servicemix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gno...@apache.org
Subject svn commit: r413898 - in /incubator/servicemix/trunk/servicemix-core/src: main/java/org/apache/servicemix/jbi/security/ main/java/org/apache/servicemix/jbi/security/acl/ main/java/org/apache/servicemix/jbi/security/acl/impl/ main/java/org/apache/servic...
Date Tue, 13 Jun 2006 14:04:19 GMT
Author: gnodet
Date: Tue Jun 13 07:04:17 2006
New Revision: 413898

URL: http://svn.apache.org/viewvc?rev=413898&view=rev
Log:
Security refactoring and improvement:
  * add an AuthenticationService interface to authenticate users based on credentials
  * add a KeystoreManager to perform operations on KeyStore having a single location for configuration and passwords (based on geronimo-security)
  * add a CertificatesLoginModule (based on geronimo-security)
  * move classes to more specialized packages

Added:
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/AuthorizationMap.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/AuthorizationEntry.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/DefaultAuthorizationMap.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/AuthenticationService.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/impl/
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/impl/JAASAuthenticationService.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeyIsLocked.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreInstance.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreIsLocked.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreManager.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/BaseKeystoreManager.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/FileKeystoreInstance.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificateCallback.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificatesLoginModule.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/PropertiesLoginModule.java
    incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/FileKeystoreManagerTest.java
    incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/privatestore.jks   (with props)
Removed:
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/AuthorizationEntry.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/AuthorizationMap.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/DefaultAuthorizationMap.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/PropertiesLoginModule.java
Modified:
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/GroupPrincipal.java
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java
    incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SecuredBrokerTest.java
    incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/login.properties

Modified: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/GroupPrincipal.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/GroupPrincipal.java?rev=413898&r1=413897&r2=413898&view=diff
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/GroupPrincipal.java (original)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/GroupPrincipal.java Tue Jun 13 07:04:17 2006
@@ -19,7 +19,10 @@
 
 
 /**
- * 
+ * This principal represents a group against which authorizations are
+ * usually checked.
+ *  
+ * @version $Rev: $ $Date: $
  */
 public class GroupPrincipal implements Principal {
 

Modified: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java?rev=413898&r1=413897&r2=413898&view=diff
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java (original)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java Tue Jun 13 07:04:17 2006
@@ -25,6 +25,7 @@
 
 import org.apache.servicemix.jbi.messaging.MessageExchangeImpl;
 import org.apache.servicemix.jbi.nmr.DefaultBroker;
+import org.apache.servicemix.jbi.security.acl.AuthorizationMap;
 
