juddi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alexo...@apache.org
Subject svn commit: r1512444 - in /juddi/trunk: juddi-tomcat/ juddiv3-war/JAX-WS/Axis2/WEB-INF/ juddiv3-war/JAX-WS/CXF/WEB-INF/ juddiv3-war/JAX-WS/JBossWS-CXF/WEB-INF/ juddiv3-war/JAX-WS/JBossWS-Native/WEB-INF/ juddiv3-war/src/main/java/org/apache/juddi/webcon...
Date Fri, 09 Aug 2013 18:54:04 GMT
Author: alexoree
Date: Fri Aug  9 18:54:03 2013
New Revision: 1512444

URL: http://svn.apache.org/r1512444
Log:
JUDDI-607 added access control for /admin, web.xml settings. most juddi api functions. fixed several issues with the login/out

Added:
    juddi/trunk/juddi-tomcat/catalina.bat
    juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiAdminHub.java
      - copied, changed from r1492918, juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java
    juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/config.properties
      - copied, changed from r1492918, juddi/trunk/juddi-gui/src/main/webapp/META-INF/config.properties
    juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/go.jsp
    juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/loginpost.jsp
      - copied, changed from r1492918, juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp
    juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/saveconfig.jsp
Removed:
    juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java
Modified:
    juddi/trunk/juddiv3-war/JAX-WS/Axis2/WEB-INF/web.xml
    juddi/trunk/juddiv3-war/JAX-WS/CXF/WEB-INF/web.xml
    juddi/trunk/juddiv3-war/JAX-WS/JBossWS-CXF/WEB-INF/web.xml
    juddi/trunk/juddiv3-war/JAX-WS/JBossWS-Native/WEB-INF/web.xml
    juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/StartupServlet.java
    juddi/trunk/juddiv3-war/src/main/webapp/admin/admin.jsp
    juddi/trunk/juddiv3-war/src/main/webapp/admin/configure.jsp
    juddi/trunk/juddiv3-war/src/main/webapp/admin/csrf.jsp
    juddi/trunk/juddiv3-war/src/main/webapp/admin/header-top.jsp
    juddi/trunk/juddiv3-war/src/main/webapp/admin/logout.jsp

