Return-Path: Delivered-To: apmail-geronimo-servicemix-commits-archive@www.apache.org Received: (qmail 8451 invoked from network); 13 Jun 2006 14:10:21 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 13 Jun 2006 14:10:21 -0000 Received: (qmail 88566 invoked by uid 500); 13 Jun 2006 14:10:20 -0000 Delivered-To: apmail-geronimo-servicemix-commits-archive@geronimo.apache.org Received: (qmail 88499 invoked by uid 500); 13 Jun 2006 14:10:19 -0000 Mailing-List: contact servicemix-commits-help@geronimo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: servicemix-dev@geronimo.apache.org Delivered-To: mailing list servicemix-commits@geronimo.apache.org Received: (qmail 88485 invoked by uid 99); 13 Jun 2006 14:10:19 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 13 Jun 2006 07:10:19 -0700 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [140.211.166.113] (HELO eris.apache.org) (140.211.166.113) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 13 Jun 2006 07:10:17 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id B93EE1A983A; Tue, 13 Jun 2006 07:09:57 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r413903 - in /incubator/servicemix/trunk/servicemix-http/src: main/java/org/apache/servicemix/http/ main/java/org/apache/servicemix/http/jetty/ main/java/org/apache/servicemix/http/processors/ test/resources/org/apache/servicemix/http/secur... Date: Tue, 13 Jun 2006 14:09:55 -0000 To: servicemix-commits@geronimo.apache.org From: gnodet@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20060613140957.B93EE1A983A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Author: gnodet Date: Tue Jun 13 07:09:54 2006 New Revision: 413903 URL: http://svn.apache.org/viewvc?rev=413903&view=rev Log: Modify http component configuration to provide support for ws-sec, and allow the use of the KeystoreManager to configure https Added: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/ServiceMixSslSocketConnector.java incubator/servicemix/trunk/servicemix-http/src/test/resources/org/apache/servicemix/http/security/request.xml Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfiguration.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfigurationMBean.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpEndpoint.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpLifeCycle.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/ServerManager.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/SslParameters.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/JaasUserRealm.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/CommonsHttpSSLSocketFactory.java incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/ProviderProcessor.java Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfiguration.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfiguration.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfiguration.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfiguration.java Tue Jun 13 07:09:54 2006 @@ -16,6 +16,8 @@ package org.apache.servicemix.http; import org.apache.servicemix.common.PersistentConfiguration; +import org.apache.servicemix.jbi.security.auth.AuthenticationService; +import org.apache.servicemix.jbi.security.keystore.KeystoreManager; import org.mortbay.jetty.nio.SelectChannelConnector; /** @@ -30,6 +32,19 @@ private boolean streamingEnabled = false; private String jettyConnectorClassName = DEFAULT_JETTY_CONNECTOR_CLASS_NAME; + private transient KeystoreManager keystoreManager; + private transient AuthenticationService authenticationService; + + /** + * The JNDI name of the AuthenticationService object + */ + private String authenticationServiceName = "java:comp/env/smx/AuthenticationService"; + + /** + * The JNDI name of the KeystoreManager object + */ + private String keystoreManagerName = "java:comp/env/smx/KeystoreManager"; + /** * The maximum number of threads for the Jetty thread pool. It's set * to 255 by default to match the default value in Jetty. @@ -46,6 +61,64 @@ */ private int maxTotalConnections = 256; + /** + * @return the authenticationService + */ + public AuthenticationService getAuthenticationService() { + return authenticationService; + } + + /** + * @param authenticationService the authenticationService to set + */ + public void setAuthenticationService(AuthenticationService authenticationService) { + this.authenticationService = authenticationService; + } + + /** + * @return