 /**
  * 

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/AuthorizationMap.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/AuthorizationMap.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/AuthorizationMap.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/AuthorizationMap.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,26 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.acl;
+
+import java.util.Set;
+
+import javax.jbi.servicedesc.ServiceEndpoint;
+
+public interface AuthorizationMap {
+
+    Set getAcls(ServiceEndpoint endpoint);
+    
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/AuthorizationEntry.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/AuthorizationEntry.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/AuthorizationEntry.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/AuthorizationEntry.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,155 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.acl.impl;
+
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+import java.util.StringTokenizer;
+
+import javax.xml.XMLConstants;
+import javax.xml.namespace.QName;
+
+import org.apache.servicemix.jbi.security.GroupPrincipal;
+
+/**
+ * 
+ * @author gnodet
+ * @org.apache.xbean.XBean 
+ */
+public class AuthorizationEntry {
+    
+    /**
+     * Add the roles to the ACLs list
+     */
+    public static final String TYPE_ADD = "add";
+    /**
+     * Set the ACLs to the given roles
+     */
+    public static final String TYPE_SET = "set";
+    /**
+     * Remove the given roles from the ACLs list
+     */
+    public static final String TYPE_REM = "rem";
+
+    private Set acls;
+    private QName service;
+    private String endpoint;
+    private String type = TYPE_ADD;
+
+    public AuthorizationEntry() {
+    }
+    
+    public AuthorizationEntry(QName service, String endpoint, String roles) {
+        this.service = service;
+        this.endpoint = endpoint;
+        setRoles(roles);
+    }
+    
+    public AuthorizationEntry(QName service, String endpoint, String roles, String type) {
+        this.service = service;
+        this.endpoint = endpoint;
+        setRoles(roles);
+        this.type = type;
+    }
+    
+    /**
+     * @return the type
+     */
+    public String getType() {
+        return type;
+    }
+
+    /**
+     * @param type the type to set
+     */
+    public void setType(String type) {
+        this.type = type;
+    }
+
+    /**
+     * @return the endpoint
+     */
+    public String getEndpoint() {
+        return endpoint;
+    }
+
+    /**
+     * @param endpoint the endpoint to set
+     */
+    public void setEndpoint(String endpoint) {
+        this.endpoint = endpoint;
+    }
+
+    /**
+     * @return the service
+     */
+    public QName getService() {
+        return service;
+    }
+
+    /**
+     * @param service the service to set
+     */
+    public void setService(QName service) {
+        // Hack a bit to support wildcards
+        // If the attribute was service="*:*", then the namespace is not found, but the prefix is set
+        if (XMLConstants.NULL_NS_URI.equals(service.getNamespaceURI()) &&
+            service.getPrefix() != null && service.getPrefix().length() > 0) {
+            service = new QName(service.getPrefix(), service.getLocalPart());
+        }
+        this.service = service;
+    }
+
+    /**
+     * @return the acls
+     */
+    public Set getAcls() {
+        return acls;
+    }
+
+    /**
+     * @param acls the acls to set
+     */
+    public void setAcls(Set acls) {
+        this.acls = acls;
+    }
+    
+    public void setRoles(String roles) {
+        this.acls = new HashSet();
+        StringTokenizer iter = new StringTokenizer(roles, ",");
+        while (iter.hasMoreTokens()) {
+            String name = iter.nextToken().trim();
+            this.acls.add(new GroupPrincipal(name));
+        }
+    }
+    
+    public String getRoles() {
+        StringBuffer sb = new StringBuffer();
+        for (Iterator iter = this.acls.iterator(); iter.hasNext();) {
+            GroupPrincipal p = (GroupPrincipal) iter.next();
+            sb.append(p);
+            if (iter.hasNext()) {
+                sb.append(",");
+            }
+        }
+        return sb.toString();
+    }
+    
+    public String toString() {
+        return "AuthorizationEntry[service=" + service + ", endpoint=" + endpoint + ", roles=" + getRoles() + "]";
+    }
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/DefaultAuthorizationMap.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/DefaultAuthorizationMap.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/DefaultAuthorizationMap.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/acl/impl/DefaultAuthorizationMap.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.acl.impl;
+
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+import java.util.regex.Pattern;
+
+import javax.jbi.servicedesc.ServiceEndpoint;
+import javax.xml.namespace.QName;
+
+import org.apache.servicemix.jbi.security.acl.AuthorizationMap;
+
+
+/**
+ * 
+ * @author gnodet
+ * @org.apache.xbean.XBean element="authorizationMap"
+ */
+public class DefaultAuthorizationMap implements AuthorizationMap {
+
+    private AuthorizationEntry defaultEntry;
+    private List authorizationEntries;
+
+    public DefaultAuthorizationMap() {
+    }
+    
+    public DefaultAuthorizationMap(List authorizationEntries) {
+        this.authorizationEntries = authorizationEntries;
+    }
+    
+    /**
+     * @return the authorizationEntries
+     */
+    public List getAuthorizationEntries() {
+        return authorizationEntries;
+    }
+
+    /**
+     * @param authorizationEntries the authorizationEntries to set
+     * @org.apache.xbean.ElementType class="org.apache.servicemix.jbi.security.AuthorizationEntry"
+     */
+    public void setAuthorizationEntries(List authorizationEntries) {
+        this.authorizationEntries = authorizationEntries;
+    }
+
+    /**
+     * @return the defaultEntry
+     */
+    public AuthorizationEntry getDefaultEntry() {
+        return defaultEntry;
+    }
+
+    /**
+     * @param defaultEntry the defaultEntry to set
+     */
+    public void setDefaultEntry(AuthorizationEntry defaultEntry) {
+        this.defaultEntry = defaultEntry;
+    }
+
+    public Set getAcls(ServiceEndpoint endpoint) {
+        Set acls = new HashSet();
+        if (defaultEntry != null) {
+            acls.add(defaultEntry);
+        }
+        for (Iterator iter = authorizationEntries.iterator(); iter.hasNext();) {
+            AuthorizationEntry entry = (AuthorizationEntry) iter.next();
+            if (match(entry, endpoint)) {
+                if (AuthorizationEntry.TYPE_ADD.equalsIgnoreCase(entry.getType())) {
+                    acls.addAll(entry.getAcls());
+                } else if (AuthorizationEntry.TYPE_SET.equalsIgnoreCase(entry.getType())) {
+                    acls.clear();
+                    acls.addAll(entry.getAcls());
+                } else if (AuthorizationEntry.TYPE_REM.equalsIgnoreCase(entry.getType())) {
+                    acls.removeAll(entry.getAcls());
+                }
+            }
+        }
+        return acls;
+    }
+
+    protected boolean match(AuthorizationEntry entry, ServiceEndpoint endpoint) {
+        return match(entry.getService(), endpoint.getServiceName()) &&
+               match(entry.getEndpoint(), endpoint.getEndpointName());
+    }
+
+    private boolean match(QName acl, QName target) {
+        return match(acl.getNamespaceURI(), target.getNamespaceURI()) &&
+               match(acl.getLocalPart(), target.getLocalPart());
+    }
+
+    private boolean match(String acl, String target) {
+        return acl == null ||
+               acl.equals("*") ||
+               Pattern.matches(acl, target);
+    }
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/AuthenticationService.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/AuthenticationService.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/AuthenticationService.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/AuthenticationService.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.auth;
+
+import java.security.GeneralSecurityException;
+
+import javax.security.auth.Subject;
+
+/**
+ * Interface for the authentication service.
+ * 
+ * @version $Rev: $ $Date: $
+ */
+public interface AuthenticationService {
+
+    /**
+     * Authenticate a user given its name and credentials.
+     * Upon sucessfull completion, the subject should be populated
+     * with the user known principals.
+     * 
+     * @param subject the subject to populate
+     * @param domain the security domain to use
+     * @param user the user name
+     * @param credentials the user credntials
+     * @throws GeneralSecurityException if the user can not be authenticated
+     */
+    void authenticate(Subject subject, String domain, String user, Object credentials) throws GeneralSecurityException;
+    
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/impl/JAASAuthenticationService.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/impl/JAASAuthenticationService.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/impl/JAASAuthenticationService.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/auth/impl/JAASAuthenticationService.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.auth.impl;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.security.cert.X509Certificate;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+
+import org.apache.servicemix.jbi.security.auth.AuthenticationService;
+import org.apache.servicemix.jbi.security.login.CertificateCallback;
+
+/**
+ * Implementation of the authentication service using JAAS. 
+ *  
+ * @version $Rev: $ $Date: $
+ */
+public class JAASAuthenticationService implements AuthenticationService {
+
+    public void authenticate(Subject subject,
+                             String domain,
+                             final String user, 
+                             final Object credentials) throws GeneralSecurityException {
+        LoginContext loginContext = new LoginContext(domain, subject, new CallbackHandler() {
+            public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+                for (int i = 0; i < callbacks.length; i++) {
+                    if (callbacks[i] instanceof NameCallback) {
+                        ((NameCallback) callbacks[i]).setName(user);
+                    } else if (callbacks[i] instanceof PasswordCallback && credentials instanceof String) {
+                        ((PasswordCallback) callbacks[i]).setPassword(((String) credentials).toCharArray());
+                    } else if (callbacks[i] instanceof CertificateCallback && credentials instanceof X509Certificate) {
+                        ((CertificateCallback) callbacks[i]).setCertificate((X509Certificate) credentials);
+                    } else {
+                        throw new UnsupportedCallbackException(callbacks[i]);
+                    }
+                }
+            }
+        });