Added: juddi/trunk/juddi-tomcat/catalina.bat
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-tomcat/catalina.bat?rev=1512444&view=auto
==============================================================================
--- juddi/trunk/juddi-tomcat/catalina.bat (added)
+++ juddi/trunk/juddi-tomcat/catalina.bat Fri Aug  9 18:54:03 2013
@@ -0,0 +1,281 @@
+@echo off
+rem Licensed to the Apache Software Foundation (ASF) under one or more
+rem contributor license agreements.  See the NOTICE file distributed with
+rem this work for additional information regarding copyright ownership.
+rem The ASF licenses this file to You under the Apache License, Version 2.0
+rem (the "License"); you may not use this file except in compliance with
+rem the License.  You may obtain a copy of the License at
+rem
+rem     http://www.apache.org/licenses/LICENSE-2.0
+rem
+rem Unless required by applicable law or agreed to in writing, software
+rem distributed under the License is distributed on an "AS IS" BASIS,
+rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+rem See the License for the specific language governing permissions and
+rem limitations under the License.
+
+if "%OS%" == "Windows_NT" setlocal
+rem ---------------------------------------------------------------------------
+rem Start/Stop Script for the CATALINA Server
+rem
+rem Environment Variable Prequisites
+rem
+rem   CATALINA_HOME   May point at your Catalina "build" directory.
+rem
+rem   CATALINA_BASE   (Optional) Base directory for resolving dynamic portions
+rem                   of a Catalina installation.  If not present, resolves to
+rem                   the same directory that CATALINA_HOME points to.
+rem
+rem   CATALINA_OPTS   (Optional) Java runtime options used when the "start",
+rem                   or "run" command is executed.
+rem
+rem   CATALINA_TMPDIR (Optional) Directory path location of temporary directory
+rem                   the JVM should use (java.io.tmpdir).  Defaults to
+rem                   %CATALINA_BASE%\temp.
+rem
+rem   JAVA_HOME       Must point at your Java Development Kit installation.
+rem                   Required to run the with the "debug" argument.
+rem
+rem   JRE_HOME        Must point at your Java Runtime installation.
+rem                   Defaults to JAVA_HOME if empty.
+rem
+rem   JAVA_OPTS       (Optional) Java runtime options used when the "start",
+rem                   "stop", or "run" command is executed.
+rem
+rem   JPDA_TRANSPORT  (Optional) JPDA transport used when the "jpda start"
+rem                   command is executed. The default is "dt_socket".
+rem
+rem   JPDA_ADDRESS    (Optional) Java runtime options used when the "jpda start"
+rem                   command is executed. The default is 8000.
+rem
+rem   JPDA_SUSPEND    (Optional) Java runtime options used when the "jpda start"
+rem                   command is executed. Specifies whether JVM should suspend
+rem                   execution immediately after startup. Default is "n".
+rem
+rem   JPDA_OPTS       (Optional) Java runtime options used when the "jpda start"
+rem                   command is executed. If used, JPDA_TRANSPORT, JPDA_ADDRESS,
+rem                   and JPDA_SUSPEND are ignored. Thus, all required jpda
+rem                   options MUST be specified. The default is:
+rem
+rem                   -agentlib:jdwp=transport=%JPDA_TRANSPORT%,
+rem                       address=%JPDA_ADDRESS%,server=y,suspend=%JPDA_SUSPEND%
+rem
+rem   LOGGING_CONFIG  (Optional) Override Tomcat's logging config file
+rem                   Example (all one line)
+rem                   set LOGGING_CONFIG="-Djava.util.logging.config.file=%CATALINA_BASE%\conf\logging.properties"
+rem
+rem   LOGGING_MANAGER (Optional) Override Tomcat's logging manager 
+rem                   Example (all one line)
+rem                   set LOGGING_CONFIG="-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
+rem
+rem   TITLE           (Optional) Specify the title of Tomcat window. The default
+rem                   TITLE is Tomcat if it's not specified.
+rem                   Example (all one line)
+rem                   set TITLE=Tomcat.Cluster#1.Server#1 [%DATE% %TIME%]
+rem
+rem
+rem
+rem $Id: catalina.bat 915073 2010-02-22 21:22:13Z markt $
+rem ---------------------------------------------------------------------------
+
+rem Guess CATALINA_HOME if not defined
+
+set JAVA_OPTS=%JAVA_OPTS% -Xms256m -Xmx256m -XX:PermSize=256M -XX:MaxPermSize=256M
+set "CURRENT_DIR=%cd%"
+if not "%CATALINA_HOME%" == "" goto gotHome
+set "CATALINA_HOME=%CURRENT_DIR%"
+if exist "%CATALINA_HOME%\bin\catalina.bat" goto okHome
+cd ..
+set "CATALINA_HOME=%cd%"
+cd "%CURRENT_DIR%"
+:gotHome
+if exist "%CATALINA_HOME%\bin\catalina.bat" goto okHome
+echo The CATALINA_HOME environment variable is not defined correctly
+echo This environment variable is needed to run this program
+goto end
+:okHome
+
+rem Ensure that any user defined CLASSPATH variables are not used on startup,
+rem but allow them to be specified in setenv.bat, in rare case when it is needed.
+set CLASSPATH=
+
+rem Get standard environment variables
+if "%CATALINA_BASE%" == "" goto gotSetenvHome
+if exist "%CATALINA_BASE%\bin\setenv.bat" call "%CATALINA_BASE%\bin\setenv.bat"
+goto gotSetenvBase
+:gotSetenvHome
+if exist "%CATALINA_HOME%\bin\setenv.bat" call "%CATALINA_HOME%\bin\setenv.bat"
+:gotSetenvBase
+
+rem Get standard Java environment variables
+if exist "%CATALINA_HOME%\bin\setclasspath.bat" goto okSetclasspath
+echo Cannot find "%CATALINA_HOME%\bin\setclasspath.bat"
+echo This file is needed to run this program
+goto end
+:okSetclasspath
+set "BASEDIR=%CATALINA_HOME%"
+call "%CATALINA_HOME%\bin\setclasspath.bat" %1
+if errorlevel 1 goto end
+
+if not "%CATALINA_BASE%" == "" goto gotBase
+set "CATALINA_BASE=%CATALINA_HOME%"
+:gotBase
+
+if not "%CATALINA_TMPDIR%" == "" goto gotTmpdir
+set "CATALINA_TMPDIR=%CATALINA_BASE%\temp"
+:gotTmpdir
+
+rem Add tomcat-juli.jar and bootstrap.jar to classpath
+rem tomcat-juli.jar can be over-ridden per instance
+rem Note that there are no quotes as we do not want to introduce random
+rem quotes into the CLASSPATH
+if "%CLASSPATH%" == "" goto emptyClasspath
+set "CLASSPATH=%CLASSPATH%;"
+:emptyClasspath
+if "%CATALINA_BASE%" == "%CATALINA_HOME%" goto juliClasspathHome
+if not exist "%CATALINA_BASE%\bin\tomcat-juli.jar" goto juliClasspathHome
+set "CLASSPATH=%CLASSPATH%%CATALINA_BASE%\bin\tomcat-juli.jar;%CATALINA_HOME%\bin\bootstrap.jar"
+goto juliClasspathDone
+:juliClasspathHome
+set "CLASSPATH=%CLASSPATH%%CATALINA_HOME%\bin\bootstrap.jar"
+:juliClasspathDone
+
+if not "%LOGGING_CONFIG%" == "" goto noJuliConfig
+set LOGGING_CONFIG=-Dnop
+if not exist "%CATALINA_BASE%\conf\logging.properties" goto noJuliConfig
+set LOGGING_CONFIG=-Djava.util.logging.config.file="%CATALINA_BASE%\conf\logging.properties"
+:noJuliConfig
+set JAVA_OPTS=%JAVA_OPTS% %LOGGING_CONFIG%
+
+if not "%LOGGING_MANAGER%" == "" goto noJuliManager
+set LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
+:noJuliManager
+set JAVA_OPTS=%JAVA_OPTS% %LOGGING_MANAGER%
+
+rem ----- Execute The Requested Command ---------------------------------------
+
+echo Using CATALINA_BASE:   "%CATALINA_BASE%"
+echo Using CATALINA_HOME:   "%CATALINA_HOME%"
+echo Using CATALINA_TMPDIR: "%CATALINA_TMPDIR%"
+if ""%1"" == ""debug"" goto use_jdk
+echo Using JRE_HOME:        "%JRE_HOME%"
+goto java_dir_displayed
+:use_jdk
+echo Using JAVA_HOME:       "%JAVA_HOME%"
+:java_dir_displayed
+echo Using CLASSPATH:       "%CLASSPATH%"
+
+set _EXECJAVA=%_RUNJAVA%
+set MAINCLASS=org.apache.catalina.startup.Bootstrap
+set ACTION=start
+set SECURITY_POLICY_FILE=
+set DEBUG_OPTS=
+set JPDA=
+
+if not ""%1"" == ""jpda"" goto noJpda
+set JPDA=jpda
+if not "%JPDA_TRANSPORT%" == "" goto gotJpdaTransport
+set JPDA_TRANSPORT=dt_socket
+:gotJpdaTransport
+if not "%JPDA_ADDRESS%" == "" goto gotJpdaAddress
+set JPDA_ADDRESS=8000
+:gotJpdaAddress
+if not "%JPDA_SUSPEND%" == "" goto gotJpdaSuspend
+set JPDA_SUSPEND=n
+:gotJpdaSuspend
+if not "%JPDA_OPTS%" == "" goto gotJpdaOpts
+set JPDA_OPTS=-agentlib:jdwp=transport=%JPDA_TRANSPORT%,address=%JPDA_ADDRESS%,server=y,suspend=%JPDA_SUSPEND%
+:gotJpdaOpts
+shift
+:noJpda
+
+if ""%1"" == ""debug"" goto doDebug
+if ""%1"" == ""run"" goto doRun
+if ""%1"" == ""start"" goto doStart
+if ""%1"" == ""stop"" goto doStop
+if ""%1"" == ""version"" goto doVersion
+
+echo Usage:  catalina ( commands ... )
+echo commands:
+echo   debug             Start Catalina in a debugger
+echo   debug -security   Debug Catalina with a security manager
+echo   jpda start        Start Catalina under JPDA debugger
+echo   run               Start Catalina in the current window
+echo   run -security     Start in the current window with security manager
+echo   start             Start Catalina in a separate window
+echo   start -security   Start in a separate window with security manager
+echo   stop              Stop Catalina
+echo   version           What version of tomcat are you running?
+goto end
+
+:doDebug
+shift
+set _EXECJAVA=%_RUNJDB%
+set DEBUG_OPTS=-sourcepath "%CATALINA_HOME%\..\..\java"
+if not ""%1"" == ""-security"" goto execCmd
+shift
+echo Using Security Manager
+set "SECURITY_POLICY_FILE=%CATALINA_BASE%\conf\catalina.policy"
+goto execCmd
+
+:doRun
+shift
+if not ""%1"" == ""-security"" goto execCmd
+shift
+echo Using Security Manager
+set "SECURITY_POLICY_FILE=%CATALINA_BASE%\conf\catalina.policy"
+goto execCmd
+
+:doStart
+shift
+if not "%OS%" == "Windows_NT" goto noTitle
+if "%TITLE%" == "" set TITLE=Tomcat
+set _EXECJAVA=start "%TITLE%" %_RUNJAVA%
+goto gotTitle
+:noTitle
+set _EXECJAVA=start %_RUNJAVA%
+:gotTitle
+if not ""%1"" == ""-security"" goto execCmd
+shift
+echo Using Security Manager
+set "SECURITY_POLICY_FILE=%CATALINA_BASE%\conf\catalina.policy"
+goto execCmd
+
+:doStop
+shift
+set ACTION=stop
+set CATALINA_OPTS=
+goto execCmd
+
+:doVersion
+%_EXECJAVA% -classpath "%CATALINA_HOME%\lib\catalina.jar" org.apache.catalina.util.ServerInfo
+goto end
+
+
+:execCmd
+rem Get remaining unshifted command line arguments and save them in the
+set CMD_LINE_ARGS=
+:setArgs
+if ""%1""=="""" goto doneSetArgs
+set CMD_LINE_ARGS=%CMD_LINE_ARGS% %1
+shift
+goto setArgs
+:doneSetArgs
+
+rem Execute Java with the applicable properties
+if not "%JPDA%" == "" goto doJpda
+if not "%SECURITY_POLICY_FILE%" == "" goto doSecurity
+%_EXECJAVA% %JAVA_OPTS% %CATALINA_OPTS% %DEBUG_OPTS% -Djava.endorsed.dirs="%JAVA_ENDORSED_DIRS%" -classpath "%CLASSPATH%" -Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" -Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
+goto end
+:doSecurity
+%_EXECJAVA% %JAVA_OPTS% %CATALINA_OPTS% %DEBUG_OPTS% -Djava.endorsed.dirs="%JAVA_ENDORSED_DIRS%" -classpath "%CLASSPATH%" -Djava.security.manager -Djava.security.policy=="%SECURITY_POLICY_FILE%" -Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" -Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
+goto end
+:doJpda
+if not "%SECURITY_POLICY_FILE%" == "" goto doSecurityJpda
+%_EXECJAVA% %JAVA_OPTS% %CATALINA_OPTS% %JPDA_OPTS% %DEBUG_OPTS% -Djava.endorsed.dirs="%JAVA_ENDORSED_DIRS%" -classpath "%CLASSPATH%" -Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" -Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
+goto end
+:doSecurityJpda
+%_EXECJAVA% %JAVA_OPTS% %CATALINA_OPTS% %JPDA_OPTS% %DEBUG_OPTS% -Djava.endorsed.dirs="%JAVA_ENDORSED_DIRS%" -classpath "%CLASSPATH%" -Djava.security.manager -Djava.security.policy=="%SECURITY_POLICY_FILE%" -Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" -Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
+goto end
+
+:end