the authenticationServiceName + */ + public String getAuthenticationServiceName() { + return authenticationServiceName; + } + + /** + * @param authenticationServiceName the authenticationServiceName to set + */ + public void setAuthenticationServiceName(String authenticationServiceName) { + this.authenticationServiceName = authenticationServiceName; + save(); + } + + /** + * @return the keystoreManager + */ + public KeystoreManager getKeystoreManager() { + return keystoreManager; + } + + /** + * @param keystoreManager the keystoreManager to set + */ + public void setKeystoreManager(KeystoreManager keystoreManager) { + this.keystoreManager = keystoreManager; + } + + /** + * @return the keystoreManagerName + */ + public String getKeystoreManagerName() { + return keystoreManagerName; + } + + /** + * @param keystoreManagerName the keystoreManagerName to set + */ + public void setKeystoreManagerName(String keystoreManagerName) { + this.keystoreManagerName = keystoreManagerName; + save(); + } + public boolean isStreamingEnabled() { return streamingEnabled; } @@ -97,6 +170,8 @@ properties.setProperty("streamingEnabled", Boolean.toString(streamingEnabled)); properties.setProperty("maxConnectionsPerHost", Integer.toString(maxConnectionsPerHost)); properties.setProperty("maxTotalConnections", Integer.toString(maxTotalConnections)); + properties.setProperty("keystoreManagerName", keystoreManagerName); + properties.setProperty("authenticationServiceName", authenticationServiceName); super.save(); } @@ -116,6 +191,12 @@ } if (properties.getProperty("maxTotalConnections") != null) { maxTotalConnections = Integer.parseInt(properties.getProperty("maxTotalConnections")); + } + if (properties.getProperty("keystoreManagerName") != null) { + keystoreManagerName = properties.getProperty("keystoreManagerName"); + } + if (properties.getProperty("authenticationServiceName") != null) { + authenticationServiceName = properties.getProperty("authenticationServiceName"); } return true; } else { Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfigurationMBean.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfigurationMBean.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfigurationMBean.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpConfigurationMBean.java Tue Jun 13 07:09:54 2006 @@ -37,4 +37,12 @@ public void setMaxTotalConnections(int maxTotalConnections); + public String getKeystoreManagerName(); + + public void setKeystoreManagerName(String name); + + public String getAuthenticationServiceName(); + + public void setAuthenticationServiceName(String name); + } Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpEndpoint.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpEndpoint.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpEndpoint.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpEndpoint.java Tue Jun 13 07:09:54 2006 @@ -21,6 +21,7 @@ import java.util.List; import java.util.Map; +import javax.jbi.component.ComponentLifeCycle; import javax.jbi.servicedesc.ServiceEndpoint; import javax.wsdl.Binding; import javax.wsdl.Definition; @@ -33,13 +34,14 @@ import javax.wsdl.extensions.http.HTTPAddress; import javax.wsdl.extensions.schema.Schema; import javax.wsdl.extensions.schema.SchemaImport; -import javax.wsdl.extensions.schema.SchemaReference; import javax.xml.namespace.QName; import org.apache.servicemix.common.ExchangeProcessor; import org.apache.servicemix.http.processors.ConsumerProcessor; import org.apache.servicemix.http.processors.ProviderProcessor; import org.apache.servicemix.http.tools.PortTypeDecorator; +import org.apache.servicemix.jbi.security.auth.AuthenticationService; +import org.apache.servicemix.jbi.security.keystore.KeystoreManager; import org.apache.servicemix.soap.SoapEndpoint; import com.ibm.wsdl.extensions.http.HTTPAddressImpl; @@ -275,6 +277,16 @@ */ public Map getWsdls() { return wsdls; + } + + public AuthenticationService getAuthenticationService() { + ComponentLifeCycle lf = getServiceUnit().getComponent().getLifeCycle(); + return ((HttpLifeCycle) lf).getAuthenticationService(); + } + + public KeystoreManager getKeystoreManager() { + ComponentLifeCycle lf = getServiceUnit().getComponent().getLifeCycle(); + return ((HttpLifeCycle) lf).getKeystoreManager(); } } Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpLifeCycle.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpLifeCycle.