IOException { try { KeyStore kstore = KeyStore.getInstance(keystoreType); InputStream istream = new FileInputStream(keystoreFile); kstore.load(istream, keyPass.toCharArray()); return kstore; } catch (FileNotFoundException fnfe) { throw fnfe; } catch (IOException ioe) { throw ioe; } catch (Exception ex) { ex.printStackTrace(); throw new IOException("Exception trying to load keystore " + keystoreFile + ": " + ex.getMessage()); } } } 1.1 xml-axis/java/src/org/apache/axis/components/net/JDK14JSSESocketFactory.java Index: JDK14JSSESocketFactory.java =================================================================== /* * The Apache Software License, Version 1.1 * * * Copyright (c) 2001 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Axis" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . */ package org.apache.axis.components.net; import javax.net.ssl.SSLContext; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import org.apache.axis.AxisProperties; import org.apache.axis.utils.JavaUtils; import org.apache.axis.utils.Messages; import org.apache.axis.utils.XMLUtils; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import java.io.BufferedWriter; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.net.Socket; import java.security.KeyStore; import java.security.Security; import java.util.Hashtable; /** * SSL socket factory. It _requires_ a valid RSA key and * JSSE. (borrowed code from tomcat) * * THIS CODE STILL HAS DEPENDENCIES ON sun.* and com.sun.* * * @author Davanum Srinivas (dims@yahoo.com) */ public class JDK14JSSESocketFactory extends DefaultSocketFactory { /** Field keystoreType */ private String keystoreType; /** Field defaultKeystoreType */ static String defaultKeystoreType = "JKS"; /** Field defaultProtocol */ static String defaultProtocol = "TLS"; /** Field defaultAlgorithm */ static String defaultAlgorithm = "SunX509"; /** Field defaultClientAuth */ static boolean defaultClientAuth = false; /** Field clientAuth */ private boolean clientAuth = false; /** Field sslFactory */ private SSLSocketFactory sslFactory = null; /** Field defaultKeystoreFile */ static String defaultKeystoreFile = System.getProperty("user.home") + "/.keystore"; /** Field defaultKeyPass */ static String defaultKeyPass = "changeit"; /** * Constructor JSSESocketFactory * * @param attributes */ public JDK14JSSESocketFactory(Hashtable attributes) { super(attributes); } /** * creates a secure socket * * @param host * @param port * @param otherHeaders * @param useFullURL * * @return Socket * @throws Exception */ public Socket create( String host, int port, StringBuffer otherHeaders, BooleanHolder useFullURL) throws Exception { Socket sslSocket = null; if (sslFactory == null) { initFactory(); } if (port == -1) { port = 443; } TransportClientProperties tcp = TransportClientPropertiesFactory.create("https"); boolean hostInNonProxyList = isHostInNonProxyList(host, tcp.getNonProxyHosts()); if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) { // direct SSL connection sslSocket = sslFactory.createSocket(host, port); } else { // Default proxy port is 80, even for https int tunnelPort = (tcp.getProxyPort().length() != 0) ? Integer.parseInt(tcp.getProxyPort()) : 80; if (tunnelPort < 0) tunnelPort = 80; // Create the regular socket connection to the proxy Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort); // The tunnel handshake method (condensed and made reflexive) OutputStream tunnelOutputStream = tunnel.getOutputStream(); PrintWriter out = new PrintWriter( new BufferedWriter(new OutputStreamWriter(tunnelOutputStream))); // More secure version... engage later? // PasswordAuthentication pa = // Authenticator.requestPasswordAuthentication( // InetAddress.getByName(tunnelHost), // tunnelPort, "SOCK", "Proxy","HTTP"); // if(pa == null){ // printDebug("No Authenticator set."); // }else{ // printDebug("Using Authenticator."); // tunnelUser = pa.getUserName(); // tunnelPassword = new String(pa.getPassword()); // } out.print("CONNECT " + host + ":" + port + " HTTP/1.0\r\n" + "User-Agent: AxisClient"); if (tcp.getProxyUser().length() != 0 && tcp.getProxyPassword().length() != 0) { // add basic authentication