Modified: juddi/trunk/juddiv3-war/JAX-WS/Axis2/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/JAX-WS/Axis2/WEB-INF/web.xml?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/JAX-WS/Axis2/WEB-INF/web.xml (original)
+++ juddi/trunk/juddiv3-war/JAX-WS/Axis2/WEB-INF/web.xml Fri Aug  9 18:54:03 2013
@@ -29,6 +29,11 @@
     <param-value>/WEB-INF/classes/log4j.properties</param-value>
   </context-param>
 
+  <listener>
+		 <!-- this class setups the encryption key for the session-->
+    <listener-class>org.apache.juddi.webconsole.StartupServlet</listener-class>
+    
+  </listener>
  <servlet>
         <servlet-name>AxisServlet</servlet-name>
         <display-name>Apache-Axis Servlet</display-name>
@@ -96,5 +101,28 @@
       <res-sharing-scope>Shareable</res-sharing-scope>
   </resource-ref>
 
-
+<security-constraint>
+      <display-name>jUDDI Admin content</display-name>
+      <web-resource-collection>
+          <web-resource-name>admin</web-resource-name>
+          <url-pattern>/admin/*</url-pattern>
+          
+          
+      </web-resource-collection>
+      <auth-constraint>
+          <role-name>uddiadmin</role-name>
+      </auth-constraint>
+      <!-- uncomment to require SSL <user-data-constraint>
+        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+      </user-data-constraint>
+      -->
+  </security-constraint>
+    <login-config> 
+	<auth-method>BASIC</auth-method> 
+	<!-- you should consider NOT using BASIC is favor of something more secure, see your web app servers documentation for details -->
+	<realm-name>Apache jUDDI - Make sure you're using HTTPS!</realm-name> 
+  </login-config> 
+  <security-role>
+      <role-name>uddiadmin</role-name>
+  </security-role>
 </web-app>

Modified: juddi/trunk/juddiv3-war/JAX-WS/CXF/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/JAX-WS/CXF/WEB-INF/web.xml?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/JAX-WS/CXF/WEB-INF/web.xml (original)
+++ juddi/trunk/juddiv3-war/JAX-WS/CXF/WEB-INF/web.xml Fri Aug  9 18:54:03 2013
@@ -37,6 +37,9 @@
     <listener-class>
       org.springframework.web.context.ContextLoaderListener
 		</listener-class>
+		 <!-- this class setups the encryption key for the session-->
+    <listener-class>org.apache.juddi.webconsole.StartupServlet</listener-class>
+    
   </listener>
 
   <servlet>
@@ -83,6 +86,30 @@
       <res-auth>Container</res-auth>
       <res-sharing-scope>Shareable</res-sharing-scope>
   </resource-ref>
-
+  <security-constraint>
+      <display-name>jUDDI Admin content</display-name>
+      <web-resource-collection>
+          <web-resource-name>admin</web-resource-name>
+          <url-pattern>/admin/*</url-pattern>
+          
+          
+      </web-resource-collection>
+      <auth-constraint>
+          <role-name>uddiadmin</role-name>
+      </auth-constraint>
+      <!-- uncomment to require SSL <user-data-constraint>
+        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+      </user-data-constraint>
+      -->
+  </security-constraint>
+    <login-config> 
+	<auth-method>BASIC</auth-method> 
+	<!-- you should consider NOT using BASIC is favor of something more secure, see your web app servers documentation for details -->
+	<realm-name>Apache jUDDI - Make sure you're using HTTPS!</realm-name> 
+  </login-config> 
+  <security-role>
+      <role-name>uddiadmin</role-name>
+  </security-role>
+  
 
 </web-app>

Modified: juddi/trunk/juddiv3-war/JAX-WS/JBossWS-CXF/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/JAX-WS/JBossWS-CXF/WEB-INF/web.xml?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/JAX-WS/JBossWS-CXF/WEB-INF/web.xml (original)
+++ juddi/trunk/juddiv3-war/JAX-WS/JBossWS-CXF/WEB-INF/web.xml Fri Aug  9 18:54:03 2013
@@ -24,6 +24,11 @@
     <param-name>log4jConfigLocation</param-name>
     <param-value>/WEB-INF/classes/log4j.properties</param-value>
   </context-param>
+  <listener>
+		 <!-- this class setups the encryption key for the session-->
+    <listener-class>org.apache.juddi.webconsole.StartupServlet</listener-class>
+    
+  </listener>
   <servlet>
     <servlet-name>RegistryServlet</servlet-name>
     <display-name>Registry Servlet</display-name>
@@ -114,5 +119,30 @@
     <servlet-name>JUDDIApiWS</servlet-name>
     <url-pattern>/services/juddi-api/*</url-pattern>
   </servlet-mapping>
+  
+  <security-constraint>
+      <display-name>jUDDI Admin content</display-name>
+      <web-resource-collection>
+          <web-resource-name>admin</web-resource-name>
+          <url-pattern>/admin/*</url-pattern>
+          
+          
+      </web-resource-collection>
+      <auth-constraint>
+          <role-name>uddiadmin</role-name>
+      </auth-constraint>
+      <!-- uncomment to require SSL <user-data-constraint>
+        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+      </user-data-constraint>
+      -->
+  </security-constraint>
+    <login-config> 
+	<auth-method>BASIC</auth-method> 
+	<!-- you should consider NOT using BASIC is favor of something more secure, see your web app servers documentation for details -->
+	<realm-name>Apache jUDDI - Make sure you're using HTTPS!</realm-name> 
+  </login-config> 
+  <security-role>
+      <role-name>uddiadmin</role-name>
+  </security-role>
 </web-app>
   

Modified: juddi/trunk/juddiv3-war/JAX-WS/JBossWS-Native/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/JAX-WS/JBossWS-Native/WEB-INF/web.xml?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/JAX-WS/JBossWS-Native/WEB-INF/web.xml (original)
+++ juddi/trunk/juddiv3-war/JAX-WS/JBossWS-Native/WEB-INF/web.xml Fri Aug  9 18:54:03 2013
@@ -21,6 +21,11 @@
 	<description>
 		jUDDI is Java-based implementation of an UDDI version 3.0 registry.
     </description>
+	<listener>
+		 <!-- this class setups the encryption key for the session-->
+    <listener-class>org.apache.juddi.webconsole.StartupServlet</listener-class>
+    
+  </listener>
 	<servlet>
 		<servlet-name>RegistryServlet</servlet-name>
 		<display-name>Registry Servlet</display-name>
@@ -125,6 +130,29 @@
 		<welcome-file>index.jsp</welcome-file>
 		<welcome-file>index.html</welcome-file>
 	</welcome-file-list>
-
+        <security-constraint>
+              <display-name>jUDDI Admin content</display-name>
+              <web-resource-collection>
+                  <web-resource-name>admin</web-resource-name>
+                  <url-pattern>/admin/*</url-pattern>
+
+
+              </web-resource-collection>
+              <auth-constraint>
+                  <role-name>uddiadmin</role-name>
+              </auth-constraint>
+              <!-- uncomment to require SSL <user-data-constraint>
+                <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+              </user-data-constraint>
+              -->
+          </security-constraint>
+            <login-config> 
+                    <auth-method>BASIC</auth-method> 
+                    <!-- you should consider NOT using BASIC is favor of something more secure, see your web app servers documentation for details -->
+                    <realm-name>Apache jUDDI - Make sure you're using HTTPS!</realm-name> 
+              </login-config> 
+          <security-role>
+              <role-name>uddiadmin</role-name>
+          </security-role>
 </web-app>
     

