juddi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alexo...@apache.org
Subject svn commit: r1538859 - in /juddi/trunk: juddi-core-openjpa/ juddi-core/ juddi-core/src/main/java/org/apache/juddi/api/impl/ juddi-core/src/main/java/org/apache/juddi/config/ juddi-core/src/main/java/org/apache/juddi/model/ juddi-core/src/test/java/org/...
Date Tue, 05 Nov 2013 03:18:17 GMT
Author: alexoree
Date: Tue Nov  5 03:18:15 2013
New Revision: 1538859

URL: http://svn.apache.org/r1538859
Log:
JUDDI-686 done
JUDDI-637 adding some class level docs
JUDDI-691 fixed
JUDDI-644 flipping serialization flag for tck tests to reduce logging

Added:
    juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/TokenTest.java
    juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDIPublicationImplExt.java
    juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDISecurityImplExt.java
    juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockHttpServletRequest.java
    juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockMessageContext.java
    juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockWebServiceContext.java
Modified:
    juddi/trunk/juddi-core-openjpa/pom.xml
    juddi/trunk/juddi-core/pom.xml
    juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java
    juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIPublicationImpl.java
    juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDISecurityImpl.java
    juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
    juddi/trunk/juddi-core/src/main/java/org/apache/juddi/model/AuthToken.java
    juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java
    juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-3des.xml
    juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes128.xml
    juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes256.xml
    juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-default.xml
    juddi/trunk/juddi-core/src/test/resources/juddiv3.xml
    juddi/trunk/uddi-tck-base/src/main/java/org/apache/juddi/v3/tck/TckBusiness.java

Modified: juddi/trunk/juddi-core-openjpa/pom.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core-openjpa/pom.xml?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core-openjpa/pom.xml (original)
+++ juddi/trunk/juddi-core-openjpa/pom.xml Tue Nov  5 03:18:15 2013
@@ -202,6 +202,11 @@
             <version>1.5</version>
             <scope>test</scope>
         </dependency>
+			 <dependency>
+			  <groupId>javax.servlet</groupId>
+			  <artifactId>servlet-api</artifactId>
+			  <version>2.4</version>
+			 </dependency>
 	</dependencies>
 	
 </project>

Modified: juddi/trunk/juddi-core/pom.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/pom.xml?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/pom.xml (original)
+++ juddi/trunk/juddi-core/pom.xml Tue Nov  5 03:18:15 2013
@@ -197,6 +197,11 @@
 	  <artifactId>commons-collections</artifactId>
 	  <version>3.2</version>
 	 </dependency>
+	 <dependency>
+	  <groupId>javax.servlet</groupId>
+	  <artifactId>servlet-api</artifactId>
+	  <version>2.4</version>
+	 </dependency>
 	</dependencies>
 		
 </project>

Modified: juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java (original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java Tue Nov  5 03:18:15 2013
@@ -18,8 +18,12 @@
 package org.apache.juddi.api.impl;
 
 import java.util.Date;
+import javax.annotation.Resource;
 
 import javax.persistence.EntityManager;
+import javax.servlet.http.HttpServletRequest;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.handler.MessageContext;
 
 import org.apache.commons.configuration.ConfigurationException;
 import org.apache.commons.logging.Log;
@@ -44,6 +48,8 @@ public abstract class AuthenticatedServi
 	public static final int AUTHTOKEN_RETIRED = 0;
 	Log logger = LogFactory.getLog(this.getClass());
 	
+        @Resource
+        protected WebServiceContext ctx;
 	public UddiEntityPublisher getEntityPublisher(EntityManager em, String authInfo) throws DispositionReportFaultMessage {
 		
 		if (authInfo == null || authInfo.length() == 0)
@@ -90,7 +96,43 @@ public abstract class AuthenticatedServi
 