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpLifeCycle.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/HttpLifeCycle.java Tue Jun 13 07:09:54 2006 @@ -31,6 +31,9 @@ import org.apache.servicemix.common.BaseLifeCycle; import org.apache.servicemix.common.Endpoint; import org.apache.servicemix.common.ServiceUnit; +import org.apache.servicemix.jbi.security.auth.AuthenticationService; +import org.apache.servicemix.jbi.security.auth.impl.JAASAuthenticationService; +import org.apache.servicemix.jbi.security.keystore.KeystoreManager; public class HttpLifeCycle extends BaseLifeCycle { @@ -79,13 +82,29 @@ protected void doInit() throws Exception { super.doInit(); + // Load configuration configuration.setRootDir(context.getWorkspaceRoot()); configuration.load(); - if (server == null) { - server = new ServerManager(); - server.setConfiguration(configuration); - server.init(); + // Lookup keystoreManager and authenticationService + if (configuration.getKeystoreManager() == null) { + try { + String name = configuration.getKeystoreManagerName(); + Object km = context.getNamingContext().lookup(name); + configuration.setKeystoreManager((KeystoreManager) km); + } catch (Exception e) { + // ignore + } + } + if (configuration.getAuthenticationService() == null) { + try { + String name = configuration.getAuthenticationServiceName(); + Object as = context.getNamingContext().lookup(name); + configuration.setAuthenticationService((AuthenticationService) as); + } catch (Exception e) { + configuration.setAuthenticationService(new JAASAuthenticationService()); + } } + // Create client if (client == null) { connectionManager = new MultiThreadedHttpConnectionManager(); HttpConnectionManagerParams params = new HttpConnectionManagerParams(); @@ -94,6 +113,12 @@ connectionManager.setParams(params); client = new HttpClient(connectionManager); } + // Create serverManager + if (server == null) { + server = new ServerManager(); + server.setConfiguration(configuration); + server.init(); + } } protected void doShutDown() throws Exception { @@ -140,6 +165,34 @@ } httpEp.activateDynamic(); return httpEp; + } + + /** + * @return the keystoreManager + */ + public KeystoreManager getKeystoreManager() { + return configuration.getKeystoreManager(); + } + + /** + * @param keystoreManager the keystoreManager to set + */ + public void setKeystoreManager(KeystoreManager keystoreManager) { + this.configuration.setKeystoreManager(keystoreManager); + } + + /** + * @return the authenticationService + */ + public AuthenticationService getAuthenticationService() { + return configuration.getAuthenticationService(); + } + + /** + * @param authenticationService the authenticationService to set + */ + public void setAuthenticationService(AuthenticationService authenticationService) { + this.configuration.setAuthenticationService(authenticationService); } } Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/ServerManager.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/ServerManager.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/ServerManager.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/ServerManager.java Tue Jun 13 07:09:54 2006 @@ -31,6 +31,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.servicemix.http.jetty.JaasUserRealm; +import org.apache.servicemix.http.jetty.ServiceMixSslSocketConnector; import org.mortbay.component.AbstractLifeCycle; import org.mortbay.jetty.AbstractConnector; import org.mortbay.jetty.Connector; @@ -213,7 +214,23 @@ } // Create a new server Connector connector; - if (isSsl) { + if (isSsl && ssl.isManaged()) { + String keyStore = ssl.getKeyStore(); + if (keyStore == null) { + throw new IllegalArgumentException("keyStore must be set"); + } + ServiceMixSslSocketConnector sslConnector = new ServiceMixSslSocketConnector(); + sslConnector.setAlgorithm(ssl.getAlgorithm()); + sslConnector.setProtocol(ssl.getProtocol()); + sslConnector.setConfidentialPort(url.getPort()); + sslConnector.setKeystore(keyStore); + sslConnector.setKeyAlias(ssl.getKeyAlias()); + sslConnector.setTrustStore(ssl.getTrustStore()); + sslConnector.setNeedClientAuth(ssl.isNeedClientAuth()); + sslConnector.setWantClientAuth(ssl.isWantClientAuth()); + sslConnector.setKeystoreManager(getConfiguration().getKeystoreManager()); + connector = sslConnector; + } else if (isSsl) { String keyStore = ssl.getKeyStore(); if (keyStore == null) { keyStore = System.getProperty("javax.net.ssl.keyStore", ""); Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/SslParameters.