cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r813953 - in /cxf/trunk/distribution/src/main/release/samples/wsdl_first_https: README.txt build.xml pom.xml src/demo/hw_https/client/ClientNonSpring.java
Date Fri, 11 Sep 2009 17:50:26 GMT
Author: dkulp
Date: Fri Sep 11 17:50:25 2009
New Revision: 813953

URL: http://svn.apache.org/viewvc?rev=813953&view=rev
Log:
[CXF-2430] Patch from   Eamonn Dwyer applied

Added:
    cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/demo/hw_https/client/ClientNonSpring.java
  (with props)
Modified:
    cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/README.txt
    cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/build.xml
    cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/pom.xml

Modified: cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/README.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/README.txt?rev=813953&r1=813952&r2=813953&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/README.txt (original)
+++ cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/README.txt Fri Sep 11
17:50:25 2009
@@ -32,6 +32,8 @@
   mvn -Pserver (starts the server)
   mvn -Psecure.client (runs the client in secure mode, Scenario 2)
   mvn -Pinsecure.client (runs the client in insecure mode, Scenario 1)
+  mvn -Pinsecure.client.non.secure (runs the client in secure mode, Scenario 3)
+  mvn -Psecure.client.non.secure (runs the client in secure mode, Scenario 4)
   mvn clean (removes all generated and compiled classes)
 
 
@@ -51,8 +53,8 @@
 
 
 The demo illustrates how authentication can be achieved through
-configuration using 2 different scenarios. The non-defaulted security
-policy values are be specified via configuration files.
+configuration using 3 different scenarios. The non-defaulted security
+policy values are be specified via configuration files or programmatically.
 
 Scenario 1:
 
@@ -90,10 +92,10 @@
 to both sides. This may be viewed by adding a -Djavax.net.debug=all 
 argument to the JVM.
 
-But please note that it is not adviseable to store sensitive data such
+But please note that it is not advisable to store sensitive data such
 as passwords stored in a clear text configuration file, unless the
 file is sufficiently protected by OS level permissions. The KeyStores
-may be configured programatically so using user interaction may be
+may be configured programmatically so using user interaction may be
 employed to keep passwords from being stored in configuration files.
 The approach taken here is for demonstration reasons only. 
 
@@ -102,6 +104,33 @@
 
   ant server
   ant secure.client
+  
+Scenario 3:
+
+A HTTPS listener is started up.  The client does NOT provide the appropriate 
+credentials programmatically and so the invocation on the server fails.
+
+To run:
+
+  ant server
+  ant insecure.client.non.spring  
+  
+Scenario 4: 
+A HTTPS listener is started up. The client's security data
+is in essence the same as for scenario 2, however this time it 
+is provided programmatically in the client code, ClientNonSpring.java. 
+
+But please note that it is not advisable to store sensitive data such
+as passwords stored directly in java code as the code could possibly be 
+disassembled. Typically the password would be obtained at runtime by 
+prompting for the password. 
+The approach taken here is for demonstration reasons only. 
+
+
+To run:
+
+  ant server
+  ant secure.client.non.spring  
 
 Certificates:
 If the certificates are expired for some reason, a shell script in 

Modified: cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/build.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/build.xml?rev=813953&r1=813952&r2=813953&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/build.xml (original)
+++ cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/build.xml Fri Sep 11
17:50:25 2009
@@ -28,11 +28,25 @@
                 param2="insecure"/>
     </target> 
 
+    <target name="insecure.client.non.spring" description="run demo insecure client, without
setting the TLS configuration programmatically" depends="build">
+        <property name="param" value=""/>
+        <cxfrun classname="demo.hw_https.client.ClientNonSpring"
+                param1="${basedir}/wsdl/hello_world.wsdl" 
+                param2="insecure"/>
+    </target> 	
+
     <target name="secure.client" description="run demo secure client" depends="build">
         <property name="param" value=""/>
         <cxfrun classname="demo.hw_https.client.Client"
                 param1="${basedir}/wsdl/hello_world.wsdl" 
                 param2="secure"/>
+    </target>
+	
+	<target name="secure.client.non.spring" description="run demo secure client, setting
the TLS configuration programmatically" depends="build">
+        <property name="param" value=""/>
+        <cxfrun classname="demo.hw_https.client.ClientNonSpring"
+                param1="${basedir}/wsdl/hello_world.wsdl" 
+                param2="secure"/>
     </target> 
         