 		if (modelAuthToken.getTokenState() == AUTHTOKEN_RETIRED)
 			throw new AuthTokenExpiredException(new ErrorMessage("errors.auth.AuthTokenExpired"));
-		
+		if (ctx !=null){
+                    try{
+                        boolean check=true;
+                        try{
+                            check=AppConfig.getConfiguration().getBoolean(Property.JUDDI_AUTH_TOKEN_ENFORCE_SAME_IP, true);
+                        }
+                        catch (ConfigurationException ex){
+                            logger.warn("Error loading config property " + Property.JUDDI_AUTH_TOKEN_ENFORCE_SAME_IP + 
+                                    " Enforcing Same IP for Auth Tokens will be enabled by default", ex);
+                        }
+                        if (check){
+                            MessageContext mc = ctx.getMessageContext();
+                            HttpServletRequest req = null;
+                            if (mc!=null){
+                                req=(HttpServletRequest)mc.get(MessageContext.SERVLET_REQUEST); 
+                            }
+                            if (req!=null &&
+                                    modelAuthToken.getIPAddress()!=null &&
+                                    modelAuthToken.getIPAddress()!=null &&
+                                    !modelAuthToken.getIPAddress().equalsIgnoreCase(req.getRemoteAddr()))
+                            {
+                                modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
+                                logger.error("Security Alert - Attempt to use issued auth token from a different IP address, user " +
+                                        modelAuthToken.getAuthorizedName() + ", issued IP " + modelAuthToken.getIPAddress() + 
+                                        ", attempted use from " + req.getRemoteAddr() + ", forcing reauthentication.");
+                                throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
+                                //invalidate the token, someone's intercepted it or it was reused on another ip
+                            }
+                        }
+                    }
+                    catch (Exception ex){
+                        if (ex instanceof AuthTokenRequiredException)
+                            throw (AuthTokenRequiredException)ex;
+                        logger.error("unexpected error caught looking up requestor's ip address", ex);
+                    }
+                    
+                }
 		Authenticator authenticator = AuthenticatorFactory.getAuthenticator();
 		UddiEntityPublisher entityPublisher = authenticator.identify(authInfo, modelAuthToken.getAuthorizedName());
 		

Modified: juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIPublicationImpl.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIPublicationImpl.java?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIPublicationImpl.java (original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIPublicationImpl.java Tue Nov  5 03:18:15 2013
@@ -74,7 +74,8 @@ import org.apache.juddi.query.util.Dynam
 import org.apache.juddi.query.util.FindQualifiers;
 
 /**
- * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a>
+ * This class implements the UDDI Publication Service
+ * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a> (and many others)
  */
 @WebService(serviceName="UDDIPublicationService", 
 			endpointInterface="org.uddi.v3_service.UDDIPublicationPortType",
@@ -89,6 +90,8 @@ public class UDDIPublicationImpl extends
             serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDIPublicationImpl.class);
         }
 	
+        
+        
 	public void addPublisherAssertions(AddPublisherAssertions body)
 			throws DispositionReportFaultMessage {
 	        long startTime = System.currentTimeMillis();
@@ -401,6 +404,7 @@ public class UDDIPublicationImpl extends
 			businessKeysFound = FindBusinessByPublisherQuery.select(em, null, publisher, businessKeysFound);
 			
 			List<org.apache.juddi.model.PublisherAssertion> pubAssertionList = FindPublisherAssertionByBusinessQuery.select(em, businessKeysFound, null);
+                        if (pubAssertionList!=null)
 			for(org.apache.juddi.model.PublisherAssertion modelPubAssertion : pubAssertionList) {
 				org.uddi.api_v3.PublisherAssertion apiPubAssertion = new org.uddi.api_v3.PublisherAssertion();
 	

Modified: juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDISecurityImpl.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDISecurityImpl.java?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDISecurityImpl.java (original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDISecurityImpl.java Tue Nov  5 03:18:15 2013
@@ -23,6 +23,9 @@ import java.util.UUID;
 import javax.jws.WebService;
 import javax.persistence.EntityManager;
 import javax.persistence.EntityTransaction;
+import javax.servlet.http.HttpServletRequest;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.handler.MessageContext;
 
 import org.uddi.api_v3.AuthToken;
 import org.uddi.api_v3.DiscardAuthToken;
@@ -43,7 +46,11 @@ import org.apache.juddi.v3.error.ErrorMe
 import org.apache.juddi.v3.error.UnknownUserException;
 
