axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ruchi...@apache.org
Subject svn commit: r441010 - in /webservices/axis2/trunk/java/modules: integration/test/org/apache/rahas/TestClient.java rahas/src/org/apache/rahas/client/STSClient.java rahas/src/org/apache/rahas/errors.properties
Date Thu, 07 Sep 2006 08:02:06 GMT
Author: ruchithf
Date: Thu Sep  7 01:02:05 2006
New Revision: 441010

URL: http://svn.apache.org/viewvc?view=rev&rev=441010
Log:
Minor changes to STSClient :
  - Added a constructor which accepts a conig ctx
  - Enabled setting the trust version and the RSTTemplate externally
    

Modified:
    webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
    webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
    webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties

Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java?view=diff&rev=441010&r1=441009&r2=441010
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
(original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rahas/TestClient.java
Thu Sep  7 01:02:05 2006
@@ -141,7 +141,7 @@
      */
     public void testWithStsClient() {
         
-        STSClient client = new STSClient();
+
         
         // Get the repository location from the args
         String repo = Constants.TESTING_PATH + "rahas_client_repo";
@@ -150,6 +150,8 @@
             ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repo,
                     null);
             
+            STSClient client = new STSClient(configContext);
+            
             Options options = new Options();
             OutflowConfiguration clientOutflowConfiguration = getClientOutflowConfiguration();
             if(clientOutflowConfiguration != null) {
@@ -162,13 +164,13 @@
             
             client.setAction(this.getRequestAction());
             client.setOptions(options);
+            client.setRstTemplate(this.getRSTTemplate());
+            client.setVersion(this.getTrstVersion());
             
-            Token tok = client.requestSecurityToken(configContext, 
-                    this.getTrstVersion(), this.getServicePolicy(),
-                    "http://127.0.0.1:" + port+ "/axis2/services/SecureService", 
-                    this.getSTSPolicy(), 
-                    this.getRSTTemplate(), 
-                    TrustUtil.getWSTNamespace(this.getTrstVersion())+ RahasConstants.REQ_TYPE_ISSUE,
+            Token tok = client.requestSecurityToken( 
+                    this.getServicePolicy(), "http://127.0.0.1:" + port + "/axis2/services/SecureService",
this.getSTSPolicy(),
+                    TrustUtil.getWSTNamespace(this.getTrstVersion())
+                            + RahasConstants.REQ_TYPE_ISSUE,
                     "http://localhost:5555/axis2/services/SecureService");
             
             assertNotNull("Response token missing", tok);

Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java?view=diff&rev=441010&r1=441009&r2=441010
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
(original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
Thu Sep  7 01:02:05 2006
@@ -62,6 +62,10 @@
 
     private String action;
     
+    private OMElement rstTemplate;
+    
+    private int version = RahasConstants.VERSION_05_02;
+    
     private Options options;
     
     private Trust10 trust10;
@@ -84,21 +88,32 @@
     private Crypto crypto;
     
     private CallbackHandler cbHandler;
+    
+    private ConfigurationContext configCtx;
 
-    public Token requestSecurityToken(ConfigurationContext configCtx,
-            int version, Policy servicePolicy, String issuerAddress,
-            Policy IssuerPolicy, OMElement rstTemplate, String requestType,
+    public STSClient(ConfigurationContext configCtx) throws TrustException {
+        if(configCtx != null) {
+            this.configCtx = configCtx;
+        } else {
+            throw new TrustException("stsClientCfgCtxNull");
+        }
+    }
+    
+    public Token requestSecurityToken(
+            Policy servicePolicy, String issuerAddress,
+            Policy IssuerPolicy,  String requestType,
             String appliesTo) throws TrustException {
         try {
             AxisService axisService = new AxisService("SecurityTokenService");
             QName rstQn = new QName("requestSecurityToken");
             OutInAxisOperation operation = new OutInAxisOperation(rstQn);
             axisService.addOperation(operation);
-            ServiceClient client = new ServiceClient(configCtx, axisService);
+            ServiceClient client = new ServiceClient(this.configCtx, axisService);
             
             if(this.options != null) {
                 client.setOptions(options);
             }
+
             //Set the action
             client.getOptions().setAction(action);
             client.getOptions().setTo(new EndpointReference(issuerAddress));
@@ -110,7 +125,7 @@
             //Process the STS and service policy policy
             this.processPolicy(IssuerPolicy, servicePolicy);
 
-            OMElement result = client.sendReceive(rstQn, this.createRequest(version, rstTemplate,
requestType, appliesTo));
+            OMElement result = client.sendReceive(rstQn, this.createRequest(requestType,
appliesTo));
             
             return this.processResult(version, result);
         } catch (AxisFault e) {
@@ -148,7 +163,8 @@
                 .getFirstElement();
         