     <target name="server" description="run demo server" depends="build">

Modified: cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/pom.xml?rev=813953&r1=813952&r2=813953&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/pom.xml (original)
+++ cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/pom.xml Fri Sep 11 17:50:25
2009
@@ -137,6 +137,33 @@
            </build>
         </profile>
         <profile>
+            <id>insecure.client.non.spring</id>
+            <build>
+                <defaultGoal>test</defaultGoal>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <phase>test</phase>
+                                <goals>
+                                    <goal>java</goal>
+                                </goals>
+                                <configuration>
+                                    <mainClass>demo.hw_https.client.ClientNonSpring</mainClass>
+                                    <arguments>
+                                        <argument>${basedir}/wsdl/hello_world.wsdl</argument>
+                                        <argument>insecure</argument>
+                                   </arguments>
+                               </configuration>
+                           </execution>
+                       </executions>
+                   </plugin>
+               </plugins>
+           </build>
+        </profile>
+        <profile>
             <id>secure.client</id>
             <build>
                 <defaultGoal>test</defaultGoal>
@@ -163,6 +190,33 @@
                </plugins>
            </build>
         </profile>
+        <profile>
+            <id>secure.client.non.spring</id>
+            <build>
+                <defaultGoal>test</defaultGoal>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <phase>test</phase>
+                                <goals>
+                                    <goal>java</goal>
+                                </goals>
+                                <configuration>
+                                    <mainClass>demo.hw_https.client.ClientNonSpring</mainClass>
+                                    <arguments>
+                                        <argument>${basedir}/wsdl/hello_world.wsdl</argument>
+                                        <argument>secure</argument>
+                                   </arguments>
+                               </configuration>
+                           </execution>
+                       </executions>
+                   </plugin>
+               </plugins>
+           </build>
+        </profile>
     </profiles>
     <repositories>
         <repository>

Added: cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/demo/hw_https/client/ClientNonSpring.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/demo/hw_https/client/ClientNonSpring.java?rev=813953&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/demo/hw_https/client/ClientNonSpring.java
(added)
+++ cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/demo/hw_https/client/ClientNonSpring.java
Fri Sep 11 17:50:25 2009
@@ -0,0 +1,153 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package demo.hw_https.client;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.xml.namespace.QName;
+
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+
+public final class ClientNonSpring {
+
+    private static final QName SERVICE_NAME
+        = new QName("http://apache.org/hello_world_soap_http", "SOAPService");
+
+    private static final QName PORT_NAME =
+        new QName("http://apache.org/hello_world_soap_http", "SoapPort");
+
+
+    private ClientNonSpring() {
+    }
+
+    public static void main(String args[]) throws Exception {
+
+        if (args.length == 0) {
+            System.out.println("please specify wsdl");
+            System.exit(1);
+        }
+
+        URL wsdlURL;
+        File wsdlFile = new File(args[0]);
+        if (wsdlFile.exists()) {
+            wsdlURL = wsdlFile.toURL();
+        } else {
+            wsdlURL = new URL(args[0]);
+        }
+
+        System.out.println(wsdlURL);
+        SOAPService ss = new SOAPService(wsdlURL, SERVICE_NAME);
+        Greeter port = ss.getPort(PORT_NAME, Greeter.class);        
+        if ("secure".equals(args[1])) {
+            setupTLS(port);
+        } else if ("insecure".equals(args[1])) {
+            //do nothing
+        } else {
+            System.out.println("arg1 needs to be either secure or insecure");
+            System.exit(1);
+        }
+        
+        
+
+
+
+        System.out.println("Invoking greetMe...");
+        try {
+            String resp = port.greetMe(System.getProperty("user.name"));
+            System.out.println("Server responded with: " + resp);
+            System.out.println();
+
+        } catch (Exception e) {
+            System.out.println("Invocation failed with the following: " + e.getCause());
+            System.out.println();
+        }
+
+        System.exit(0);
+    }
+    
+    private static void setupTLS(Greeter port) 
+        throws FileNotFoundException, IOException, GeneralSecurityException {
+        String contextPath = "";
+        try {
+            contextPath = new ClientNonSpring().getClass().getResource("/certs").toURI().getPath();
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();
+ 
+        TLSClientParameters tlsCP = new TLSClientParameters();
+        String keyPassword = "password";
+        KeyStore keyStore = KeyStore.getInstance("JKS");
+        String keyStoreLoc = contextPath + "/wibble.jks";
+        keyStore.load(new FileInputStream(keyStoreLoc), keyPassword.toCharArray());
+        KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
+        tlsCP.setKeyManagers(myKeyManagers);
+ 
+        
+        KeyStore trustStore = KeyStore.getInstance("JKS");
+        String trustStoreLoc = contextPath + "/truststore.jks";
+        trustStore.load(new FileInputStream(trustStoreLoc), keyPassword.toCharArray());
+        TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
+        tlsCP.setTrustManagers(myTrustStoreKeyManagers);
+        
+        //The following is not recommended and would not be done in a prodcution environment,
+        //this is just for illustrative purpose
+        tlsCP.setDisableCNCheck(true);
+ 
+        httpConduit.setTlsClientParameters(tlsCP);
+
+    }
+
+    private static TrustManager[] getTrustManagers(KeyStore trustStore) 
+        throws NoSuchAlgorithmException, KeyStoreException {
+        String alg = KeyManagerFactory.getDefaultAlgorithm();
+        TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
+        fac.init(trustStore);
+        return fac.getTrustManagers();
+    }
+    
+    private static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword) 
+        throws GeneralSecurityException, IOException {
+        String alg = KeyManagerFactory.getDefaultAlgorithm();
+        char[] keyPass = keyPassword != null
+                     ? keyPassword.toCharArray()
+                     : null;
+        KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
+        fac.init(keyStore, keyPass);
+        return fac.getKeyManagers();
+    }
+
+}

Propchange: cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/demo/hw_https/client/ClientNonSpring.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/demo/hw_https/client/ClientNonSpring.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date



Mime
View raw message