+        loginContext.login();
+    }
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeyIsLocked.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeyIsLocked.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeyIsLocked.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeyIsLocked.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.keystore;
+
+import java.security.GeneralSecurityException;
+
+public class KeyIsLocked extends GeneralSecurityException {
+
+    public KeyIsLocked() {
+        super();
+    }
+
+    public KeyIsLocked(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public KeyIsLocked(String msg) {
+        super(msg);
+    }
+
+    public KeyIsLocked(Throwable cause) {
+        super(cause);
+    }
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreInstance.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreInstance.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreInstance.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreInstance.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.keystore;
+
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.TrustManager;
+
+/**
+ * Based on http://svn.apache.org/repos/asf/geronimo/trunk/modules/management/src/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
+ * 
+ * @version $Rev: $ $Date: $
+ */
+public interface KeystoreInstance {
+
+    String getName();
+
+    String[] listPrivateKeys();
+
+    String[] listTrustCertificates();
+
+    Certificate getCertificate(String alias);
+
+    String getCertificateAlias(Certificate cert);
+
+    Certificate[] getCertificateChain(String alias);
+
+    PrivateKey getPrivateKey(String alias);
+
+    boolean isKeystoreLocked();
+
+    boolean isKeyLocked(String keyAlias);
+
+    KeyManager[] getKeyManager(String algorithm, String keyAlias) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeystoreIsLocked, KeystoreIsLocked;
+
+    TrustManager[] getTrustManager(String algorithm) throws KeyStoreException, NoSuchAlgorithmException, KeystoreIsLocked;
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreIsLocked.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreIsLocked.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreIsLocked.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreIsLocked.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.keystore;
+
+import java.security.GeneralSecurityException;
+
+public class KeystoreIsLocked extends GeneralSecurityException {
+
+    public KeystoreIsLocked() {
+        super();
+    }
+
+    public KeystoreIsLocked(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public KeystoreIsLocked(String msg) {
+        super(msg);
+    }
+
+    public KeystoreIsLocked(Throwable cause) {
+        super(cause);
+    }
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreManager.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreManager.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreManager.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreManager.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.keystore;
+
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.UnrecoverableKeyException;
+
+import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLSocketFactory;
+
+/**
+ * Based on http://svn.apache.org/repos/asf/geronimo/trunk/modules/management/src/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
+ * 
+ * @version $Rev: $ $Date: $
+ */
+public interface KeystoreManager {
+
+    KeystoreInstance getKeystore(String name);
+    
+    /**
+     * Gets a ServerSocketFactory using one Keystore to access the private key
+     * and another to provide the list of trusted certificate authorities.
+     * @param provider
+     * @param protocol The SSL protocol to use
+     * @param algorithm The SSL algorithm to use
+     * @param keyStore The key keystore name as provided by listKeystores.  The
+     *                 KeystoreInstance for this keystore must be unlocked.
+     * @param keyAlias The name of the private key in the keystore.  The
+     *                 KeystoreInstance for this keystore must have unlocked
+     *                 this key.
+     * @param trustStore The trust keystore name as provided by listKeystores.
+     *                   The KeystoreInstance for this keystore must have
+     *                   unlocked this key.
+     * @param loader     The class loader used to resolve factory classes.
+     *
+     * @throws KeystoreIsLocked Occurs when the requested key keystore cannot
+     *                          be used because it has not been unlocked.
+     * @throws KeyIsLocked Occurs when the requested private key in the key
+     *                     keystore cannot be used because it has not been
+     *                     unlocked.
+     */
+    public SSLServerSocketFactory createSSLServerFactory(
+                                        String provider,
+                                        String protocol, 
+                                        String algorithm,
+                                        String keyStore, 
+                                        String keyAlias, 
+                                        String trustStore)
+            throws KeystoreIsLocked, KeyIsLocked, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException, NoSuchProviderException;
+
+    /**
+     * Gets a SocketFactory using one Keystore to access the private key
+     * and another to provide the list of trusted certificate authorities.
+     * @param provider The SSL provider to use, or null for the default
+     * @param protocol The SSL protocol to use
+     * @param algorithm The SSL algorithm to use
+     * @param keyStore The key keystore name as provided by listKeystores.  The
+     *                 KeystoreInstance for this keystore must be unlocked.
+     * @param keyAlias The name of the private key in the keystore.  The
+     *                 KeystoreInstance for this keystore must have unlocked
+     *                 this key.
+     * @param trustStore The trust keystore name as provided by listKeystores.
+     *                   The KeystoreInstance for this keystore must have
+     *                   unlocked this key.
+     * @param loader     The class loader used to resolve factory classes.
+     *
+     * @throws KeystoreIsLocked Occurs when the requested key keystore cannot
+     *                          be used because it has not been unlocked.
+     * @throws KeyIsLocked Occurs when the requested private key in the key
+     *                     keystore cannot be used because it has not been
+     *                     unlocked.
+     */
+    public SSLSocketFactory createSSLFactory(
+                                        String provider, 
+                                        String protocol, 
+                                        String algorithm,
+                                        String keyStore, 
+                                        String keyAlias, 
+                                        String trustStore)
+            throws KeystoreIsLocked, KeyIsLocked, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException, NoSuchProviderException;
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/BaseKeystoreManager.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/BaseKeystoreManager.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/BaseKeystoreManager.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/BaseKeystoreManager.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,260 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.keystore.impl;
+
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.SecureRandom;
+import java.security.UnrecoverableKeyException;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLSocketFactory;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.servicemix.jbi.security.keystore.KeyIsLocked;
+import org.apache.servicemix.jbi.security.keystore.KeystoreInstance;
+import org.apache.servicemix.jbi.security.keystore.KeystoreIsLocked;
+import org.apache.servicemix.jbi.security.keystore.KeystoreManager;
+
+/**
+ * 
+ * @org.apache.xbean.XBean element="keystoreManager"
+ *
+ */
+public class BaseKeystoreManager implements KeystoreManager {
+
+    protected final Log log = LogFactory.getLog(getClass());
+    
+    protected KeystoreInstance[] keystores;
+
+    /**
+     * @return the keystores
+     */
+    public KeystoreInstance[] getKeystores() {
+        return keystores;
+    }
+
+    /**
+     * @param keystores the keystores to set
+     */
+    public void setKeystores(KeystoreInstance[] keystores) {
+        this.keystores = keystores;
+    }
+
+    /**
+     * Gets a SocketFactory using one Keystore to access the private key and
+     * another to provide the list of trusted certificate authorities.
+     * 
+     * @param provider
+     *            The SSL provider to use, or null for the default
+     * @param protocol
+     *            The SSL protocol to use
+     * @param algorithm
+     *            The SSL algorithm to use
+     * @param keyStore
+     *            The key keystore name as provided by listKeystores. The
+     *            KeystoreInstance for this keystore must be unlocked.
+     * @param keyAlias
+     *            The name of the private key in the keystore. The
+     *            KeystoreInstance for this keystore must have unlocked this
+     *            key.
+     * @param trustStore
+     *            The trust keystore name as provided by listKeystores. The
+     *            KeystoreInstance for this keystore must have unlocked this
+     *            key.
+     * @param loader
+     *            The class loader used to resolve factory classes.
+     * 
+     * @return A created SSLSocketFactory item created from the KeystoreManager.
+     * @throws KeystoreIsLocked
+     *             Occurs when the requested key keystore cannot be used because
+     *             it has not been unlocked.
+     * @throws KeyIsLocked
+     *             Occurs when the requested private key in the key keystore
+     *             cannot be used because it has not been unlocked.
+     * @throws NoSuchAlgorithmException
+     * @throws UnrecoverableKeyException
+     * @throws KeyStoreException
+     * @throws KeyManagementException
+     * @throws NoSuchProviderException
+     */
+    public SSLSocketFactory createSSLFactory(
+                                String provider, 
+                                String protocol, 
+                                String algorithm, 
+                                String keyStore,
+                                String keyAlias, 
+                                String trustStore) throws KeystoreIsLocked, KeyIsLocked,
+                    NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException,
+                    NoSuchProviderException {
+        // the keyStore is optional.
+        KeystoreInstance keyInstance = null;
+        if (keyStore != null) {
+            keyInstance = getKeystore(keyStore);
+            if (keyInstance.isKeystoreLocked()) {
+                throw new KeystoreIsLocked("Keystore '" + keyStore