Modified: juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/StartupServlet.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/StartupServlet.java?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/StartupServlet.java (original)
+++ juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/StartupServlet.java Fri Aug  9 18:54:03 2013
@@ -25,7 +25,7 @@ public class StartupServlet implements j
         try {
             //URL resource = sce.getServletContext().getResource("/META-INF/config.properties");
             Properties p = new Properties();
-            InputStream is = sce.getServletContext().getResourceAsStream("/META-INF/config.properties");
+            InputStream is = sce.getServletContext().getResourceAsStream("/WEB-INF/config.properties");
             p.load(is);
             p.remove("key");
             String key = AES.GEN(256);
@@ -33,7 +33,7 @@ public class StartupServlet implements j
                 key = AES.GEN(128);
             }
             p.put("key", key);
-            fos = new FileOutputStream(sce.getServletContext().getRealPath("/META-INF/config.properties"));
+            fos = new FileOutputStream(sce.getServletContext().getRealPath("/WEB-INF/config.properties"));
 
             p.store(fos, "No comments");
             fos.flush();

Copied: juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiAdminHub.java (from r1492918, juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java)
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiAdminHub.java?p2=juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiAdminHub.java&p1=juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java&r1=1492918&r2=1512444&rev=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java (original)
+++ juddi/trunk/juddiv3-war/src/main/java/org/apache/juddi/webconsole/hub/UddiAdminHub.java Fri Aug  9 18:54:03 2013
@@ -17,31 +17,52 @@ package org.apache.juddi.webconsole.hub;
  *
  */
 import java.io.InputStream;
-import java.net.URISyntaxException;
+import java.io.StringReader;
+import java.io.StringWriter;
 import java.net.URL;
 import java.rmi.RemoteException;
 import java.util.Map;
 import java.util.Properties;
 import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
+import javax.xml.bind.JAXB;
 import javax.xml.datatype.DatatypeConfigurationException;
 import javax.xml.datatype.DatatypeFactory;
+import javax.xml.transform.OutputKeys;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.stream.StreamResult;
+import javax.xml.transform.stream.StreamSource;
 import javax.xml.ws.BindingProvider;
 import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.juddi.api_v3.ClientSubscriptionInfoDetail;
+import org.apache.juddi.api_v3.DeleteClientSubscriptionInfo;
+import org.apache.juddi.api_v3.DeletePublisher;
+import org.apache.juddi.api_v3.GetAllPublisherDetail;
+import org.apache.juddi.api_v3.GetPublisherDetail;
+import org.apache.juddi.api_v3.Publisher;
+import org.apache.juddi.api_v3.PublisherDetail;
+import org.apache.juddi.api_v3.SaveClientSubscriptionInfo;
+import org.apache.juddi.api_v3.SavePublisher;
+import org.apache.juddi.api_v3.SyncSubscription;
+import org.apache.juddi.api_v3.SyncSubscriptionDetail;
 import org.apache.juddi.v3.client.ClassUtil;
 import org.apache.juddi.v3.client.config.UDDIClientContainer;
 import org.apache.juddi.v3.client.transport.Transport;
 import org.apache.juddi.v3_service.JUDDIApiPortType;
+import org.apache.juddi.webconsole.AES;
 import org.apache.juddi.webconsole.resources.ResourceLoader;
-import org.uddi.api_v3.*;
+import org.uddi.api_v3.AuthToken;
+import org.uddi.api_v3.DeleteTModel;
+import org.uddi.api_v3.DiscardAuthToken;
+import org.uddi.api_v3.DispositionReport;
+import org.uddi.api_v3.GetAuthToken;
+
 import org.uddi.v3_service.DispositionReportFaultMessage;
-import org.uddi.v3_service.UDDICustodyTransferPortType;
-import org.uddi.v3_service.UDDIInquiryPortType;
-import org.uddi.v3_service.UDDIPublicationPortType;
 import org.uddi.v3_service.UDDISecurityPortType;
-import org.uddi.v3_service.UDDISubscriptionPortType;
 
 /**
  * UddiHub - The hub acts as a single point for managing browser to uddi
@@ -51,13 +72,15 @@ import org.uddi.v3_service.UDDISubscript
  *
  * @author Alex O'Ree
  */
-public class UddiHub {
+public class UddiAdminHub {
 
     /**
      * The logger name
      */
     public static final String LOGGER_NAME = "org.apache.juddi";
-    
+    AuthStyle style = null;
+    URL propertiesurl = null;
+    Properties properties = null;
     /**
      * The Log4j logger. This is also referenced from the Builders class, thus
      * it is public
@@ -65,7 +88,7 @@ public class UddiHub {
     public static final Log log = LogFactory.getLog(LOGGER_NAME);
     private DatatypeFactory df;
 
-    private UddiHub() throws DatatypeConfigurationException {
+    private UddiAdminHub() throws DatatypeConfigurationException {
         df = DatatypeFactory.newInstance();
     }
 
@@ -91,14 +114,9 @@ public class UddiHub {
         } catch (Exception ex) {
             HandleException(ex);
         }
-
         token = null;
-        inquiry = null;
-        publish = null;
-        custody = null;
         security = null;
         juddi = null;
-        subscription = null;
     }
 
     /**
@@ -110,23 +128,32 @@ public class UddiHub {
      * @return
      * @throws Exception
      */
-    public static UddiHub getInstance(ServletContext application, HttpSession _session) throws Exception {
+    public static UddiAdminHub getInstance(ServletContext application, HttpSession _session) throws Exception {
         Object j = _session.getAttribute("hub");
         if (j == null) {
-            UddiHub hub = new UddiHub(application, _session);
+            UddiAdminHub hub = new UddiAdminHub(application, _session);
             _session.setAttribute("hub", hub);
             return hub;
         }
 
-        return (UddiHub) j;
+        return (UddiAdminHub) j;
     }
     String locale = "en";
 
-    
-    private UddiHub(ServletContext application, HttpSession _session) throws Exception {
-        
+    private UddiAdminHub(ServletContext application, HttpSession _session) throws Exception {
+        URL prop = application.getResource("/WEB-INF/config.properties");
+        if (prop == null) {
+            throw new Exception("Cannot locate the configuration file.");
+        }
+        session = _session;
+        propertiesurl = prop;
+        InputStream in = prop.openStream();
+        Properties p = new Properties();
+        p.load(in);
+        in.close();
         session = _session;
-        
+        properties = p;
+        style = (AuthStyle) AuthStyle.valueOf((String) p.get("authtype"));
         try {
 
             String clazz = UDDIClientContainer.getUDDIClient(null).
@@ -137,24 +164,16 @@ public class UddiHub {
                         getConstructor(String.class).newInstance("default");
 
                 security = transport.getUDDISecurityService();
-                inquiry = transport.getUDDIInquiryService();
-                subscription = transport.getUDDISubscriptionService();
-                publish = transport.getUDDIPublishService();
-                custody = transport.getUDDICustodyTransferService();
                 juddi = transport.getJUDDIApiService();
 
-              
+
             }
         } catch (Exception ex) {
             HandleException(ex);
         }
     }
     private HttpSession session;
-    private UDDISubscriptionPortType subscription = null;
     private UDDISecurityPortType security = null;
-    private UDDIInquiryPortType inquiry = null;
-    private UDDIPublicationPortType publish = null;
-    private UDDICustodyTransferPortType custody = null;
     private JUDDIApiPortType juddi = null;
     private String token = null;
 
@@ -183,4 +202,408 @@ public class UddiHub {
         //+ "</h3></div>";
 