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/SslParameters.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/SslParameters.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/SslParameters.java Tue Jun 13 07:09:54 2006 @@ -24,6 +24,8 @@ */ public class SslParameters { + private boolean managed; + private String keyAlias; private String keyPassword; private String keyStore; private String keyStorePassword; @@ -33,10 +35,47 @@ private String trustStoreType = "JKS"; private String protocol = "TLS"; private String algorithm = "SunX509"; // cert algorithm + private String provider = null; private boolean wantClientAuth = false; private boolean needClientAuth = false; /** + * @return the provider + */ + public String getProvider() { + return provider; + } + /** + * @param provider the provider to set + */ + public void setProvider(String provider) { + this.provider = provider; + } + /** + * @return the managed + */ + public boolean isManaged() { + return managed; + } + /** + * @param managed the managed to set + */ + public void setManaged(boolean managed) { + this.managed = managed; + } + /** + * @return the keyAlias + */ + public String getKeyAlias() { + return keyAlias; + } + /** + * @param keyAlias the keyAlias to set + */ + public void setKeyAlias(String keyAlias) { + this.keyAlias = keyAlias; + } + /** * @return Returns the algorithm. */ public String getAlgorithm() { @@ -177,7 +216,9 @@ return false; } SslParameters s = (SslParameters) o; - return eq(algorithm, s.algorithm) && + return managed == s.managed && + eq(keyAlias, s.keyAlias) && + eq(algorithm, s.algorithm) && eq(keyPassword, s.keyPassword) && eq(keyStore, s.keyStore) && eq(keyStorePassword, s.keyStorePassword) && @@ -192,7 +233,9 @@ } public int hashCode() { - return hash(algorithm) ^ + return Boolean.valueOf(managed).hashCode() ^ + hash(keyAlias) ^ + hash(algorithm) ^ hash(keyPassword) ^ hash(keyStore) ^ hash(keyStorePassword) ^ Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/JaasUserRealm.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/JaasUserRealm.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/JaasUserRealm.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/JaasUserRealm.java Tue Jun 13 07:09:54 2006 @@ -15,21 +15,16 @@ */ package org.apache.servicemix.http.jetty; -import java.io.IOException; +import java.security.GeneralSecurityException; import java.security.Principal; import java.util.Map; import javax.security.auth.Subject; -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; -import javax.security.auth.login.LoginContext; -import javax.security.auth.login.LoginException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.servicemix.jbi.security.auth.AuthenticationService; +import org.apache.servicemix.jbi.security.auth.impl.JAASAuthenticationService; import org.mortbay.jetty.Request; import org.mortbay.jetty.security.UserRealm; @@ -46,9 +41,24 @@ private String name = getClass().getName(); private String domain = "servicemix-domain"; + private AuthenticationService authenticationService = new JAASAuthenticationService(); private final Map userMap = new ConcurrentHashMap(); /** + * @return the authenticationService + */ + public AuthenticationService getAuthenticationService() { + return authenticationService; + } + + /** + * @param authenticationService the authenticationService to set + */ + public void setAuthenticationService(AuthenticationService authenticationService) { + this.authenticationService = authenticationService; + } + + /** * @return the domain */ public String getDomain() { @@ -89,27 +99,8 @@ } //set up the login context - LoginContext loginContext = new LoginContext(domain, new CallbackHandler() { - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof NameCallback) { - ((NameCallback) callbacks[i]).setName(username); - } else if (callbacks[i] instanceof PasswordCallback) { - if (credentials instanceof char[]) { - ((PasswordCallback) callbacks[i]).setPassword((char[]) credentials); - } else { - ((PasswordCallback) callbacks[i]).setPassword(credentials.toString().toCharArray()); - } - } else { - throw new UnsupportedCallbackException(callbacks[i]); - } - } - } - }); - loginContext.login(); - - Subject subject = loginContext.getSubject(); - + Subject subject = new Subject(); + authenticationService.authenticate(subject, domain, username, credentials); //login success userPrincipal = new JaasJettyPrincipal(username); userPrincipal.setSubject(subject); @@ -122,7 +113,7 @@ return null; } - } catch (LoginException e) { + } catch (GeneralSecurityException e) { log.debug("Login Failed", e); return null; } Added: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/ServiceMixSslSocketConnector.