header for the proxy String encodedPassword = XMLUtils.base64encode((tcp.getProxyUser() + ":" + tcp.getProxyPassword()).getBytes()); out.print("\nProxy-Authorization: Basic " + encodedPassword); } out.print("\nContent-Length: 0"); out.print("\nPragma: no-cache"); out.print("\r\n\r\n"); out.flush(); InputStream tunnelInputStream = tunnel.getInputStream(); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("isNull00", "tunnelInputStream", "" + (tunnelInputStream == null))); } String replyStr = ""; // Make sure to read all the response from the proxy to prevent SSL negotiation failure // Response message terminated by two sequential newlines int newlinesSeen = 0; boolean headerDone = false; /* Done on first newline */ while (newlinesSeen < 2) { int i = tunnelInputStream.read(); if (i < 0) { throw new IOException("Unexpected EOF from proxy"); } if (i == '\n') { headerDone = true; ++newlinesSeen; } else if (i != '\r') { newlinesSeen = 0; if (!headerDone) { replyStr += String.valueOf((char) i); } } } if (!replyStr.startsWith("HTTP/1.0 200") && !replyStr.startsWith("HTTP/1.1 200")) { throw new IOException(Messages.getMessage("cantTunnel00", new String[]{ tcp.getProxyHost(), "" + tunnelPort, replyStr})); } // End of condensed reflective tunnel handshake method sslSocket = sslFactory.createSocket(tunnel, host, port, true); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("setupTunnel00", tcp.getProxyHost(), "" + tunnelPort)); } } ((SSLSocket) sslSocket).startHandshake(); if (log.isDebugEnabled()) { log.debug(Messages.getMessage("createdSSL00")); } return sslSocket; } /** * Read the keystore, init the SSL socket factory * * @throws IOException */ private void initFactory() throws IOException { try { Security.addProvider(new sun.security.provider.Sun()); Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); if(attributes == null) { //No configuration specified. Get the default. sslFactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); } else { //Configuration specified in wsdd. SSLContext context = getContext(); sslFactory = context.getSocketFactory(); } } catch (Exception e) { if (e instanceof IOException) { throw (IOException) e; } throw new IOException(e.getMessage()); } } /** * gets a SSL Context * * @return SSLContext * @throws Exception */ protected SSLContext getContext() throws Exception { // Please don't change the name of the attribute - other // software may depend on it ( j2ee for sure ) String keystoreFile = (String) attributes.get("keystore"); if (keystoreFile == null) { keystoreFile = defaultKeystoreFile; } keystoreType = (String) attributes.get("keystoreType"); if (keystoreType == null) { keystoreType = defaultKeystoreType; } // determine whether we want client authentication // the presence of the attribute enables client auth clientAuth = null != (String) attributes.get("clientauth"); String keyPass = (String) attributes.get("keypass"); if (keyPass == null) { keyPass = defaultKeyPass; } String keystorePass = (String) attributes.get("keystorePass"); if (keystorePass == null) { keystorePass = keyPass; } // protocol for the SSL ie - TLS, SSL v3 etc. String protocol = (String) attributes.get("protocol"); if (protocol == null) { protocol = defaultProtocol; } // Algorithm used to encode the certificate ie - SunX509 String algorithm = (String) attributes.get("algorithm"); if (algorithm == null) { algorithm = defaultAlgorithm; } // You can't use ssl without a server certificate. // Create a KeyStore ( to get server certs ) KeyStore kstore = initKeyStore(keystoreFile, keystorePass); // Key manager will extract the server key KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(kstore, keyPass.toCharArray()); // If client authentication is needed, set up TrustManager TrustManager[] tm = null; if (clientAuth) { TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(kstore); tm = tmf.getTrustManagers(); } // Create a SSLContext ( to create the ssl factory ) // This is the only way to use server sockets with JSSE 1.0.1 SSLContext context = SSLContext.getInstance(protocol); // SSL // init context with the key managers context.init(kmf.getKeyManagers(), tm, new