         //Get the security token
-        OMElement reqSecTok = rstr.getFirstChildWithName(new QName(ns, RahasConstants.REQUESTED_SECURITY_TOKEN_LN));
+        OMElement reqSecTok = rstr.getFirstChildWithName(new QName(ns,
+                RahasConstants.REQUESTED_SECURITY_TOKEN_LN));
         if(reqSecTok == null) {
             throw new TrustException("reqestedSecTokMissing");
         }
@@ -161,14 +177,16 @@
             throw new TrustException("cannotObtainTokenIdentifier");
         }
         
-        OMElement lifeTimeEle = rstr.getFirstChildWithName(new QName(ns, RahasConstants.LIFETIME_LN));
+        OMElement lifeTimeEle = rstr.getFirstChildWithName(new QName(ns,
+                RahasConstants.LIFETIME_LN));
         
         Token tok = new Token(id, tokenElem, lifeTimeEle);
         tok.setAttachedReference(reqAttRef);
         tok.setUnattachedReference(reqUnattRef);
         
         //Handle proof token
-        OMElement rpt = rstr.getFirstChildWithName(new QName(ns, RahasConstants.REQUESTED_PROOF_TOKEN_LN));
+        OMElement rpt = rstr.getFirstChildWithName(new QName(ns,
+                RahasConstants.REQUESTED_PROOF_TOKEN_LN));
         
         byte[] secret = null;
         
@@ -183,11 +201,16 @@
                 tok.setSecret(Base64.decode(b64Secret));
             }else if(child.getQName().equals(new QName(ns, WSConstants.ENC_KEY_LN))){
                 try {
-                    Element domChild = (Element)new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),child.getXMLStreamReader()).getDocumentElement();
+                    Element domChild = (Element) new StAXOMBuilder(
+                            DOOMAbstractFactory.getOMFactory(), child
+                                    .getXMLStreamReader()).getDocumentElement();
+                    
                     EncryptedKeyProcessor processor = new EncryptedKeyProcessor();
+                    
                     processor.handleToken(domChild, null, this.crypto,
                             this.cbHandler, null, new Vector(),
                             null);
+                    
                     secret = processor.getDecryptedBytes();
                 } catch (WSSecurityException e) {
                     throw new TrustException("errorInProcessingEncryptedKey", e);
@@ -196,9 +219,15 @@
                 //Handle the computed key
 
                 //Get service entropy
-                OMElement serviceEntrElem = rstr.getFirstChildWithName(new QName(ns, RahasConstants.ENTROPY_LN));
+                OMElement serviceEntrElem = rstr
+                        .getFirstChildWithName(new QName(ns,
+                                RahasConstants.ENTROPY_LN));
+                
                 OMElement binSecElem = serviceEntrElem.getFirstElement();
-                if(binSecElem != null && binSecElem.getText() != null &&
!"".equals(binSecElem.getText().trim())) {
+                
+                if (binSecElem != null && binSecElem.getText() != null
+                        && !"".equals(binSecElem.getText().trim())) {
+                    
                     byte[] serviceEntr = Base64.decode(binSecElem.getText());
                     
                     //Right now we only use PSHA1 as the computed key algo              
     
@@ -311,48 +340,56 @@
     /**
      * Create the RST request.
      * @param version 
-     * @param rstTemplate 
      * @return
      * @throws TrustException
      */
-    private OMElement createRequest(int version, OMElement rstTemplate, String requestType,
String appliesTo) throws TrustException {
+    private OMElement createRequest(String requestType,
+            String appliesTo) throws TrustException {
         OMElement rst = TrustUtil.createRequestSecurityTokenElement(version);
 
-        TrustUtil.createRequestTypeElement(version, rst, requestType);
+        TrustUtil.createRequestTypeElement(this.version, rst, requestType);
         TrustUtil.createAppliesToElement(rst, appliesTo, this.addressingNs);
-        TrustUtil.createLifetimeElement(version, rst, this.ttl * 1000);
+        TrustUtil.createLifetimeElement(this.version, rst, this.ttl * 1000);
         