+                                + "' is locked; please use the keystore page in the admin console to unlock it");
+            }
+            if (keyInstance.isKeyLocked(keyAlias)) {
+                throw new KeystoreIsLocked("Key '" + keyAlias + "' in keystore '" + keyStore
+                                + "' is locked; please use the keystore page in the admin console to unlock it");
+            }
+        }
+        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore);
+        if (trustInstance != null && trustInstance.isKeystoreLocked()) {
+            throw new KeystoreIsLocked("Keystore '" + trustStore
+                            + "' is locked; please use the keystore page in the admin console to unlock it");
+        }
+
+        // OMG this hurts, but it causes ClassCastExceptions elsewhere unless
+        // done this way!
+        try {
+            /*
+            Class cls = loader.loadClass("javax.net.ssl.SSLContext");
+            Object ctx = cls.getMethod("getInstance", new Class[] { String.class }).invoke(null,
+                            new Object[] { protocol });
+            Class kmc = loader.loadClass("[Ljavax.net.ssl.KeyManager;");
+            Class tmc = loader.loadClass("[Ljavax.net.ssl.TrustManager;");
+            Class src = loader.loadClass("java.security.SecureRandom");
+            cls.getMethod("init", new Class[] { kmc, tmc, src }).invoke(
+                            ctx,
+                            new Object[] { keyInstance == null ? null : keyInstance.getKeyManager(algorithm, keyAlias),
+                                            trustInstance == null ? null : trustInstance.getTrustManager(algorithm),
+                                            new java.security.SecureRandom() });
+            Object result = cls.getMethod("getSocketFactory", new Class[0]).invoke(ctx, new Object[0]);
+            return (SSLSocketFactory) result;
+            */
+            SSLContext context;
+            if (provider == null) {
+                context = SSLContext.getInstance(protocol);
+            } else {
+                context= SSLContext.getInstance(protocol, provider);
+            }
+            context.init(keyInstance == null ? null : keyInstance.getKeyManager(algorithm, keyAlias), 
+                         trustInstance == null ? null : trustInstance.getTrustManager(algorithm), 
+                                         new SecureRandom());
+            return context.getSocketFactory();
+        } catch (Exception e) {
+            log.error("Unable to dynamically load", e);
+            return null;
+        }
+    }
+
+    /**
+     * Gets a ServerSocketFactory using one Keystore to access the private key
+     * and another to provide the list of trusted certificate authorities.
+     * 
+     * @param provider
+     *            The SSL provider to use, or null for the default
+     * @param protocol
+     *            The SSL protocol to use
+     * @param algorithm
+     *            The SSL algorithm to use
+     * @param keyStore
+     *            The key keystore name as provided by listKeystores. The
+     *            KeystoreInstance for this keystore must be unlocked.
+     * @param keyAlias
+     *            The name of the private key in the keystore. The
+     *            KeystoreInstance for this keystore must have unlocked this
+     *            key.
+     * @param trustStore
+     *            The trust keystore name as provided by listKeystores. The
+     *            KeystoreInstance for this keystore must have unlocked this
+     *            key.
+     * @param loader
+     *            The class loader used to resolve factory classes.
+     * 
+     * @throws KeystoreIsLocked
+     *             Occurs when the requested key keystore cannot be used because
+     *             it has not been unlocked.
+     * @throws KeyIsLocked
+     *             Occurs when the requested private key in the key keystore
+     *             cannot be used because it has not been unlocked.
+     */
+    public SSLServerSocketFactory createSSLServerFactory(
+                                String provider, 
+                                String protocol, 
+                                String algorithm,
+                                String keyStore, 
+                                String keyAlias, 
+                                String trustStore) throws KeystoreIsLocked,
+                    KeyIsLocked, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException,
+                    KeyManagementException, NoSuchProviderException {
+        KeystoreInstance keyInstance = getKeystore(keyStore);
+        if (keyInstance.isKeystoreLocked()) {
+            throw new KeystoreIsLocked("Keystore '" + keyStore
+                            + "' is locked; please use the keystore page in the admin console to unlock it");
+        }
+        if (keyInstance.isKeyLocked(keyAlias)) {
+            throw new KeystoreIsLocked("Key '" + keyAlias + "' in keystore '" + keyStore
+                            + "' is locked; please use the keystore page in the admin console to unlock it");
+        }
+        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore);
+        if (trustInstance != null && trustInstance.isKeystoreLocked()) {
+            throw new KeystoreIsLocked("Keystore '" + trustStore
+                            + "' is locked; please use the keystore page in the admin console to unlock it");
+        }
+
+        // OMG this hurts, but it causes ClassCastExceptions elsewhere unless
+        // done this way!
+        try {
+            /*
+            Class cls = loader.loadClass("javax.net.ssl.SSLContext");
+            Object ctx = cls.getMethod("getInstance", new Class[] { String.class }).invoke(null,
+                            new Object[] { protocol });
+            Class kmc = loader.loadClass("[Ljavax.net.ssl.KeyManager;");
+            Class tmc = loader.loadClass("[Ljavax.net.ssl.TrustManager;");
+            Class src = loader.loadClass("java.security.SecureRandom");
+            cls.getMethod("init", new Class[] { kmc, tmc, src }).invoke(
+                            ctx,
+                            new Object[] { keyInstance.getKeyManager(algorithm, keyAlias),
+                                            trustInstance == null ? null : trustInstance.getTrustManager(algorithm),
+                                            new java.security.SecureRandom() });
+            Object result = cls.getMethod("getServerSocketFactory", new Class[0]).invoke(ctx, new Object[0]);
+            return (SSLServerSocketFactory) result;
+            */
+            SSLContext context;
+            if (provider == null) {
+                context = SSLContext.getInstance(protocol);
+            } else {
+                context= SSLContext.getInstance(protocol, provider);
+            }
+            context.init(keyInstance == null ? null : keyInstance.getKeyManager(algorithm, keyAlias), 
+                         trustInstance == null ? null : trustInstance.getTrustManager(algorithm), 
+                                         new SecureRandom());
+            return context.getServerSocketFactory();
+        } catch (Exception e) {
+            log.error("Unable to dynamically load", e);
+            return null;
+        }
+    }
+
+    public KeystoreInstance getKeystore(String name) {
+        if (keystores != null) {
+            for (int i = 0; i < keystores.length; i++) {
+                if (name.equals(keystores[i].getName())) {
+                    return keystores[i];
+                }
+            }
+        }
+        return null;
+    }
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/FileKeystoreInstance.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/FileKeystoreInstance.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/FileKeystoreInstance.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/impl/FileKeystoreInstance.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,252 @@
+package org.apache.servicemix.jbi.security.keystore.impl;
+
+import java.io.BufferedInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.servicemix.jbi.security.keystore.KeystoreInstance;
+import org.apache.servicemix.jbi.security.keystore.KeystoreIsLocked;
+import org.springframework.core.io.Resource;
+
+/**
+ * 
+ * @org.apache.xbean.XBean element="keystore"
+ */
+public class FileKeystoreInstance implements KeystoreInstance {
+
+    private static final Log log = LogFactory.getLog(FileKeystoreInstance.class);
+    private final static String JKS = "JKS";
+    
+    private Resource path;
+    private String name;
+    private String keystorePassword;
+    private Map keyPasswords = new HashMap();
+    private File keystoreFile; // Only valid after startup
+    
+    // The following variables are the state of the keystore, which should be chucked if the file on disk changes
+    private List privateKeys = new ArrayList();
+    private List trustCerts = new ArrayList();
+    private KeyStore keystore;
+    private long keystoreReadDate = Long.MIN_VALUE;
+    
+    /**
+     * @param keyPasswords the keyPasswords to set
+     */
+    public void setKeyPasswords(String keyPasswords) {
+        if (keyPasswords != null) {
+            String[] keys = keyPasswords.split("\\]\\!\\[");
+            for (int i = 0; i < keys.length; i++) {
+                String key = keys[i];
+                int pos = key.indexOf('=');
+                this.keyPasswords.put(key.substring(0, pos), key.substring(pos+1).toCharArray());
+            }
+        }
+    }
+
+    /**
+     * @return the keystoreName
+     */
+    public String getName() {
+        return name;
+    }
+
+    /**
+     * @param keystoreName the keystoreName to set
+     */
+    public void setName(String keystoreName) {
+        this.name = keystoreName;
+    }
+
+    /**
+     * @param keystorePassword the keystorePassword to set
+     */
+    public void setKeystorePassword(String keystorePassword) {
+        this.keystorePassword = keystorePassword;
+    }
+
+    /**
+     * @return the keystorePath
+     */
+    public Resource getPath() {
+        return path;
+    }
+
+    /**
+     * @param keystorePath the keystorePath to set
+     */
+    public void setPath(Resource keystorePath) throws IOException {
+        this.path = keystorePath;
+        this.keystoreFile = keystorePath.getFile();
+    }
+
+    public Certificate getCertificate(String alias) {
+        if (!loadKeystoreData()) {
+            return null;
+        }
+        try {
+            return keystore.getCertificate(alias);
+        } catch (KeyStoreException e) {
+            log.error("Unable to read certificate from keystore", e);
+        }
+        return null;
+    }
+
+    public String getCertificateAlias(Certificate cert) {
+        if (!loadKeystoreData()) {
+            return null;
+        }
+        try {
+            return keystore.getCertificateAlias(cert);
+        } catch (KeyStoreException e) {
+            log.error("Unable to read retrieve alias for given certificate from keystore", e);
+        }