java.security.SecureRandom()); return context; } /** * intializes a keystore. * * @param keystoreFile * @param keyPass * * @return keystore * @throws IOException */ private KeyStore initKeyStore(String keystoreFile, String keyPass) throws IOException { try { KeyStore kstore = KeyStore.getInstance(keystoreType); InputStream istream = new FileInputStream(keystoreFile); kstore.load(istream, keyPass.toCharArray()); return kstore; } catch (FileNotFoundException fnfe) { throw fnfe; } catch (IOException ioe) { throw ioe; } catch (Exception ex) { ex.printStackTrace(); throw new IOException("Exception trying to load keystore " + keystoreFile + ": " + ex.getMessage()); } } } 1.14 +114 -86 xml-axis/java/lib/commons-discovery.jar <> 1.88 +5 -25 xml-axis/java/src/org/apache/axis/transport/http/HTTPSender.java Index: HTTPSender.java =================================================================== RCS file: /home/cvs/xml-axis/java/src/org/apache/axis/transport/http/HTTPSender.java,v retrieving revision 1.87 retrieving revision 1.88 diff -u -r1.87 -r1.88 --- HTTPSender.java 18 Sep 2002 16:10:30 -0000 1.87 +++ HTTPSender.java 8 Oct 2002 22:23:59 -0000 1.88 @@ -111,12 +111,7 @@ Socket sock = null; - // create socket based on the url protocol type - if (targetURL.getProtocol().equalsIgnoreCase("https")) { - sock = getSecureSocket(host, port, otherHeaders, useFullURL); - } else { - sock = getSocket(host, port, otherHeaders, useFullURL); - } + sock = getSocket(targetURL.getProtocol(), host, port, otherHeaders, useFullURL); // optionally set a timeout for the request if (msgContext.getTimeout() != 0) { @@ -140,25 +135,9 @@ } /** - * getSecureSocket is used when we need a secure SSL connection to the SOAP Server - * - * @param host host name - * @param port port that we need to connect to - * - * @return a secure socket - * - * @throws Exception - */ - private Socket getSecureSocket( - String host, int port, StringBuffer otherHeaders, BooleanHolder useFullURL) - throws Exception { - SocketFactory factory = SocketFactoryFactory.getSecureFactory(getOptions()); - return factory.create(host, port, otherHeaders, useFullURL); - } - - /** - * Creates a non-ssl socket connection to the SOAP server + * Creates a socket connection to the SOAP server * + * @param protocol "http" for standard, "https" for ssl. * @param host host name * @param port port to connect to * @param otherHeaders buffer for storing additional headers that need to be sent @@ -169,9 +148,10 @@ * @throws IOException */ private Socket getSocket( + String protocol, String host, int port, StringBuffer otherHeaders, BooleanHolder useFullURL) throws Exception { - SocketFactory factory = SocketFactoryFactory.getFactory(getOptions()); + SocketFactory factory = SocketFactoryFactory.getFactory(protocol, getOptions()); return factory.create(host, port, otherHeaders, useFullURL); } 1.19 +7 -7 xml-axis/java/src/org/apache/axis/configuration/EngineConfigurationFactoryFinder.java Index: EngineConfigurationFactoryFinder.java =================================================================== RCS file: /home/cvs/xml-axis/java/src/org/apache/axis/configuration/EngineConfigurationFactoryFinder.java,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- EngineConfigurationFactoryFinder.java 1 Oct 2002 14:33:45 -0000 1.18 +++ EngineConfigurationFactoryFinder.java 8 Oct 2002 22:23:59 -0000 1.19 @@ -55,20 +55,20 @@ package org.apache.axis.configuration; -import java.lang.reflect.Method; import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; import java.security.AccessController; import java.security.PrivilegedAction; +import org.apache.axis.AxisProperties; import org.apache.axis.EngineConfigurationFactory; import org.apache.axis.components.logger.LogFactory; -import org.apache.axis.discovery.DiscoverConstNames; -import org.apache.axis.discovery.DiscoverOldNamesInManagedProperties; import org.apache.axis.utils.Messages; import org.apache.commons.discovery.ResourceClassIterator; import org.apache.commons.discovery.ResourceNameIterator; import org.apache.commons.discovery.resource.ClassLoaders; import org.apache.commons.discovery.resource.classes.DiscoverClasses; +import