 /**
- * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a>
+ * This class implements the UDDI Security Service and basically handles all authentication requests
+ * for jUDDI. These authentication requests are routed to the appropriately configured
+ * authenticator for validation, then persisted in the database until they either
+ * expire or are discarded.
+ * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a> (and many others)
  */
 @WebService(serviceName="UDDISecurityService", 
 			endpointInterface="org.uddi.v3_service.UDDISecurityPortType",
@@ -57,6 +64,16 @@ public class UDDISecurityImpl extends Au
             super();
             serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class);
         }
+        
+        /**
+         * used for unit tests only
+         * @param ctx 
+         */
+        protected UDDISecurityImpl(WebServiceContext ctx) {
+            super();
+            this.ctx = ctx;
+            serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class);
+        }
 	
 	public void discardAuthToken(DiscardAuthToken body)
 			throws DispositionReportFaultMessage {
@@ -129,7 +146,17 @@ public class UDDISecurityImpl extends Au
 				modelAuthToken.setAuthorizedName(publisherId);
 				modelAuthToken.setNumberOfUses(0);
 				modelAuthToken.setTokenState(AUTHTOKEN_ACTIVE);
-
+                                if (ctx !=null){
+                                    try{
+                                        MessageContext mc = ctx.getMessageContext();
+                                        HttpServletRequest req = (HttpServletRequest)mc.get(MessageContext.SERVLET_REQUEST); 
+                                        modelAuthToken.setIPAddress(req.getRemoteAddr());
+                                        //System.out.println("Client IP = " + req.getRemoteAddr());
+                                    }
+                                    catch (Exception ex){
+                                        logger.warn("unexpected erorr fetching requestor's ip address. Assiocation of auth token to IP will not be possible", ex);
+                                    }
+                                }
 				em.persist(modelAuthToken);
 			}
 

Modified: juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java (original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java Tue Nov  5 03:18:15 2013
@@ -59,6 +59,12 @@ public interface Property {
     public final static String JUDDI_AUTH_TOKEN_EXPIRATION = "juddi.auth.token.Expiration";
     public final static String JUDDI_AUTH_TOKEN_TIMEOUT = "juddi.auth.token.Timeout";
     
+    /**
+     * when set, auth tokens can only be used from the IP address they were issued to.
+     * 
+     */
+    public final static String JUDDI_AUTH_TOKEN_ENFORCE_SAME_IP = "juddi.auth.token.enforceSameIPRule";
+    
     public final static String JUDDI_AUTHENTICATOR = "juddi.auth.authenticator.class";
     /**
      * @see LdapSimpleAuthenticator

Modified: juddi/trunk/juddi-core/src/main/java/org/apache/juddi/model/AuthToken.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/model/AuthToken.java?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/model/AuthToken.java (original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/model/AuthToken.java Tue Nov  5 03:18:15 2013
@@ -31,6 +31,7 @@ public class AuthToken implements java.i
 
 	private static final long serialVersionUID = 1147567747533293480L;
 	private String authToken;
+        private String ipaddress;
 	private String authorizedName;
 	private Date created;
 	private Date lastUsed;
@@ -103,4 +104,16 @@ public class AuthToken implements java.i
 		this.tokenState = tokenState;
 	}
 
+        /**
+         * @since 3.2
+         * @return 
+         */
+	@Column(name = "ipaddress", nullable = true, length = 51)
+	public String getIPAddress() {
+		return this.ipaddress;
+	}
+	public void setIPAddress(String ip) {
+		this.ipaddress=ip;
+	}
+
 }