+        return null;
+    }
+
+    public Certificate[] getCertificateChain(String alias) {
+        if (!loadKeystoreData()) {
+            return null;
+        }
+        try {
+            return keystore.getCertificateChain(alias);
+        } catch (KeyStoreException e) {
+            log.error("Unable to read certificate chain from keystore", e);
+        }
+        return null;
+    }
+
+    public KeyManager[] getKeyManager(String algorithm, String keyAlias) throws KeystoreIsLocked, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
+        if(isKeystoreLocked()) {
+            throw new KeystoreIsLocked("Keystore '"+name+"' is locked; please unlock it in the console.");
+        }
+        if(keystore == null || keystoreReadDate < keystoreFile.lastModified()) {
+            loadKeystoreData();
+        }
+        KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(algorithm);
+        keyFactory.init(keystore, (char[]) keyPasswords.get(keyAlias));
+        return keyFactory.getKeyManagers();
+    }
+
+    public PrivateKey getPrivateKey(String alias) {
+        if (!loadKeystoreData()) {
+            return null;
+        }
+        try {
+            if (isKeyLocked(alias)) {
+                return null;
+            }
+            Key key = keystore.getKey(alias, (char[]) keyPasswords.get(alias));
+            if (key instanceof PrivateKey) {
+                return (PrivateKey) key;
+            }
+        } catch (KeyStoreException e) {
+            log.error("Unable to read private key from keystore", e);
+        } catch (NoSuchAlgorithmException e) {
+            log.error("Unable to read private key from keystore", e);
+        } catch (UnrecoverableKeyException e) {
+            log.error("Unable to read private key from keystore", e);
+        }
+        return null;
+    }
+
+    public TrustManager[] getTrustManager(String algorithm) throws KeyStoreException, NoSuchAlgorithmException, KeystoreIsLocked {
+        if(isKeystoreLocked()) {
+            throw new KeystoreIsLocked("Keystore '"+name+"' is locked; please unlock it in the console.");
+        }
+        if (!loadKeystoreData()) {
+            return null;
+        }
+        TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(algorithm);
+        trustFactory.init(keystore);
+        return trustFactory.getTrustManagers();
+    }
+
+    public boolean isKeyLocked(String keyAlias) {
+        return keyPasswords.get(keyAlias) == null;
+    }
+
+    public boolean isKeystoreLocked() {
+        return keystorePassword == null;
+    }
+
+    public String[] listPrivateKeys() {
+        if (!loadKeystoreData()) {
+            return null;
+        }
+        return (String[]) privateKeys.toArray(new String[privateKeys.size()]);
+    }
+
+    public String[] listTrustCertificates() {
+        if (!loadKeystoreData()) {
+            return null;
+        }
+        return (String[]) trustCerts.toArray(new String[trustCerts.size()]);
+    }
+
+    // ==================== Internals =====================
+
+    private boolean loadKeystoreData() {
+        if (keystoreFile == null) {
+            throw new IllegalArgumentException("keystorePath not set");
+        }
+        if (keystoreReadDate >= keystoreFile.lastModified()) {
+            return true;
+        }
+        if (!keystoreFile.exists() || !keystoreFile.canRead()) {
+            throw new IllegalArgumentException("Invalid keystore file (" + path + " = " + keystoreFile.getAbsolutePath() + ")");
+        }
+        try {
+            keystoreReadDate = System.currentTimeMillis();
+            privateKeys.clear();
+            trustCerts.clear();
+            if(keystore == null) {
+                keystore = KeyStore.getInstance(JKS);
+            }
+            InputStream in = new BufferedInputStream(new FileInputStream(keystoreFile));
+            keystore.load(in, keystorePassword == null ? new char[0] : keystorePassword.toCharArray());
+            in.close();
+            Enumeration aliases = keystore.aliases();
+            while (aliases.hasMoreElements()) {
+                String alias = (String) aliases.nextElement();
+                if (keystore.isKeyEntry(alias)) {
+                    privateKeys.add(alias);
+                } else if (keystore.isCertificateEntry(alias)) {
+                    trustCerts.add(alias);
+                }
+            }
+            return true;
+        } catch (KeyStoreException e) {
+            log.error("Unable to open keystore with provided password", e);
+        } catch (IOException e) {
+            log.error("Unable to open keystore with provided password", e);
+        } catch (NoSuchAlgorithmException e) {
+            log.error("Unable to open keystore with provided password", e);
+        } catch (CertificateException e) {
+            log.error("Unable to open keystore with provided password", e);
+        }
+        return false;
+    }
+
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificateCallback.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificateCallback.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificateCallback.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificateCallback.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.login;
+
+import java.security.cert.X509Certificate;
+
+import javax.security.auth.callback.Callback;
+
+/**
+ * A callback to retrieve an X509Certificate.
+ * This class is mainly used from the related login module.
+ * 
+ * @see CertificatesLoginModule
+ * @version $Rev: $ $Date: $
+ */
+public class CertificateCallback implements Callback {
+    
+    private X509Certificate certificate;
+
+    public X509Certificate getCertificate() {
+        return certificate;
+    }
+
+    public void setCertificate(X509Certificate certificate) {
+        this.certificate = certificate;
+    }
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificatesLoginModule.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificatesLoginModule.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificatesLoginModule.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/CertificatesLoginModule.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,175 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.login;
+
+import java.io.File;
+import java.io.IOException;
+import java.security.Principal;
+import java.security.cert.X509Certificate;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.servicemix.jbi.security.GroupPrincipal;
+import org.apache.servicemix.jbi.security.UserPrincipal;
+
+
+/**
+ * This login module authenticate users given an X509 certificate.
+ * 
+ * @version $Rev: $ $Date: $
+ */
+public class CertificatesLoginModule implements LoginModule {
+
+    private final String USER_FILE = "org.apache.servicemix.security.certificates.user";
+    private final String GROUP_FILE = "org.apache.servicemix.security.certificates.group";
+
+    private static final Log log = LogFactory.getLog(CertificatesLoginModule.class);
+
+    private Subject subject;
+    private CallbackHandler callbackHandler;
+
+    private boolean debug;
+    private String usersFile;
+    private String groupsFile;
+    private Properties users = new Properties();
+    private Properties groups = new Properties();
+    private String user;
+    private Set principals = new HashSet();
+    private File baseDir;
+
+    public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
+        this.subject = subject;
+        this.callbackHandler = callbackHandler;
+
+        if( System.getProperty("java.security.auth.login.config")!=null ) {
+            baseDir=new File(System.getProperty("java.security.auth.login.config")).getParentFile();
+        } else {
+            baseDir = new File(".");
+        }
+
+        debug = "true".equalsIgnoreCase((String) options.get("debug"));
+        usersFile = (String) options.get(USER_FILE)+"";
+        groupsFile = (String) options.get(GROUP_FILE)+"";
+
+        if (debug) {
+            log.debug("Initialized debug=" + debug + " usersFile=" + usersFile + " groupsFile=" + groupsFile+" basedir="+baseDir);
+        }
+    }
+
+    public boolean login() throws LoginException {
+        File f = new File(baseDir,usersFile);
+        try {
+            users.load(new java.io.FileInputStream(f));
+        } catch (IOException ioe) {
+            throw new LoginException("Unable to load user properties file " + f);
+        }
+        f = new File(baseDir, groupsFile);
+        try {
+            groups.load(new java.io.FileInputStream(f));
+        } catch (IOException ioe) {
+            throw new LoginException("Unable to load group properties file " + f);
+        }
+
+        Callback[] callbacks = new Callback[1];
+        callbacks[0] = new CertificateCallback();
+        try {
+            callbackHandler.handle(callbacks);
+        } catch (IOException ioe) {
+            throw new LoginException(ioe.getMessage());
+        } catch (UnsupportedCallbackException uce) {
+            throw new LoginException(uce.getMessage() + " not available to obtain information from user");
+        }
+        X509Certificate cert = ((CertificateCallback) callbacks[0]).getCertificate();
+        if (cert == null) throw new FailedLoginException("Unable to retrieve certificate");
+
+        Principal principal = cert.getSubjectX500Principal();
+        String certName = principal.getName(); 
+        for (Iterator it = users.entrySet().iterator(); it.hasNext();) {
+            Map.Entry entry = (Map.Entry) it.next();
+            if (certName.equals(entry.getValue())) {
+                user = (String) entry.getKey();
+                principals.add(principal);
+                if (debug) {
+                    log.debug("login " + user);
+                }
+                return true;
+            }
+        }
+        throw new FailedLoginException();
+    }
+
+    public boolean commit() throws LoginException {
+        principals.add(new UserPrincipal(user));
+
+        for (Enumeration enumeration = groups.keys(); enumeration.hasMoreElements();) {
+            String name = (String) enumeration.nextElement();
+            String[] userList = ((String) groups.getProperty(name) + "").split(",");
+            for (int i = 0; i < userList.length; i++) {
+                if (user.equals(userList[i])) {
+                    principals.add(new GroupPrincipal(name));
+                    break;
+                }
+            }
+        }
+
+        subject.getPrincipals().addAll(principals);
+
+        clear();
+
+        if (debug) {
+            log.debug("commit");
+        }
+        return true;
+    }
+
+    public boolean abort() throws LoginException {
+        clear();
+
+        if (debug) {
+            log.debug("abort");
+        }
+        return true;
+    }
+
+    public boolean logout() throws LoginException {
+        subject.getPrincipals().removeAll(principals);
+        principals.clear();
+
+        if (debug) {
+            log.debug("logout");
+        }
+        return true;
+    }
+
+    private void clear() {
+        groups.clear();
+        user = null;
+    }
+}

