axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ruchi...@apache.org
Subject svn commit: r453642 - in /webservices/axis2/branches/java/1_1/modules: integration/test/org/apache/rampart/ rahas/src/org/apache/rahas/impl/ security/src/org/apache/rampart/ security/src/org/apache/rampart/builder/
Date Fri, 06 Oct 2006 15:34:46 GMT
Author: ruchithf
Date: Fri Oct  6 08:34:45 2006
New Revision: 453642

URL: http://svn.apache.org/viewvc?view=rev&rev=453642
Log:
Sync rampart and rahas changes with trunk

Modified:
    webservices/axis2/branches/java/1_1/modules/integration/test/org/apache/rampart/RampartTest.java
    webservices/axis2/branches/java/1_1/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
    webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/MessageBuilder.java
    webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/RampartMessageData.java
    webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java
    webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/errors.properties

Modified: webservices/axis2/branches/java/1_1/modules/integration/test/org/apache/rampart/RampartTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/integration/test/org/apache/rampart/RampartTest.java?view=diff&rev=453642&r1=453641&r2=453642
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/integration/test/org/apache/rampart/RampartTest.java
(original)
+++ webservices/axis2/branches/java/1_1/modules/integration/test/org/apache/rampart/RampartTest.java
Fri Oct  6 08:34:45 2006
@@ -30,7 +30,6 @@
 import org.apache.axis2.integration.UtilServer;
 import org.apache.neethi.Policy;
 import org.apache.neethi.PolicyEngine;
-import org.apache.rahas.RahasConstants;
 
 import javax.xml.namespace.QName;
 
@@ -101,9 +100,13 @@
                 serviceClient.sendReceive(getEchoElement());
                 
                 //Cancel the token
-                options.setAction(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT);
+                options.setProperty(RampartMessageData.CANCEL_REQUEST, Constants.VALUE_TRUE);
                 serviceClient.sendReceive(getEchoElement());
                 
+                options.setProperty(RampartMessageData.CANCEL_REQUEST, Constants.VALUE_FALSE);
+                serviceClient.sendReceive(getEchoElement());
+                options.setProperty(RampartMessageData.CANCEL_REQUEST, Constants.VALUE_TRUE);
+                serviceClient.sendReceive(getEchoElement());
             }
 
         } catch (Exception e) {

Modified: webservices/axis2/branches/java/1_1/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java?view=diff&rev=453642&r1=453641&r2=453642
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
(original)
+++ webservices/axis2/branches/java/1_1/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
Fri Oct  6 08:34:45 2006
@@ -172,10 +172,6 @@
             
             sctToken.setState(Token.ISSUED);
             TrustUtil.getTokenStore(data.getInMessageContext()).add(sctToken);
-            this.getContextMap(data.getInMessageContext()).put(
-                    this.getContextIdentifierKey(data.getInMessageContext()),
-                    sctToken.getId());
-            
             return env;
         } catch (ConversationException e) {
             throw new TrustException(e.getMessage(), e);

Modified: webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/MessageBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/MessageBuilder.java?view=diff&rev=453642&r1=453641&r2=453642
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/MessageBuilder.java
(original)
+++ webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/MessageBuilder.java
Fri Oct  6 08:34:45 2006
@@ -18,6 +18,10 @@
 
 import org.apache.axiom.om.OMElement;
 import org.apache.axis2.AxisFault;
+import org.apache.axis2.Constants;
+import org.apache.axis2.addressing.AddressingConstants;
+import org.apache.axis2.addressing.AddressingConstants.Final;
+import org.apache.axis2.addressing.AddressingConstants.Submission;
 import org.apache.axis2.context.MessageContext;
 import org.apache.axis2.context.OperationContext;
 import org.apache.axis2.wsdl.WSDLConstants;
@@ -37,6 +41,8 @@
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
+import javax.xml.namespace.QName;
+
 public class MessageBuilder {
     
     private static Log log = LogFactory.getLog(MessageBuilder.class);
@@ -65,16 +71,34 @@
             }
         }
         