Added: juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/TokenTest.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/TokenTest.java?rev=1538859&view=auto
==============================================================================
--- juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/TokenTest.java (added)
+++ juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/TokenTest.java Tue Nov  5 03:18:15 2013
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2013 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.juddi.api.impl;
+
+import java.rmi.RemoteException;
+import org.apache.juddi.api.impl.UDDIPublicationImplExt;
+import org.apache.commons.configuration.ConfigurationException;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.juddi.Registry;
+import org.apache.juddi.api.impl.UDDIPublicationImpl;
+import org.apache.juddi.api.impl.UDDIPublicationImpl;
+import org.apache.juddi.api.impl.UDDISecurityImpl;
+import org.apache.juddi.api.impl.UDDISecurityImpl;
+import org.apache.juddi.auth.MockWebServiceContext;
+import org.apache.juddi.auth.MockWebServiceContext;
+import org.apache.juddi.v3.error.AuthTokenRequiredException;
+import org.apache.juddi.v3.tck.TckBusiness;
+import org.apache.juddi.v3.tck.TckFindEntity;
+import org.apache.juddi.v3.tck.TckPublisher;
+import org.apache.juddi.v3.tck.TckPublisherAssertion;
+import org.apache.juddi.v3.tck.TckSecurity;
+import org.apache.juddi.v3.tck.TckTModel;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.uddi.api_v3.AuthToken;
+import org.uddi.api_v3.GetAuthToken;
+import org.uddi.v3_service.UDDISecurityPortType;
+
+/**
+ * This was created to test the features added for JIRA JUDDI-686 which implies
+ * that auth tokens can only be used from the IP address that it was issued to
+ *
+ * @author Alex O'Ree
+ */
+public class TokenTest {
+
+    private static Log logger = LogFactory.getLog(TokenTest.class);
+    private static API_010_PublisherTest api010 = new API_010_PublisherTest();
+    private static TckTModel tckTModel = new TckTModel(new UDDIPublicationImpl(), new UDDIInquiryImpl());
+    private static TckBusiness tckBusiness = new TckBusiness(new UDDIPublicationImpl(), new UDDIInquiryImpl());
+    private static TckPublisherAssertion tckAssertion = new TckPublisherAssertion(new UDDIPublicationImpl());
+    private static TckFindEntity tckFindEntity = new TckFindEntity(new UDDIInquiryImpl());
+    private static String authInfoJoe = null;
+    private static String authInfoSam = null;
+    private static String authInfoMary = null;
+
+    @BeforeClass
+    public static void startRegistry() throws ConfigurationException {
+        Registry.start();
+        logger.debug("Getting auth token..");
+        try {
+            api010.saveJoePublisher();
+            api010.saveSamSyndicator();
+            UDDISecurityPortType security = new UDDISecurityImpl();
+            authInfoJoe = TckSecurity.getAuthToken(security, TckPublisher.getJoePublisherId(), TckPublisher.getJoePassword());
+            authInfoSam = TckSecurity.getAuthToken(security, TckPublisher.getSamPublisherId(), TckPublisher.getSamPassword());
+            authInfoMary = TckSecurity.getAuthToken(security, TckPublisher.getMaryPublisherId(), TckPublisher.getMaryPassword());
+        } catch (RemoteException e) {
+            logger.error(e.getMessage(), e);
+            Assert.fail("Could not obtain authInfo token.");
+        }
+    }
+
+    @AfterClass
+    public static void stopRegistry() throws ConfigurationException {
+        Registry.stop();
+    }
+
+    @Test
+    public void TestMatchingIPAddress() throws Exception {
+        MockWebServiceContext mwsc = new MockWebServiceContext("192.168.12.42");
+        UDDIPublicationImpl pub = new UDDIPublicationImplExt(mwsc);
+        UDDISecurityImpl security = new UDDISecurityImpl(mwsc);
+        String authToken1 = TckSecurity.getAuthToken(security, TckPublisher.getJoePublisherId(), TckPublisher.getJoePassword());
+        pub.getPublisherAssertions(authToken1);
+    }
+
+    @Test(expected = AuthTokenRequiredException.class)
+    public void TestMisMatchingIPAddress() throws Exception {
+        MockWebServiceContext mwsc = new MockWebServiceContext("192.168.12.42");
+        MockWebServiceContext mwsc2 = new MockWebServiceContext("10.1.1.1");
+        UDDIPublicationImpl pub = new UDDIPublicationImplExt(mwsc2);
+        UDDISecurityImpl security = new UDDISecurityImpl(mwsc);
+        String authToken1 = TckSecurity.getAuthToken(security, TckPublisher.getJoePublisherId(), TckPublisher.getJoePassword());
+        pub.getPublisherAssertions(authToken1);
+    }
+
+    @Test
+    public void TestNullIPAddress() throws Exception {
+        MockWebServiceContext mwsc = new MockWebServiceContext("192.168.12.42");
+        UDDIPublicationImpl pub = new UDDIPublicationImplExt(null);
+        UDDISecurityImpl security = new UDDISecurityImpl(mwsc);
+        String authToken1 = TckSecurity.getAuthToken(security, TckPublisher.getJoePublisherId(), TckPublisher.getJoePassword());
+        pub.getPublisherAssertions(authToken1);
+    }
+
+    @Test
+    public void TestNullIPAddress2() throws Exception {
+        MockWebServiceContext mwsc = new MockWebServiceContext("192.168.12.42");
+        UDDIPublicationImpl pub = new UDDIPublicationImplExt(mwsc);
+        UDDISecurityImpl security = new UDDISecurityImpl(null);
+        String authToken1 = TckSecurity.getAuthToken(security, TckPublisher.getJoePublisherId(), TckPublisher.getJoePassword());
+        pub.getPublisherAssertions(authToken1);
+    }
+
+    @Test
+    public void TestNullIPAddress3() throws Exception {
+        UDDIPublicationImpl pub = new UDDIPublicationImplExt(null);
+        UDDISecurityImpl security = new UDDISecurityImpl(null);
+        String authToken1 = TckSecurity.getAuthToken(security, TckPublisher.getJoePublisherId(), TckPublisher.getJoePassword());
+        pub.getPublisherAssertions(authToken1);
+    }
+}