Added: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/PropertiesLoginModule.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/PropertiesLoginModule.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/PropertiesLoginModule.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/login/PropertiesLoginModule.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,173 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security.login;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.servicemix.jbi.security.GroupPrincipal;
+import org.apache.servicemix.jbi.security.UserPrincipal;
+
+/**
+ * JAAS Login module for user / password, based on two properties files. 
+ * 
+ * @version $Rev: $ $Date: $
+ */
+public class PropertiesLoginModule implements LoginModule {
+
+    private final String USER_FILE = "org.apache.servicemix.security.properties.user";
+    private final String GROUP_FILE = "org.apache.servicemix.security.properties.group";
+
+    private static final Log log = LogFactory.getLog(PropertiesLoginModule.class);
+
+    private Subject subject;
+    private CallbackHandler callbackHandler;
+
+    private boolean debug;
+    private String usersFile;
+    private String groupsFile;
+    private Properties users = new Properties();
+    private Properties groups = new Properties();
+    private String user;
+    private Set principals = new HashSet();
+    private File baseDir;
+
+    public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
+        this.subject = subject;
+        this.callbackHandler = callbackHandler;
+
+        if( System.getProperty("java.security.auth.login.config")!=null ) {
+            baseDir=new File(System.getProperty("java.security.auth.login.config")).getParentFile();
+        } else {
+            baseDir = new File(".");
+        }
+
+        debug = "true".equalsIgnoreCase((String) options.get("debug"));
+        usersFile = (String) options.get(USER_FILE)+"";
+        groupsFile = (String) options.get(GROUP_FILE)+"";
+
+        if (debug) {
+            log.debug("Initialized debug=" + debug + " usersFile=" + usersFile + " groupsFile=" + groupsFile+" basedir="+baseDir);
+        }
+    }
+
+    public boolean login() throws LoginException {
+        File f = new File(baseDir,usersFile);
+        try {
+            users.load(new java.io.FileInputStream(f));
+        } catch (IOException ioe) {
+            throw new LoginException("Unable to load user properties file " + f);
+        }
+        f = new File(baseDir, groupsFile);
+        try {
+            groups.load(new java.io.FileInputStream(f));
+        } catch (IOException ioe) {
+            throw new LoginException("Unable to load group properties file " + f);
+        }
+
+        Callback[] callbacks = new Callback[2];
+
+        callbacks[0] = new NameCallback("Username: ");
+        callbacks[1] = new PasswordCallback("Password: ", false);
+        try {
+            callbackHandler.handle(callbacks);
+        } catch (IOException ioe) {
+            throw new LoginException(ioe.getMessage());
+        } catch (UnsupportedCallbackException uce) {
+            throw new LoginException(uce.getMessage() + " not available to obtain information from user");
+        }
+        user = ((NameCallback) callbacks[0]).getName();
+        char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword();
+        if (tmpPassword == null) tmpPassword = new char[0];
+
+        String password = users.getProperty(user);
+
+        if (password == null) throw new FailedLoginException("User does not exist");
+        if (!password.equals(new String(tmpPassword))) throw new FailedLoginException("Password does not match");
+
+        users.clear();
+
+        if (debug) {
+            log.debug("login " + user);
+        }
+        return true;
+    }
+
+    public boolean commit() throws LoginException {
+        principals.add(new UserPrincipal(user));
+
+        for (Enumeration enumeration = groups.keys(); enumeration.hasMoreElements();) {
+            String name = (String) enumeration.nextElement();
+            String[] userList = ((String) groups.getProperty(name) + "").split(",");
+            for (int i = 0; i < userList.length; i++) {
+                if (user.equals(userList[i])) {
+                    principals.add(new GroupPrincipal(name));
+                    break;
+                }
+            }
+        }
+
+        subject.getPrincipals().addAll(principals);
+
+        clear();
+
+        if (debug) {
+            log.debug("commit");
+        }
+        return true;
+    }
+
+    public boolean abort() throws LoginException {
+        clear();
+
+        if (debug) {
+            log.debug("abort");
+        }
+        return true;
+    }
+
+    public boolean logout() throws LoginException {
+        subject.getPrincipals().removeAll(principals);
+        principals.clear();
+
+        if (debug) {
+            log.debug("logout");
+        }
+        return true;
+    }
+
+    private void clear() {
+        groups.clear();
+        user = null;
+    }
+}