     }
+
+    /**
+     * Handles all API calls to the juddi web service
+     *
+     * @param parameters
+     * @return
+     */
+    public String go(HttpServletRequest parameters) {
+        try {
+            String action = parameters.getParameter("soapaction");
+            if (action.equalsIgnoreCase("adminDelete_tmodel")) {
+                return adminDelete_tmodel(parameters);
+            }
+            if (action.equalsIgnoreCase("delete_ClientSubscriptionInfo")) {
+                return delete_ClientSubscriptionInfo(parameters);
+            }
+            if (action.equalsIgnoreCase("delete_publisher")) {
+                delete_publisher(parameters);
+            }
+            if (action.equalsIgnoreCase("getAllPublisherDetail")) {
+                return getAllPublisherDetail(parameters);
+            }
+            if (action.equalsIgnoreCase("get_publisherDetail")) {
+                return get_publisherDetail(parameters);
+            }
+            if (action.equalsIgnoreCase("invoke_SyncSubscription")) {
+                return invoke_SyncSubscription(parameters);
+            }
+            if (action.equalsIgnoreCase("save_Clerk")) {
+                //    return save_Clerk(parameters);
+            }
+            if (action.equalsIgnoreCase("save_ClientSubscriptionInfo")) {
+                return save_ClientSubscriptionInfo(parameters);
+            }
+            if (action.equalsIgnoreCase("save_Node")) {
+                //    return save_Node(parameters);
+            }
+            if (action.equalsIgnoreCase("save_publisher")) {
+                return save_publisher(parameters);
+            }
+        } catch (Exception ex) {
+        }
+        return "error!";
+    }
+
+    public enum AuthStyle {
+
+        /**
+         * Http Basic
+         */
+        HTTP_BASIC,
+        /**
+         * Http Digest
+         */
+        HTTP_DIGEST,
+        /**
+         * HTTP NTLM
+         */
+        HTTP_NTLM,
+        /**
+         * UDDI Authentication via the Security API
+         */
+        UDDI_AUTH,
+        /**
+         * HTTP Client Certificate Authentication
+         */
+        HTTP_CLIENT_CERT
+    }
+
+    private String GetToken() {
+        if (style != AuthStyle.UDDI_AUTH) {
+            BindingProvider bp = null;
+            Map<String, Object> context = null;
+            bp = (BindingProvider) juddi;
+            context = bp.getRequestContext();
+            context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+            context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+            return null;
+        } else {
+            if (token != null) {
+                return token;
+            }
+            GetAuthToken req = new GetAuthToken();
+            if (session.getAttribute("username") != null
+                    && session.getAttribute("password") != null) {
+                req.setUserID((String) session.getAttribute("username"));
+                req.setCred(AES.Decrypt((String) session.getAttribute("password"), (String) properties.get("key")));
+                try {
+                    AuthToken authToken = security.getAuthToken(req);
+                    token = authToken.getAuthInfo();
+                } catch (Exception ex) {
+                    return HandleException(ex);
+                }
+            }
+        }
+        return token;
+    }
+
+    private void delete_publisher(HttpServletRequest parameters) throws Exception {
+        DeletePublisher sb = new DeletePublisher();
+        sb.setAuthInfo(GetToken());
+        sb.getPublisherId().add(parameters.getParameter("delete_publisherKEY"));
+        try {
+            juddi.deletePublisher(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    juddi.deletePublisher(sb);
+                }
+            } else {
+                throw ex;
+            }
+        }
+    }
+
+    private String getAllPublisherDetail(HttpServletRequest parameters) {
+        StringBuilder ret = new StringBuilder();
+        GetAllPublisherDetail sb = new GetAllPublisherDetail();
+        sb.setAuthInfo(GetToken());
+        PublisherDetail d = null;
+        try {
+            d = juddi.getAllPublisherDetail(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    try {
+                        d = juddi.getAllPublisherDetail(sb);
+                    } catch (Exception ex1) {
+                        return HandleException(ex);
+                    }
+                }
+            } else {
+                return HandleException(ex);
+            }
+        }
+        if (d != null) {
+            ret.append("<table class=\"table table-hover\"><tr><th>Name</th><th>Info</th></tr>");
+            for (int i = 0; i < d.getPublisher().size(); i++) {
+                ret.append("<tr><td>").append(StringEscapeUtils.escapeHtml(d.getPublisher().get(i).getPublisherName()))
+                        .append("</td><td>");
+                ret.append(PrintPublisherDetail(d.getPublisher().get(i)))
+                        .append("</td></tr>");
+            }
+            ret.append("</table>");
+        } else {
+            ret.append("No data returned");
+        }
+        return ret.toString();
+    }
+
+    private String PrintPublisherDetail(Publisher p) {
+        StringBuilder ret = new StringBuilder();
+
+        ret.append("Authorized Name = ").append(StringEscapeUtils.escapeHtml(p.getAuthorizedName()))
+                .append("<br>")
+                .append("Publisher Name = ").append(StringEscapeUtils.escapeHtml(p.getPublisherName()))
+                .append("<br>")
+                .append("Email = ")
+                .append(StringEscapeUtils.escapeHtml(p.getEmailAddress()))
+                .append("<br>")
+                .append("Administrator = ")
+                .append(StringEscapeUtils.escapeHtml(p.getIsAdmin()))
+                .append("<br>")
+                .append("Enabled = ")
+                .append(StringEscapeUtils.escapeHtml(p.getIsEnabled()))
+                .append("<br>")
+                .append("Max Bindings per = ")
+                .append(p.getMaxBindingsPerService())
+                .append("<br>")
+                .append("Max Businesses = ")
+                .append(p.getMaxBusinesses())
+                .append("<br>")
+                .append("Max Services per = ")
+                .append(p.getMaxServicePerBusiness())
+                .append("<br>")
+                .append("Max tModels = ")
+                .append(p.getMaxTModels())
+                .append("");
+        return ret.toString();
+    }
+
+    private String get_publisherDetail(HttpServletRequest parameters) {
+        StringBuilder ret = new StringBuilder();
+        GetPublisherDetail sb = new GetPublisherDetail();
+        sb.getPublisherId().add(parameters.getParameter("get_publisherDetailKEY"));
+        sb.setAuthInfo(GetToken());
+        PublisherDetail d = null;
+        try {
+            d = juddi.getPublisherDetail(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    try {
+                        d = juddi.getPublisherDetail(sb);
+                    } catch (Exception ex1) {
+                        return HandleException(ex);
+                    }
+                }
+            } else {
+                return HandleException(ex);
+            }
+        }
+        if (d != null) {
+            ret.append("<table class=\"table table-hover\"><tr>th>Name</th><th><th>Info</th></tr>");
+            for (int i = 0; i < d.getPublisher().size(); i++) {
+                ret.append("<tr><td>").append(StringEscapeUtils.escapeHtml(d.getPublisher().get(i).getPublisherName()))
+                        .append("</td><td>");
+                ret.append(PrintPublisherDetail(d.getPublisher().get(i)))
+                        .append("</td></tr>");
+            }
+            ret.append("</table>");
+        } else {
+            ret.append("No data returned");
+        }
+        return ret.toString();
+    }
+
+    private String invoke_SyncSubscription(HttpServletRequest parameters) {
+        StringBuilder ret = new StringBuilder();
+        SyncSubscription sb = new SyncSubscription();
+
+        SyncSubscriptionDetail d = null;
+        try {
+            StringReader sr = new StringReader(parameters.getParameter("invokeSyncSubscriptionXML").trim());
+            sb = (JAXB.unmarshal(sr, SyncSubscription.class));
+            sb.setAuthInfo(GetToken());
+            d = juddi.invokeSyncSubscription(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    try {
+                        d = juddi.invokeSyncSubscription(sb);
+                    } catch (Exception ex1) {
+                        return HandleException(ex);
+                    }
+                }
+            } else {
+                return HandleException(ex);
+            }
+        }
+        if (d != null) {
+            ret.append("<pre>");
+            StringWriter sw = new StringWriter();
+            JAXB.marshal(d, sw);
+            sw.append(PrettyPrintXML(sw.toString()));
+            ret.append("</pre>");
+        } else {
+            ret.append("No data returned");
+        }
+        return ret.toString();
+    }
+
+    private static String PrettyPrintXML(String input) {
+        try {
+            Transformer transformer = TransformerFactory.newInstance().newTransformer();
+            transformer.setOutputProperty(OutputKeys.INDENT, "yes");
+//initialize StreamResult with File object to save to file
+            StreamResult result = new StreamResult(new StringWriter());
+            StreamSource source = new StreamSource(new StringReader(input));
+            transformer.transform(source, result);
+            String xmlString = result.getWriter().toString();
+            return (xmlString);
+        } catch (Exception ex) {
+        }
+        return null;
+    }
+
+    private String save_ClientSubscriptionInfo(HttpServletRequest parameters) {
+        StringBuilder ret = new StringBuilder();
+        SaveClientSubscriptionInfo sb = new SaveClientSubscriptionInfo();
+
+        ClientSubscriptionInfoDetail d = null;
+        try {
+            StringReader sr = new StringReader(parameters.getParameter("invokeSyncSubscriptionXML").trim());
+            sb = (JAXB.unmarshal(sr, SaveClientSubscriptionInfo.class));
+            sb.setAuthInfo(GetToken());
+            d = juddi.saveClientSubscriptionInfo(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    try {
+                        d = juddi.saveClientSubscriptionInfo(sb);
+                    } catch (Exception ex1) {
+                        return HandleException(ex);
+                    }
+                }
+            } else {
+                return HandleException(ex);
+            }
+        }
+        if (d != null) {
+            ret.append("<pre>");
+            StringWriter sw = new StringWriter();
+            JAXB.marshal(d, sw);
+            sw.append(PrettyPrintXML(sw.toString()));
+            ret.append("</pre>");
+        } else {
+            ret.append("No data returned");
+        }
+        return ret.toString();
+    }
+
+    private String save_publisher(HttpServletRequest parameters) {
+
+        SavePublisher sb = new SavePublisher();
+        Publisher p = new Publisher();
+        p.setAuthorizedName(parameters.getParameter("savePublisherAuthorizedName"));
+        p.setPublisherName(parameters.getParameter("savePublisherNAME"));
+        p.setEmailAddress(parameters.getParameter("savePublisherEMAIL"));
+        p.setIsAdmin(parameters.getParameter("savePublisherIsAdmin"));
+        p.setIsEnabled(parameters.getParameter("savePublisherIsEnabled"));
+
+        sb.getPublisher().add(p);
+        PublisherDetail d = null;
+        sb.setAuthInfo(GetToken());
+        try {
+            p.setMaxBindingsPerService(Integer.parseInt(parameters.getParameter("savePublisherMaxBindings")));
+            p.setMaxServicePerBusiness(Integer.parseInt(parameters.getParameter("savePublisherMaxServices")));
+            p.setMaxBusinesses(Integer.parseInt(parameters.getParameter("savePublisherMaxBusiness")));
+            p.setMaxTModels(Integer.parseInt(parameters.getParameter("savePublisherMaxTModels")));
+            d = juddi.savePublisher(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    try {
+                        d = juddi.savePublisher(sb);
+                    } catch (Exception ex1) {
+                        return HandleException(ex);
+                    }
+                }
+            } else {
+                return HandleException(ex);
+            }
+        }
+        return "Success";
+    }
+
+    private String adminDelete_tmodel(HttpServletRequest parameters) {
+        DeleteTModel sb = new DeleteTModel();
+        sb.getTModelKey().add(parameters.getParameter("adminDelete_tmodelKEY"));
+        sb.setAuthInfo(GetToken());
+        try {
+            juddi.adminDeleteTModel(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    try {
+                        juddi.adminDeleteTModel(sb);
+                    } catch (Exception ex1) {
+                        return HandleException(ex);
+                    }
+                }
+            } else {
+                return HandleException(ex);
+            }
+        }
+        return "Success";
+    }
+
+    private String delete_ClientSubscriptionInfo(HttpServletRequest parameters) {
+        DeleteClientSubscriptionInfo sb = new DeleteClientSubscriptionInfo();
+        sb.getSubscriptionKey().add(parameters.getParameter("delete_ClientSubscriptionInfoKEY"));
+        sb.setAuthInfo(GetToken());
+        try {
+            juddi.deleteClientSubscriptionInfo(sb);
+        } catch (Exception ex) {
+            if (ex instanceof DispositionReportFaultMessage) {
+                DispositionReportFaultMessage f = (DispositionReportFaultMessage) ex;
+                if (f.getFaultInfo().countainsErrorCode(DispositionReport.E_AUTH_TOKEN_EXPIRED)) {
+                    token = null;
+                    sb.setAuthInfo(GetToken());
+                    try {
+                        juddi.deleteClientSubscriptionInfo(sb);
+                    } catch (Exception ex1) {
+                        return HandleException(ex);
+                    }
+                }
+            } else {
+                return HandleException(ex);
+            }
+        }
+        return "Success";
+    }
 }