Added: juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDIPublicationImplExt.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDIPublicationImplExt.java?rev=1538859&view=auto
==============================================================================
--- juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDIPublicationImplExt.java (added)
+++ juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDIPublicationImplExt.java Tue Nov  5 03:18:15 2013
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2013 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.juddi.api.impl;
+
+import javax.xml.ws.WebServiceContext;
+import org.apache.juddi.api.impl.ServiceCounterLifecycleResource;
+import org.apache.juddi.api.impl.UDDIPublicationImpl;
+import org.apache.juddi.api.impl.UDDIPublicationImpl;
+import org.apache.juddi.api.impl.UDDISecurityImpl;
+
+/**
+ *
+ * @author Alex O'Ree
+ */
+public class UDDIPublicationImplExt extends UDDIPublicationImpl {
+
+    /**
+     * used for unit tests only
+     *
+     * @param ctx
+     */
+    protected UDDIPublicationImplExt(WebServiceContext ctx) {
+        super();
+        this.ctx = ctx;
+    }
+}

Added: juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDISecurityImplExt.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDISecurityImplExt.java?rev=1538859&view=auto
==============================================================================
--- juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDISecurityImplExt.java (added)
+++ juddi/trunk/juddi-core/src/test/java/org/apache/juddi/api/impl/UDDISecurityImplExt.java Tue Nov  5 03:18:15 2013
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2013 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.juddi.api.impl;
+
+import javax.xml.ws.WebServiceContext;
+
+/**
+ * This is used 
+ * @author Alex O'Ree
+ */
+public class UDDISecurityImplExt extends UDDISecurityImpl{
+ /**
+     * used for unit tests only
+     *
+     * @param ctx
+     */
+    protected UDDISecurityImplExt(WebServiceContext ctx) {
+        super();
+        this.ctx = ctx;
+    }
+}

Modified: juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java (original)
+++ juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java Tue Nov  5 03:18:15 2013
@@ -138,7 +138,7 @@ public class AuthenticatorTest 
 	{
             System.out.println("testCreateJuddiUsersEncrypted");
 		try {
-			Cryptor cryptor = (Cryptor) CryptorFactory.getCryptor();
+			Cryptor cryptor = CryptorFactory.getCryptor();
 			JuddiUsers juddiUsers = new JuddiUsers();
 			juddiUsers.getUser().add(new User("anou_mana",cryptor.encrypt("password")));
 			juddiUsers.getUser().add(new User("bozo",cryptor.encrypt("clown")));

Added: juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockHttpServletRequest.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockHttpServletRequest.java?rev=1538859&view=auto
==============================================================================
--- juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockHttpServletRequest.java (added)
+++ juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockHttpServletRequest.java Tue Nov  5 03:18:15 2013
@@ -0,0 +1,313 @@
+/*
+ * Copyright 2013 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.juddi.auth;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.Principal;
+import java.util.Enumeration;
+import java.util.Locale;
+import java.util.Map;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+/**
+ *
+ * @author Alex O'Ree
+ */
+public class MockHttpServletRequest implements HttpServletRequest {
+
+    String ip = null;
+
+    public MockHttpServletRequest(String ip) {
+
+        this.ip = ip;
+    }
+
+    @Override
+    public String getAuthType() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Cookie[] getCookies() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public long getDateHeader(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getHeader(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Enumeration getHeaders(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Enumeration getHeaderNames() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public int getIntHeader(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getMethod() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getPathInfo() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getPathTranslated() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getContextPath() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getQueryString() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getRemoteUser() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean isUserInRole(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Principal getUserPrincipal() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getRequestedSessionId() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getRequestURI() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public StringBuffer getRequestURL() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getServletPath() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public HttpSession getSession(boolean bln) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public HttpSession getSession() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean isRequestedSessionIdValid() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean isRequestedSessionIdFromCookie() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean isRequestedSessionIdFromURL() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean isRequestedSessionIdFromUrl() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Object getAttribute(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Enumeration getAttributeNames() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getCharacterEncoding() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public void setCharacterEncoding(String string) throws UnsupportedEncodingException {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public int getContentLength() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getContentType() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public ServletInputStream getInputStream() throws IOException {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getParameter(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Enumeration getParameterNames() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String[] getParameterValues(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Map getParameterMap() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getProtocol() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getScheme() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getServerName() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public int getServerPort() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public BufferedReader getReader() throws IOException {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getRemoteAddr() {
+        return this.ip;
+    }
+
+    @Override
+    public String getRemoteHost() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public void setAttribute(String string, Object o) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public void removeAttribute(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Locale getLocale() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Enumeration getLocales() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean isSecure() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public RequestDispatcher getRequestDispatcher(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getRealPath(String string) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public int getRemotePort() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getLocalName() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public String getLocalAddr() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public int getLocalPort() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+}