Added: incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/FileKeystoreManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/FileKeystoreManagerTest.java?rev=413898&view=auto
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/FileKeystoreManagerTest.java (added)
+++ incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/FileKeystoreManagerTest.java Tue Jun 13 07:04:17 2006
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2005-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.security;
+
+import junit.framework.TestCase;
+
+import org.apache.servicemix.jbi.security.keystore.KeystoreInstance;
+import org.apache.servicemix.jbi.security.keystore.KeystoreManager;
+import org.apache.servicemix.jbi.security.keystore.impl.BaseKeystoreManager;
+import org.apache.servicemix.jbi.security.keystore.impl.FileKeystoreInstance;
+import org.springframework.core.io.ClassPathResource;
+
+public class FileKeystoreManagerTest extends TestCase {
+    
+    private KeystoreManager keystoreManager;
+    
+    protected void setUp() throws Exception {
+        BaseKeystoreManager mgr = new BaseKeystoreManager();
+        FileKeystoreInstance keystore = new FileKeystoreInstance();
+        keystore.setPath(new ClassPathResource("org/apache/servicemix/jbi/security/privatestore.jks"));
+        keystore.setKeystorePassword("keyStorePassword");
+        keystore.setKeyPasswords("myalias=myAliasPassword");
+        keystore.setName("ks");
+        mgr.setKeystores(new KeystoreInstance[] { keystore });
+        keystoreManager = mgr;
+    }
+    
+    public void testGetKeystoreInstance() throws Exception {
+        assertNotNull(keystoreManager.getKeystore("ks"));
+    }
+
+    public void testGetUnknownKeystoreInstance() throws Exception {
+        assertNull(keystoreManager.getKeystore("ks2"));
+    }
+    
+    public void testPrivateKey() throws Exception {
+        KeystoreInstance ks = keystoreManager.getKeystore("ks");
+        String[] pk = ks.listPrivateKeys();
+        assertNotNull(pk);
+        assertEquals(1, pk.length);
+        assertEquals("myalias", pk[0]);
+        assertNotNull(ks.getCertificate("myalias"));
+        assertNotNull(ks.getPrivateKey("myalias"));
+    }
+
+}