-        String action = msgCtx.getOptions().getAction();
-        System.out.println("MessageBuilder: 52: " + action);
-        if(action !=null && (action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT)
||
-                action.equals(RahasConstants.WST_NS_05_12 + RahasConstants.RSTR_ACTION_CANCEL_SCT)))
{
-            
-            //set payload to a cancel request
-            String ctxIdKey = RampartUtil.getContextIdentifierKey(msgCtx);
-            String tokenId = (String)RampartUtil.getContextMap(msgCtx).get(ctxIdKey);
+        
+        String isCancelreq = (String)msgCtx.getProperty(RampartMessageData.CANCEL_REQUEST);
+        if(isCancelreq != null && Constants.VALUE_TRUE.equals(isCancelreq)) {
             try {
-                if(RampartUtil.isTokenValid(rmd, tokenId)) {
+                
+                String cancelAction = TrustUtil.getWSTNamespace(rmd.getWstVersion()) + RahasConstants.RST_ACTION_CANCEL_SCT;
+                //Set action
+                msgCtx.getOptions().setAction(cancelAction);
+                
+                //Change the wsa:Action header
+                String wsaNs = Final.WSA_NAMESPACE;
+                Object addressingVersionFromCurrentMsgCtxt = msgCtx.getProperty(AddressingConstants.WS_ADDRESSING_VERSION);
+                if (Submission.WSA_NAMESPACE.equals(addressingVersionFromCurrentMsgCtxt))
{
+                    wsaNs = Submission.WSA_NAMESPACE;
+                }
+                OMElement header = msgCtx.getEnvelope().getHeader();
+                if(header != null) {
+                    OMElement actionElem = header.getFirstChildWithName(new QName(wsaNs,
AddressingConstants.WSA_ACTION));
+                    if(actionElem != null) {
+                        actionElem.setText(cancelAction);
+                    }
+                }
+                
+                //set payload to a cancel request
+                String ctxIdKey = RampartUtil.getContextIdentifierKey(msgCtx);
+                String tokenId = (String)RampartUtil.getContextMap(msgCtx).get(ctxIdKey);
+                
+                if(tokenId != null && RampartUtil.isTokenValid(rmd, tokenId)) {
                     OMElement bodyElem = msgCtx.getEnvelope().getBody();
                     OMElement child = bodyElem.getFirstElement();
                     OMElement newChild = TrustUtil.createCancelRequest(tokenId, rmd.getWstVersion());
@@ -86,6 +110,7 @@
                 }
                 
             } catch (Exception e) {
+                e.printStackTrace();
                 throw new RampartException("errorInTokenCancellation");
             }
         }

Modified: webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/RampartMessageData.java
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/RampartMessageData.java?view=diff&rev=453642&r1=453641&r2=453642
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/RampartMessageData.java
(original)
+++ webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/RampartMessageData.java
Fri Oct  6 08:34:45 2006
@@ -38,10 +38,13 @@
 import org.apache.rampart.util.Axis2Util;
 import org.apache.rampart.util.RampartUtil;
 import org.apache.ws.secpolicy.WSSPolicyException;
+import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.conversation.ConversationConstants;
 import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.handler.WSHandlerResult;
 import org.apache.ws.security.message.WSSecHeader;
 import org.apache.ws.security.util.Loader;
 import org.w3c.dom.Document;
@@ -49,6 +52,7 @@
 import javax.xml.namespace.QName;
 
 import java.util.List;
+import java.util.Vector;
 
 public class RampartMessageData {
     
@@ -74,6 +78,10 @@
 
     public static final String KEY_SCT_ISSUER_POLICY = "sct-issuer-policy";
     
+    public final static String CANCEL_REQUEST = "cancelrequest";
+    
+    public final static String SCT_ID = "sctID";
+    
     private MessageContext msgContext = null;
 
     private RampartPolicyData policyData = null;
@@ -229,15 +237,30 @@
             this.isClientSide = !msgCtx.isServerSide();
             this.sender = sender;
             
+            OperationContext opCtx = this.msgContext.getOperationContext();
+            
             if(!this.isClientSide && this.sender) {
                 //Get hold of the incoming msg ctx
-                OperationContext opCtx = this.msgContext.getOperationContext();
                 MessageContext inMsgCtx;
                 if (opCtx != null
                         && (inMsgCtx = opCtx
                                 .getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE))
!= null) {
                     msgContext.setProperty(WSHandlerConstants.RECV_RESULTS, 
                             inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS));
+                    
+                    //If someone set the sct_id externally use it at the receiver
+                    msgContext.setProperty(SCT_ID, inMsgCtx.getProperty(SCT_ID));
+                }
+            }
+            
+            if(this.isClientSide && !this.sender) {
+                MessageContext outMsgCtx;
+                if (opCtx != null
+                        && (outMsgCtx = opCtx
+                                .getMessageContext(WSDLConstants.MESSAGE_LABEL_OUT_VALUE))
!= null) {
+                    
+                    //If someone set the sct_id externally use it at the receiver
+                    msgContext.setProperty(SCT_ID, outMsgCtx.getProperty(SCT_ID));
                 }
             }
             