Added: juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockMessageContext.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockMessageContext.java?rev=1538859&view=auto
==============================================================================
--- juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockMessageContext.java (added)
+++ juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockMessageContext.java Tue Nov  5 03:18:15 2013
@@ -0,0 +1,102 @@
+/*
+ * Copyright 2013 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.juddi.auth;
+
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+import javax.xml.ws.handler.MessageContext;
+
+/**
+ *
+ * @author Alex O'Ree
+ */
+public class MockMessageContext implements MessageContext{
+
+    @Override
+    public void setScope(String name, Scope scope) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Scope getScope(String name) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public int size() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean isEmpty() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean containsKey(Object key) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public boolean containsValue(Object value) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Object get(Object key) {
+       return map.get(key);
+    }
+    Map map = new HashMap();
+
+    @Override
+    public Object put(String key, Object value) {
+        return map.put(key, value);
+    }
+
+    @Override
+    public Object remove(Object key) {
+       return  map.remove(key);
+    }
+
+    @Override
+    public void putAll(Map<? extends String, ? extends Object> m) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public void clear() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Set<String> keySet() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Collection<Object> values() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public Set<Entry<String, Object>> entrySet() {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+}

Added: juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockWebServiceContext.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockWebServiceContext.java?rev=1538859&view=auto
==============================================================================
--- juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockWebServiceContext.java (added)
+++ juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/MockWebServiceContext.java Tue Nov  5 03:18:15 2013
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2013 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.juddi.auth;
+
+import java.security.Principal;
+import javax.xml.ws.EndpointReference;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.handler.MessageContext;
+import org.w3c.dom.Element;
+
+/**
+ *
+ * @author Alex O'Ree
+ */
+public class MockWebServiceContext implements WebServiceContext {
+
+    public MockWebServiceContext(String ipaddress) {
+        ctx.put(MessageContext.SERVLET_REQUEST, new MockHttpServletRequest(ipaddress));
+    }
+    private MockMessageContext ctx = new MockMessageContext();
+
+    @Override
+    public MessageContext getMessageContext() {
+        return ctx;
+    }
+
+    @Override
+    public Principal getUserPrincipal() {
+        return null;
+    }
+
+    @Override
+    public boolean isUserInRole(String role) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public EndpointReference getEndpointReference(Element... referenceParameters) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+
+    @Override
+    public <T extends EndpointReference> T getEndpointReference(Class<T> clazz, Element... referenceParameters) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+}

Modified: juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-3des.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-3des.xml?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-3des.xml (original)
+++ juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-3des.xml Tue Nov  5 03:18:15 2013
@@ -139,7 +139,9 @@
 				<Timeout>15</Timeout>
 				<!-- As of 3.1.5 Duration of time for tokens to expire, regardless of inactivity -->
 				<Expiration>15</Expiration>
-			</token>
+                                <!-- As of 3.2, when set to true, tokens can only be used from the same IP address they were issued to -->
+                                <enforceSameIPRule>true</enforceSameIPRule>
+                        </token>
 		</auth>
 
 

Modified: juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes128.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes128.xml?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes128.xml (original)
+++ juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes128.xml Tue Nov  5 03:18:15 2013
@@ -135,7 +135,9 @@
 				<Timeout>15</Timeout>
 				<!-- As of 3.1.5 Duration of time for tokens to expire, regardless of inactivity -->
 				<Expiration>15</Expiration>
-			</token>
+                                <!-- As of 3.2, when set to true, tokens can only be used from the same IP address they were issued to -->
+                                <enforceSameIPRule>true</enforceSameIPRule>
+                        </token>
 		</auth>
 