Modified: incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SecuredBrokerTest.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SecuredBrokerTest.java?rev=413898&r1=413897&r2=413898&view=diff
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SecuredBrokerTest.java (original)
+++ incubator/servicemix/trunk/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SecuredBrokerTest.java Tue Jun 13 07:04:17 2006
@@ -36,6 +36,9 @@
 import org.apache.servicemix.client.ServiceMixClient;
 import org.apache.servicemix.jbi.container.JBIContainer;
 import org.apache.servicemix.jbi.jaxp.StringSource;
+import org.apache.servicemix.jbi.security.acl.AuthorizationMap;
+import org.apache.servicemix.jbi.security.acl.impl.AuthorizationEntry;
+import org.apache.servicemix.jbi.security.acl.impl.DefaultAuthorizationMap;
 import org.apache.servicemix.tck.ReceiverComponent;
 
 public class SecuredBrokerTest extends TestCase {

Modified: incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/login.properties
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/login.properties?rev=413898&r1=413897&r2=413898&view=diff
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/login.properties (original)
+++ incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/login.properties Tue Jun 13 07:04:17 2006
@@ -1,5 +1,5 @@
 servicemix-domain {
-    org.apache.servicemix.jbi.security.PropertiesLoginModule required
+    org.apache.servicemix.jbi.security.login.PropertiesLoginModule required
         debug=true
         org.apache.servicemix.security.properties.user="users.properties"
         org.apache.servicemix.security.properties.group="groups.properties";

Added: incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/privatestore.jks
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/privatestore.jks?rev=413898&view=auto
==============================================================================
Binary file - no diff available.

Propchange: incubator/servicemix/trunk/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/privatestore.jks
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream



Mime
View raw message