org.apache.commons.discovery.resource.names.DiscoverConstNames; import org.apache.commons.discovery.resource.names.DiscoverNamesInManagedProperties; import org.apache.commons.discovery.resource.names.DiscoverServiceNames; import org.apache.commons.discovery.resource.names.NameDiscoverers; @@ -152,7 +152,7 @@ ClassLoaders.getAppLoaders(mySpi, myFactory, true); NameDiscoverers nameDiscoverers = new NameDiscoverers(); - nameDiscoverers.addResourceNameDiscover(new DiscoverOldNamesInManagedProperties()); + nameDiscoverers.addResourceNameDiscover(AxisProperties.getAlternatePropertyNameDiscoverer()); nameDiscoverers.addResourceNameDiscover(new DiscoverNamesInManagedProperties()); nameDiscoverers.addResourceNameDiscover(new DiscoverServiceNames(loaders)); nameDiscoverers.addResourceNameDiscover(new DiscoverConstNames( @@ -161,12 +161,12 @@ "org.apache.axis.configuration.EngineConfigurationFactoryDefault", }) ); - + ResourceNameIterator it = nameDiscoverers.findResourceNames(mySpi.getName()); - + ResourceClassIterator services = new DiscoverClasses(loaders).findResourceClasses(it); - + EngineConfigurationFactory factory = null; while (factory == null && services.hasNext()) { 1.17 +21 -3 xml-axis/java/src/org/apache/axis/AxisProperties.java Index: AxisProperties.java =================================================================== RCS file: /home/cvs/xml-axis/java/src/org/apache/axis/AxisProperties.java,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- AxisProperties.java 18 Sep 2002 16:10:31 -0000 1.16 +++ AxisProperties.java 8 Oct 2002 22:24:00 -0000 1.17 @@ -61,15 +61,16 @@ import java.util.Map; import java.util.Properties; -import org.apache.axis.utils.JavaUtils; +import org.apache.axis.components.logger.LogFactory; +import org.apache.axis.components.net.SocketFactory; import org.apache.axis.utils.Messages; +import org.apache.commons.discovery.ResourceNameDiscover; +import org.apache.commons.discovery.resource.names.DiscoverNamesInAlternateManagedProperties; import org.apache.commons.discovery.tools.DefaultClassHolder; import org.apache.commons.discovery.tools.DiscoverClass; import org.apache.commons.discovery.tools.ManagedProperties; import org.apache.commons.discovery.tools.PropertiesHolder; import org.apache.commons.discovery.tools.SPInterface; - -import org.apache.axis.components.logger.LogFactory; import org.apache.commons.logging.Log; @@ -106,6 +107,8 @@ public class AxisProperties { protected static Log log = LogFactory.getLog(AxisProperties.class.getName()); + + private static DiscoverNamesInAlternateManagedProperties altNameDiscoverer; public static Object newInstance(Class spiClass, String defaultClass) { @@ -216,6 +219,21 @@ return ManagedProperties.getProperties(); } + + public static final ResourceNameDiscover getAlternatePropertyNameDiscoverer() { + if (altNameDiscoverer == null) { + altNameDiscoverer = new DiscoverNamesInAlternateManagedProperties(); + altNameDiscoverer.addClassToPropertyNameMapping( + EngineConfigurationFactory.class.getName(), + EngineConfigurationFactory.SYSTEM_PROPERTY_NAME); + + altNameDiscoverer.addClassToPropertyNameMapping( + SocketFactory.class.getName(), + "axis.socketFactory"); + } + + return altNameDiscoverer; + } /** * !WARNING! 1.204 +2 -2 xml-axis/java/build.xml Index: build.xml =================================================================== RCS file: /home/cvs/xml-axis/java/build.xml,v retrieving revision 1.203 retrieving revision 1.204 diff -u -r1.203 -r1.204 --- build.xml 8 Oct 2002 12:12:46 -0000 1.203 +++ build.xml 8 Oct 2002 22:24:00 -0000 1.204 @@ -79,9 +79,9 @@ classpathref="classpath"> - + + - 1.41 +14 -3 xml-axis/java/xmls/targets.xml Index: targets.xml =================================================================== RCS file: /home/cvs/xml-axis/java/xmls/targets.xml,v retrieving revision 1.40 retrieving revision 1.41 diff -u -r1.40 -r1.41 --- targets.xml 8 Oct 2002 17:55:33 -0000 1.40 +++ targets.xml 8 Oct 2002 22:24:00 -0000 1.41 @@ -115,7 +115,16 @@ classname="com.meterware.httpunit.GetMethodWebRequest" classpathref="classpath"/> - + + + + + + + + + + @@ -124,7 +133,7 @@ - + @@ -220,7 +229,9 @@ - + + +