 

Modified: juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes256.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes256.xml?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes256.xml (original)
+++ juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-aes256.xml Tue Nov  5 03:18:15 2013
@@ -142,6 +142,8 @@
 				<Timeout>15</Timeout>
 				<!-- As of 3.1.5 Duration of time for tokens to expire, regardless of inactivity -->
 				<Expiration>15</Expiration>
+                                <!-- As of 3.2, when set to true, tokens can only be used from the same IP address they were issued to -->
+                                <enforceSameIPRule>true</enforceSameIPRule>
 			</token>
 		</auth>
 

Modified: juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-default.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-default.xml?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-default.xml (original)
+++ juddi/trunk/juddi-core/src/test/resources/juddiv3-enc-default.xml Tue Nov  5 03:18:15 2013
@@ -139,6 +139,8 @@
 				<Timeout>15</Timeout>
 				<!-- As of 3.1.5 Duration of time for tokens to expire, regardless of inactivity -->
 				<Expiration>15</Expiration>
+                                <!-- As of 3.2, when set to true, tokens can only be used from the same IP address they were issued to -->
+                                <enforceSameIPRule>true</enforceSameIPRule>
 			</token>
 		</auth>
 

Modified: juddi/trunk/juddi-core/src/test/resources/juddiv3.xml
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/resources/juddiv3.xml?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/test/resources/juddiv3.xml (original)
+++ juddi/trunk/juddi-core/src/test/resources/juddiv3.xml Tue Nov  5 03:18:15 2013
@@ -125,9 +125,11 @@
 				org.apache.juddi.v3.auth.XMLDocAuthenticator - XML doc, clear text
 				org.apache.juddi.v3.auth.CryptedXMLDocAuthenticator - XML doc, encrypted
 				org.apache.juddi.v3.auth.MD5XMLDocAuthenticator - XML doc, Hashed
+                                
+                                See also, the Jboss Authenticator
 				-->
 				<class>org.apache.juddi.v3.auth.JUDDIAuthenticator</class>
-				<!-- other settings
+				<!-- other settings (mostly used by Ldap based auth mods
 				url
 				initialcontext
 				style
@@ -140,6 +142,8 @@
 				<Timeout>15</Timeout>
 				<!-- As of 3.1.5 Duration of time for tokens to expire, regardless of inactivity -->
 				<Expiration>15</Expiration>
+                                <!-- As of 3.2, when set to true, tokens can only be used from the same IP address they were issued to -->
+                                <enforceSameIPRule>true</enforceSameIPRule>
 			</token>
 		</auth>
 

Modified: juddi/trunk/uddi-tck-base/src/main/java/org/apache/juddi/v3/tck/TckBusiness.java
URL: http://svn.apache.org/viewvc/juddi/trunk/uddi-tck-base/src/main/java/org/apache/juddi/v3/tck/TckBusiness.java?rev=1538859&r1=1538858&r2=1538859&view=diff
==============================================================================
--- juddi/trunk/uddi-tck-base/src/main/java/org/apache/juddi/v3/tck/TckBusiness.java (original)
+++ juddi/trunk/uddi-tck-base/src/main/java/org/apache/juddi/v3/tck/TckBusiness.java Tue Nov  5 03:18:15 2013
@@ -113,7 +113,7 @@ public class TckBusiness 
         }
         
 	public void saveJoePublisherBusiness(String authInfoJoe) {
-		saveBusiness(authInfoJoe, JOE_BUSINESS_XML, JOE_BUSINESS_KEY, true);
+		saveBusiness(authInfoJoe, JOE_BUSINESS_XML, JOE_BUSINESS_KEY, false);
     }
 	
 	public void saveCombineCatBagsPublisherBusiness(String authInfoJoe) {
@@ -285,7 +285,7 @@ public class TckBusiness 
         }
         
         public void saveBusiness(String authInfo, String businessXML, String businessKey) {
-            saveBusiness(authInfo, businessXML, businessKey, true);
+            saveBusiness(authInfo, businessXML, businessKey, false);
         }
 	public void saveBusiness(String authInfo, String businessXML, String businessKey, boolean serialize) {
             logger.info("attempting to save business " + businessKey + " from " + businessXML);



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@juddi.apache.org
For additional commands, e-mail: commits-help@juddi.apache.org


Mime
View raw message