         //Copy over the elements from the template
-        Iterator templateChildren = rstTemplate.getChildElements();
-        while (templateChildren.hasNext()) {
-            OMNode child = (OMNode) templateChildren.next();
-            rst.addChild(child);
-            
-            //Look for the key size element
-            if (child instanceof OMElement
-                    && ((OMElement) child).getQName().equals(
-                            new QName(TrustUtil.getWSTNamespace(version),
-                                    RahasConstants.KEY_SIZE_LN))) {
-                OMElement childElem = (OMElement)child;
-                this.keySize = (childElem.getText() != null && !""
-                        .equals(childElem.getText())) ? 
-                                Integer.parseInt(childElem.getText()) : -1;
+        if(this.rstTemplate != null) {
+            Iterator templateChildren = rstTemplate.getChildElements();
+            while (templateChildren.hasNext()) {
+                OMNode child = (OMNode) templateChildren.next();
+                rst.addChild(child);
+                
+                //Look for the key size element
+                if (child instanceof OMElement
+                        && ((OMElement) child).getQName().equals(
+                                new QName(TrustUtil.getWSTNamespace(this.version),
+                                        RahasConstants.KEY_SIZE_LN))) {
+                    OMElement childElem = (OMElement)child;
+                    this.keySize = (childElem.getText() != null && !""
+                            .equals(childElem.getText())) ? 
+                                    Integer.parseInt(childElem.getText()) : -1;
+                }
             }
         }
         
         try {
-            //Handle entropy
-            if(this.trust10 != null) {
-                if(this.trust10.isRequireClientEntropy()) {
-                    //setup requestor entropy
-                    OMElement ent = TrustUtil.createEntropyElement(version, rst);
-                    OMElement binSec = TrustUtil.createBinarySecretElement(version, ent,
RahasConstants.BIN_SEC_TYPE_NONCE);
-                    this.requestorEntropy = WSSecurityUtil.generateNonce(this.algorithmSuite.getMaximumSymmetricKeyLength());
+            // Handle entropy
+            if (this.trust10 != null) {
+                if (this.trust10.isRequireClientEntropy()) {
+                    // setup requestor entropy
+                    OMElement ent = TrustUtil
+                            .createEntropyElement(this.version, rst);
+                    OMElement binSec = TrustUtil.createBinarySecretElement(
+                            this.version, ent,
+                            RahasConstants.BIN_SEC_TYPE_NONCE);
+                    this.requestorEntropy = WSSecurityUtil
+                            .generateNonce(this.algorithmSuite
+                                    .getMaximumSymmetricKeyLength());
                     binSec.setText(Base64.encode(this.requestorEntropy));
-                    
-                    //Add the ComputedKey element
-                    TrustUtil.createComputedKeyAlgorithm(version, rst, RahasConstants.COMPUTED_KEY_PSHA1);
-                    
+
+                    // Add the ComputedKey element
+                    TrustUtil.createComputedKeyAlgorithm(this.version, rst,
+                            RahasConstants.COMPUTED_KEY_PSHA1);
+
                 }
             }
         } catch (Exception e) {
@@ -416,6 +453,27 @@
         this.crypto = crypto;
         this.cbHandler = new CBHandler(privKeyPasswd);
     }
+
+    /**
+     * @param action The action to set.
+     */
+    public void setAction(String action) {
+        this.action = action;
+    }
+
+    /**
+     * @param options The options to set.
+     */
+    public void setOptions(Options options) {
+        this.options = options;
+    }
+
+    /**
+     * @param rstTemplate The rstTemplate to set.
+     */
+    public void setRstTemplate(OMElement rstTemplate) {
+        this.rstTemplate = rstTemplate;
+    }
     
     private class CBHandler implements CallbackHandler {
         
@@ -425,24 +483,18 @@
             this.passwd = passwd;
         }
 
-        public void handle(Callback[] cb) throws IOException, UnsupportedCallbackException
{
+        public void handle(Callback[] cb) throws IOException,
+                UnsupportedCallbackException {
             ((WSPasswordCallback)cb[0]).setPassword(this.passwd);
         }
         
     }
 
     /**
-     * @param action The action to set.
+     * @param version The version to set.
      */
-    public void setAction(String action) {
-        this.action = action;
-    }
-
-    /**
-     * @param options The options to set.
-     */
-    public void setOptions(Options options) {
-        this.options = options;
+    public void setVersion(int version) {
+        this.version = version;
     }
 
 }

Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties?view=diff&rev=441010&r1=441009&r2=441010
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties Thu
Sep  7 01:02:05 2006
@@ -43,6 +43,8 @@
 keyDerivationError = Error in key derivation
 errorInProcessingEncryptedKey = Error in processing encrypted key
 
+stsClientCfgCtxNull = STSClient: ConfigurationContext client is null
+
 #SCTIssuer specific error messages
 sctIssuerCryptoPropertiesMissing = When the tokenType is not \"BinarySecret\" the cryptoProperties
MUST be specified
 



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org


Mime
View raw message