@@ -394,8 +417,36 @@
      * @return Returns the secConvTokenId.
      */
     public String getSecConvTokenId() {
-        String contextIdentifierKey = RampartUtil.getContextIdentifierKey(this.msgContext);
-        return (String) RampartUtil.getContextMap(this.msgContext).get(contextIdentifierKey);
+        String id = null;
+        
+        if(this.isClientSide) {
+            String contextIdentifierKey = RampartUtil.getContextIdentifierKey(this.msgContext);
+            id = (String) RampartUtil.getContextMap(this.msgContext).get(contextIdentifierKey);
+        } else {
+            //get the sec context id from the req msg ctx
+            Vector results = (Vector)this.msgContext.getProperty(WSHandlerConstants.RECV_RESULTS);
+            for (int i = 0; i < results.size(); i++) {
+                WSHandlerResult rResult = (WSHandlerResult) results.get(i);
+                Vector wsSecEngineResults = rResult.getResults();
+
+                for (int j = 0; j < wsSecEngineResults.size(); j++) {
+                    WSSecurityEngineResult wser = (WSSecurityEngineResult) wsSecEngineResults
+                            .get(j);
+                    if(WSConstants.SCT == wser.getAction()) {
+                        id = wser.getSecurityContextToken().getID();
+                    }
+
+                }
+            }
+        }
+
+        if(id == null || id.length() == 0) {
+            //If we can't find the sec conv token id up to this point then
+            //check if someone has specified which one to use
+            id = (String)this.msgContext.getProperty(SCT_ID);
+        }
+        
+        return id;
     }
 
     /**

Modified: webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java?view=diff&rev=453642&r1=453641&r2=453642
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java
(original)
+++ webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java
Fri Oct  6 08:34:45 2006
@@ -17,6 +17,7 @@
 package org.apache.rampart.builder;
 
 import org.apache.axiom.om.OMElement;
+import org.apache.axis2.context.MessageContext;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.rahas.RahasConstants;
@@ -57,8 +58,10 @@
             this.addTimestamp(rmd);
         }
         
-        //Setup required tokens
-        initializeTokens(rmd);
+        if(rmd.isClientSide()) {
+            //Setup required tokens
+            initializeTokens(rmd);
+        }
         
             
         if(Constants.ENCRYPT_BEFORE_SIGNING.equals(rpd.getProtectionOrder())) {
@@ -99,6 +102,10 @@
                 log.debug("SCT Id : " + tokenId);
             }
             
+            if(tokenId == null || tokenId.length() == 0) {
+                throw new RampartException("noSecurityToken");
+            }
+            
             /*
              * Get hold of the token from the token storage
              */
@@ -294,6 +301,10 @@
             throw new RampartException("signatureTokenMissing");
         }
         
+        if(sigTokId == null || sigTokId.length() == 0) {
+            throw new RampartException("noSecurityToken");
+        }
+        
         sigTok = this.getToken(rmd, sigTokId);
 
         if(Constants.INCLUDE_ALWAYS.equals(sigToken.getInclusion()) ||
@@ -456,7 +467,8 @@
         
         RampartPolicyData rpd = rmd.getPolicyData();
         
-        if(rpd.isSymmetricBinding() && !rmd.getMsgContext().isServerSide()) {
+        MessageContext msgContext = rmd.getMsgContext();
+        if(rpd.isSymmetricBinding() && !msgContext.isServerSide()) {
             log.debug("Procesing symmentric binding: " +
                     "Setting up encryption token and signature token");
             //Setting up encryption token and signature token
@@ -488,7 +500,7 @@
                 String secConvTokenId = rmd.getSecConvTokenId();
                 
                 //The RSTR has to be secured with the cancelled token
-                String action = rmd.getMsgContext().getOptions().getAction();
+                String action = msgContext.getOptions().getAction();
                 boolean cancelReqResp = action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT)
|| 
                                            action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT)
||
                                            action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT)
|| 
@@ -498,6 +510,11 @@
                 if(secConvTokenId != null && cancelReqResp) {
                     try {
                         rmd.getTokenStorage().getToken(secConvTokenId).setState(org.apache.rahas.Token.CANCELLED);
+                        msgContext.setProperty(RampartMessageData.SCT_ID, secConvTokenId);
+                        
+                        //remove from the local map of contexts
+                        String contextIdentifierKey = RampartUtil.getContextIdentifierKey(msgContext);
+                        RampartUtil.getContextMap(msgContext).remove(contextIdentifierKey);
                     } catch (TrustException e) {
                         throw new RampartException("errorExtractingToken");
                     }

Modified: webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/errors.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/errors.properties?view=diff&rev=453642&r1=453641&r2=453642
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/errors.properties
(original)
+++ webservices/axis2/branches/java/1_1/modules/security/src/org/apache/rampart/errors.properties
Fri Oct  6 08:34:45 2006
@@ -40,6 +40,7 @@
 errorInTokenCancellation = Error in cancelling token
 tokenToBeCancelledInvalid = Token to be cancelled is invalid or expired 
 errorCreatingRSTTemplateForSCT=Error in creating RST template for SCT
+noSecurityToken = Missing security token
 
 #Errors in processors
 errorProcessingUT = Error in processing UsernameToken



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org


Mime
View raw message