Copied: juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/config.properties (from r1492918, juddi/trunk/juddi-gui/src/main/webapp/META-INF/config.properties)
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/config.properties?p2=juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/config.properties&p1=juddi/trunk/juddi-gui/src/main/webapp/META-INF/config.properties&r1=1492918&r2=1512444&rev=1512444&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/webapp/META-INF/config.properties (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/config.properties Fri Aug  9 18:54:03 2013
@@ -1,20 +1,17 @@
-# To change this template, choose Tools | Templates
-# and open the template in the editor.
+## Hey! 
 
+# This file is used for the jUDDI Administrative console
+# i.e. http://localhost:8080/juddiv3/admin
+
+# it's access by the StartupServlet and generates a new encryption key everytime the servlet container (i.e. Tomcat) starts up.
+# we must have write access to this file.
 
-inquiryurl=http://localhost:8080/juddiv3/services/inquiry?wsdl
-publishurl=http://localhost:8080/juddiv3/services/publish?wsdl
 securityurl=http://localhost:8080/juddiv3/services/security?wsdl
 
-custodyurl=http://localhost:8080/juddiv3/services/custody-transfer?wsdl
 juddipapi=http://localhost:8080/juddiv3/services/juddi-api?wsdl
-subscriptionurl=http://localhost:8080/juddiv3/services/subscription?wsdl
 # note used subscriptionlistenerurl=http://localhost:8080/juddiv3/services/subscription-listener?wsdl
 authtype=UDDI_AUTH
 
-registryType=juddi
-#future use
-
 
 #javax.net.ssl.keyStore
 #javax.net.ssl.keyStorePassword
@@ -31,11 +28,3 @@ registryType=juddi
 #TRUSTSTORE_FILETYPE = keyStoreType
 #TRUSTSTORE_FILE_PASSWORD = filePassword
 
-
-# uncomment to override
-#XML_DIGSIG_NS = http://www.w3.org/2000/09/xmldsig#
-
-CHECK_TIMESTAMPS = anyvalue
-#CHECK_REVOCATION_STATUS_OCSP = anyvalue
-#CHECK_REVOCATION_STATUS_CRL = anyvalue
-#CHECK_TRUST_CHAIN = anyvalue

Modified: juddi/trunk/juddiv3-war/src/main/webapp/admin/admin.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/admin.jsp?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/admin/admin.jsp (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/admin.jsp Fri Aug  9 18:54:03 2013
@@ -5,6 +5,16 @@
 --%>
 
 
+<%@page import="org.apache.juddi.api_v3.Publisher"%>
+<%@page import="org.apache.juddi.api_v3.SavePublisher"%>
+<%@page import="org.apache.juddi.api_v3.Clerk"%>
+<%@page import="org.apache.juddi.api_v3.SaveClerk"%>
+<%@page import="org.apache.juddi.api_v3.SyncSubscription"%>
+<%@page import="org.apache.juddi.api_v3.GetPublisherDetail"%>
+<%@page import="org.apache.juddi.api_v3.GetAllPublisherDetail"%>
+<%@page import="org.apache.juddi.api_v3.DeletePublisher"%>
+<%@page import="org.uddi.api_v3.DeleteTModel"%>
+<%@page import="org.apache.juddi.v3_service.JUDDIApiPortType"%>
 <%@page import="org.apache.commons.lang.StringEscapeUtils"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <%@include file="header-top.jsp"%>
@@ -22,20 +32,135 @@
 
 
         <div class="span12">
-            Here will be a number of administrative actions available from the jUDDI API, such as:
-            <select>
+            <%
+                UddiAdminHub x = UddiAdminHub.getInstance(application, session);
+
+
+            %>
+            This page lets you access the jUDDI Web Service.
+            Its functions are outside the scope of the UDDI specification and provide basic administrative functions
+            for managing your UDDI node. You'll need to be logged in order to do anything. Please select an item from the drop down menu.<br>
+            <select onchange="toggledivs();" id="divselector">
                 <option>adminDelete_tmodel</option>
                 <option>delete_ClientSubscriptionInfo</option>
                 <option>delete_publisher</option>
-                <option>get_allPublisherDetail</option>
+                <option>getAllPublisherDetail</option>
                 <option>get_publisherDetail</option>
                 <option>invoke_SyncSubscription</option>
-                <option>save_Clerk</option>
+<!--                <option>save_Clerk</option>-->
                 <option>save_ClientSubscriptionInfo</option>
-                <option>save_Node</option>
+                <!--<option>save_Node</option>-->
                 <option>save_publisher</option>
-                <option>View/Delete all pending Transfer Tokens</option>
             </select>
+            
+            <div>
+                <div id="adminDelete_tmodel" style="display:none">
+                    <input type="text" id="adminDelete_tmodelKEY" class="forminput" placeholder="Enter tModel Key">
+                </div>
+                <div id="delete_ClientSubscriptionInfo"  style="display:none">
+                    <input type="text" id="delete_ClientSubscriptionInfoKEY" class="forminput" placeholder="Enter subscription Key">
+                </div>
+                <div id="invoke_SyncSubscription" style="display:none">
+                    Leave the auth token blank!*<br>
+                    <textarea rows="4" cols="80" id="invokeSyncSubscriptionXML" class="forminput" placeholder="Enter subscription XML"></textarea>
+                </div>
+                <div id="delete_publisher" style="display:none">
+                    <input type="text"  class="forminput" id="delete_publisherKEY" placeholder="Enter publisher id">
+                </div>
+                <div id="getAllPublisherDetail" style="display:none">
+                    no input required.
+                </div>
+                <div id="get_publisherDetail" style="display:none">
+                    <input type="text" id="get_publisherDetailKEY"  class="forminput" placeholder="Enter publisher id">
+                </div>
+                <div id="save_ClientSubscriptionInfo" style="display:none">
+                    Leave the auth token blank!*<br>
+                    <textarea rows="4" cols="80" id="ClientSubscriptionInfoDetailXML" class="forminput" placeholder="Enter subscription XML"></textarea>
+                </div>
+                <div id="save_publisher" style="display:none">
+                    Name<input type="text" id="savePublisherNAME"  class="forminput" placeholder="Enter name"><br>
+                    Email<input type="text" id="savePublisherEMAIL"  class="forminput" placeholder="Enter email"><br>
+                    Authorized Name <input type="text" id="savePublisherAuthorizedName"  class="forminput" placeholder="Enter Authorized Name"><br>
+                    Is Admin <input type="text" id="savePublisherIsAdmin"  class="forminput" ><br>
+                    Is Enabled <input type="text" id="savePublisherIsEnabled"  class="forminput"><br>
+                    Max bindings per service <input type="text" id="savePublisherMaxBindings" placeholder="100"  class="forminput"><br>
+                    Max Services Per Business <input type="text" id="savePublisherMaxServices" placeholder="1000" class="forminput"><br>
+                    Max Business <input type="text" id="savePublisherMaxBusiness" placeholder="1000"  class="forminput"><br>
+                    Max TModels <input type="text" id="savePublisherMaxTModels" placeholder="1000" class="forminput"><br>
+                </div>
+            </div>
+            <script type="text/javascript">
+                function toggledivs()
+                {
+                    var x = $("#divselector").val();
+                    //alert(x);
+                    $("#adminDelete_tmodel").hide();
+                    $("#delete_ClientSubscriptionInfo").hide();
+                    $("#delete_publisher").hide();
+                    $("#getAllPublisherDetail").hide();
+                    $("#get_publisherDetail").hide();
+                    $("#invoke_SyncSubscription").hide();
+                    $("#save_ClientSubscriptionInfo").hide();
+                    $("#save_publisher").hide();
+                    
+                    
+                    $("#" + x).show();
+                }
+                toggledivs();//run when the page loads
+                function submitform() {
+                    var url = 'ajax/go.jsp';
+
+                    var postbackdata = new Array();
+
+                    var x = $("#divselector").val();
+                    postbackdata.push({
+                        name: "soapaction",
+                        value: x
+                    });
+
+                    postbackdata.push({
+                        name: "nonce",
+                        value: $("#nonce").val()
+                    });
+                    
+                    $(".forminput").each(function()
+                    {
+                        var id = $(this).attr("id");
+                        var value = $(this).text();
+                        postbackdata.push({
+                            name: id,
+                            value: value
+                        });
+                    });
+
+
+                    var request = $.ajax({
+                        url: url,
+                        type: "POST",
+                        //  data" + i18n_type + ": "html", 
+                        cache: false,
+                        //  processData: false,f
+                        data: postbackdata
+                    });
+
+
+                    request.done(function(msg) {
+                        window.console && console.log('postback done ' + url);
+                        $("#adminresults").html(msg);
+                    });
+
+                    request.fail(function(jqXHR, textStatus) {
+                        window.console && console.log('postback failed ' + url);
+                        $("#adminresults").html(jqXHR.responseText + textStatus);
+
+
+                    });
+                }
+            </script>
+            <br>
+            * For items that require an XML input, let the UDDI authentication token blank. It will be populated automatically.
+            <a href="javascript:submitform();" class="btn btn-primary">Go!</a>
+            <div id="adminresults"></div>
         </div>
 
     </div>

Added: juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/go.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/go.jsp?rev=1512444&view=auto
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/go.jsp (added)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/go.jsp Fri Aug  9 18:54:03 2013
@@ -0,0 +1,22 @@
+<%-- 
+    Document   : go - handles requests for the admin actions page
+    Created on : Aug 9, 2013, 6:52:50 PM
+    Author     : Alex O'Ree
+--%>
+
+<%@page import="org.apache.juddi.webconsole.hub.UddiAdminHub"%>
+<%@page import="org.apache.commons.lang.StringEscapeUtils"%>
+<%@page import="java.util.Enumeration"%>
+<%@page contentType="text/html" pageEncoding="UTF-8"%>
+<!DOCTYPE html>
+<%@include  file="../csrf.jsp" %>
+<%
+    if (request.getMethod().equalsIgnoreCase("POST")) {
+        UddiAdminHub x = UddiAdminHub.getInstance(application, session);
+        try {
+            out.write(x.go(request));
+        } catch (Exception ex) {
+            out.write("<i class=\"icon-thumbs-down icon-2x\"> Save Failed!<br>" + StringEscapeUtils.escapeHtml(ex.getMessage()));
+        }
+    }
+%>
\ No newline at end of file

Copied: juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/loginpost.jsp (from r1492918, juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp)
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/loginpost.jsp?p2=juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/loginpost.jsp&p1=juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp&r1=1492918&r2=1512444&rev=1512444&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/loginpost.jsp Fri Aug  9 18:54:03 2013
@@ -8,15 +8,15 @@
 <%@page import="java.io.InputStream"%>
 <%@page import="java.net.URL"%>
 <%@page import="org.apache.juddi.webconsole.AES"%>
-<%@page import="org.apache.juddi.webconsole.hub.UddiHub"%>
+<%@page import="org.apache.juddi.webconsole.hub.UddiAdminHub"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <!DOCTYPE html>
 <%@include  file="../csrf.jsp" %>
 <%
 
-    URL prop = application.getResource("/META-INF/config.properties");
+    URL prop = application.getResource("/WEB-INF/config.properties");
     if (prop == null) {
-        prop = application.getResource("META-INF/config.properties");
+        prop = application.getResource("WEB-INF/config.properties");
 
     }
     if (prop == null) {
@@ -32,8 +32,8 @@
 
 
 
-    UddiHub.reset(request.getSession());
-    UddiHub x = UddiHub.getInstance(application, request.getSession());
+    UddiAdminHub.reset(request.getSession());
+    UddiAdminHub x = UddiAdminHub.getInstance(application, request.getSession());
 
 
 

Added: juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/saveconfig.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/saveconfig.jsp?rev=1512444&view=auto
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/saveconfig.jsp (added)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/ajax/saveconfig.jsp Fri Aug  9 18:54:03 2013
@@ -0,0 +1,53 @@
+<%-- 
+    Document   : saveconfig
+    Created on : Jul 31, 2013, 6:52:50 PM
+    Author     : Alex O'Ree
+--%>
+
+<%@page import="org.apache.commons.lang.StringEscapeUtils"%>
+<%@page import="org.apache.juddi.config.AppConfig"%>
+<%@page import="org.apache.commons.configuration.Configuration"%>
+<%@page import="java.util.Enumeration"%>
+<%@page contentType="text/html" pageEncoding="UTF-8"%>
+<!DOCTYPE html>
+<%@include  file="../csrf.jsp" %>
+<%
+    if (request.getMethod().equalsIgnoreCase("POST")) {
+        try {
+            Enumeration it = request.getParameterNames();
+            Configuration cfg = AppConfig.getConfiguration();
+            while (it.hasMoreElements()) {
+                String key = (String) it.nextElement();
+                String val = request.getParameter(key);
+                if (key != "nonce") {
+                    boolean isbool = false;
+                    boolean isint = false;
+                    boolean boolval = false;
+                    int intval = 0;
+                    if (val.equalsIgnoreCase("true") || val.equalsIgnoreCase("true")) {
+                        isbool = true;
+                        boolval = Boolean.parseBoolean(val);
+                    }
+
+                    try {
+                        intval = Integer.parseInt(val);
+                        isint = true;
+                    } catch (Exception ex) {
+                    }
+                    if (isbool) {
+                        cfg.setProperty(key, boolval);
+                    } else if (isint) {
+                        cfg.setProperty(key, intval);
+                    } else {
+                        cfg.setProperty(key, val);
+                    }
+
+
+                }
+            }
+            out.write("<i class=\"icon-thumbs-up icon-2x\"> Saved!");
+        } catch (Exception ex) {
+            out.write("<i class=\"icon-thumbs-down icon-2x\"> Save Failed!<br>" + StringEscapeUtils.escapeHtml(ex.getMessage()));
+        }
+    }
+%>
\ No newline at end of file

Modified: juddi/trunk/juddiv3-war/src/main/webapp/admin/configure.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/configure.jsp?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/admin/configure.jsp (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/configure.jsp Fri Aug  9 18:54:03 2013
@@ -16,7 +16,7 @@
     <!-- Main hero unit for a primary marketing message or call to action -->
     <div class="well">
         <h1>Configure jUDDI</h1>
-
+        Just click to edit each field, then click save when you are done. (Not all fields can be modified)
     </div>
 
     <!-- Example row of columns -->

Modified: juddi/trunk/juddiv3-war/src/main/webapp/admin/csrf.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/csrf.jsp?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/admin/csrf.jsp (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/csrf.jsp Fri Aug  9 18:54:03 2013
@@ -4,8 +4,8 @@
     Author     : Alex O'Ree
 --%>
 
+<%@page import="org.apache.juddi.webconsole.hub.UddiAdminHub"%>
 <%@page import="org.apache.juddi.webconsole.CrossSiteRequestForgeryException"%>
-<%@page import="org.apache.juddi.webconsole.hub.UddiHub"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <%
     //this is to catch someone that bookmarked a page after selecting a language
@@ -31,14 +31,14 @@
             //reject it
             session.removeAttribute("nonce");
             response.sendRedirect("index.jsp");
-            UddiHub.log.warn( "CSRF Test failed, no nonce guid." + request.getRemoteAddr() + request.getRemoteUser());
+            UddiAdminHub.log.warn( "CSRF Test failed, no nonce guid." + request.getRemoteAddr() + request.getRemoteUser());
             throw new CrossSiteRequestForgeryException();
         } else {
 
             String noncestr = (String) session.getAttribute("nonce");
             if (noncestr == null) {
                 //no session variable to test against, reject it
-                UddiHub.log.warn( "CSRF Test failed, no session guid." + request.getRemoteAddr() + request.getRemoteUser());
+                UddiAdminHub.log.warn( "CSRF Test failed, no session guid." + request.getRemoteAddr() + request.getRemoteUser());
                 session.removeAttribute("nonce");
                 throw new CrossSiteRequestForgeryException("Cross Site Request Forgery");
             }
@@ -53,10 +53,10 @@
                 // current = UUID.randomUUID();
                 //session.removeAttribute("nonce");
                 // session.setAttribute("nonce", current.toString());
-                UddiHub.log.info( "CSRF Test passed.");
+                UddiAdminHub.log.info( "CSRF Test passed.");
             } else {
                 //mismatch, reject it
-                UddiHub.log.warn( "CSRF Test failed, session did not match nonce guid." + request.getRemoteAddr() + request.getRemoteUser());
+                UddiAdminHub.log.warn( "CSRF Test failed, session did not match nonce guid." + request.getRemoteAddr() + request.getRemoteUser());
                 session.removeAttribute("nonce");
                 throw new CrossSiteRequestForgeryException("Cross Site Request Forgery");
             }

Modified: juddi/trunk/juddiv3-war/src/main/webapp/admin/header-top.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/header-top.jsp?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/admin/header-top.jsp (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/header-top.jsp Fri Aug  9 18:54:03 2013
@@ -20,7 +20,7 @@
     Author     : Alex O'Ree
 --%>
 
-<%@page import="org.apache.juddi.webconsole.hub.UddiHub"%>
+<%@page import="org.apache.juddi.webconsole.hub.UddiAdminHub"%>
 <%@page import="org.apache.juddi.webconsole.resources.ResourceLoader"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <!DOCTYPE html>
@@ -95,7 +95,7 @@
             <div class="alert" style="display:none; position: fixed; top:45px; width:80%; left: 10%; z-index: 1000; opacity: 1.0; background-color: #FFD530; color:black " id="resultBar">
             </div>
             <%
-                UddiHub hub = UddiHub.getInstance(application, session);
+                UddiAdminHub hub = UddiAdminHub.getInstance(application, session);
             %>
 
             <div class="navbar navbar-inverse navbar-fixed-top">
@@ -110,7 +110,8 @@
                         <div class="nav-collapse collapse">
                             <ul class="nav">
                                 <li><a href="home.jsp" ><i class="icon-home icon-large"></i><%=ResourceLoader.GetResource(session, "navbar.home")%></a></li>
-                                <li><a href="status.jsp" ><i class="icon-compass icon-large"></i>Status<%//=ResourceLoader.GetResource(session, "navbar.home")%></a></li>
+                                <li><a href="stats.jsp" ><i class="icon-camera icon-large"></i>Status<%//=ResourceLoader.GetResource(session, "navbar.home")%></a></li>
+                                <li><a href="configure.jsp" ><i class="icon-cog icon-large"></i>Configure<%//=ResourceLoader.GetResource(session, "navbar.home")%></a></li>
                                 <li><a href="admin.jsp" ><i class="icon-cogs icon-large"></i>Admin<%//=ResourceLoader.GetResource(session, "navbar.home")%></a></li>
 
 

Modified: juddi/trunk/juddiv3-war/src/main/webapp/admin/logout.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/admin/logout.jsp?rev=1512444&r1=1512443&r2=1512444&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/admin/logout.jsp (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/admin/logout.jsp Fri Aug  9 18:54:03 2013
@@ -4,11 +4,11 @@
     Author     : Alex O'Ree
 --%>
 
-<%@page import="org.apache.juddi.webconsole.hub.UddiHub"%>
+<%@page import="org.apache.juddi.webconsole.hub.UddiAdminHub"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <%
-    UddiHub hub = UddiHub.getInstance(application, session);
-    UddiHub.reset(session);
+    UddiAdminHub hub = UddiAdminHub.getInstance(application, session);
+    UddiAdminHub.reset(session);
     hub.die();
     session.removeAttribute("username");
     session.removeAttribute("password");



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@juddi.apache.org
For additional commands, e-mail: commits-help@juddi.apache.org


Mime
View raw message