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/ServiceMixSslSocketConnector.java?rev=413903&view=auto ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/ServiceMixSslSocketConnector.java (added) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/jetty/ServiceMixSslSocketConnector.java Tue Jun 13 07:09:54 2006 @@ -0,0 +1,82 @@ +/* + * Copyright 2005-2006 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.servicemix.http.jetty; + +import javax.net.ssl.SSLServerSocketFactory; + +import org.apache.servicemix.jbi.security.keystore.KeystoreManager; +import org.mortbay.jetty.security.SslSocketConnector; + +public class ServiceMixSslSocketConnector extends SslSocketConnector { + + private String trustStore; + + private String keyAlias; + + private KeystoreManager keystoreManager; + + /** + * @return the keystoreManager + */ + public KeystoreManager getKeystoreManager() { + return keystoreManager; + } + + /** + * @param keystoreManager the keystoreManager to set + */ + public void setKeystoreManager(KeystoreManager keystoreManager) { + this.keystoreManager = keystoreManager; + } + + /** + * @return the keyAlias + */ + public String getKeyAlias() { + return keyAlias; + } + + /** + * @param keyAlias the keyAlias to set + */ + public void setKeyAlias(String keyAlias) { + this.keyAlias = keyAlias; + } + + /** + * @return the trustStore + */ + public String getTrustStore() { + return trustStore; + } + + /** + * @param trustStore the trustStore to set + */ + public void setTrustStore(String trustStore) { + this.trustStore = trustStore; + } + + protected SSLServerSocketFactory createFactory() throws Exception { + return keystoreManager.createSSLServerFactory( + getProvider(), + getProtocol(), + getAlgorithm(), + getKeystore(), + getKeyAlias(), + getTrustStore()); + } +} Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/CommonsHttpSSLSocketFactory.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/CommonsHttpSSLSocketFactory.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/CommonsHttpSSLSocketFactory.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/CommonsHttpSSLSocketFactory.java Tue Jun 13 07:09:54 2006 @@ -34,6 +34,7 @@ import org.apache.commons.httpclient.params.HttpConnectionParams; import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; import org.apache.servicemix.http.SslParameters; +import org.apache.servicemix.jbi.security.keystore.KeystoreManager; import org.mortbay.resource.Resource; import org.springframework.core.io.ClassPathResource; @@ -41,8 +42,31 @@ private SSLSocketFactory factory; - public CommonsHttpSSLSocketFactory(SslParameters ssl) throws Exception { - SSLContext context = SSLContext.getInstance(ssl.getProtocol()); + public CommonsHttpSSLSocketFactory(SslParameters ssl, KeystoreManager keystoreManager) throws Exception { + if (ssl.isManaged()) { + createManagedFactory(ssl, keystoreManager); + } else { + createUnmanagedFactory(ssl); + } + } + + protected void createManagedFactory(SslParameters ssl, KeystoreManager keystoreManager) throws Exception { + factory = keystoreManager.createSSLFactory( + ssl.getProvider(), + ssl.getProtocol(), + ssl.getAlgorithm(), + ssl.getKeyStore(), + ssl.getKeyAlias(), + ssl.getTrustStore()); + } + + protected void createUnmanagedFactory(SslParameters ssl) throws Exception { + SSLContext context; + if (ssl.getProvider() == null) { + context = SSLContext.getInstance(ssl.getProtocol()); + } else { + context = SSLContext.getInstance(ssl.getProtocol(), ssl.getProvider()); + } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(ssl.getAlgorithm()); String keyStore = ssl.getKeyStore(); if (keyStore == null) { Modified: incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/ProviderProcessor.java URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/ProviderProcessor.java?rev=413903&r1=413902&r2=413903&view=diff ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/ProviderProcessor.java (original) +++ incubator/servicemix/trunk/servicemix-http/src/main/java/org/apache/servicemix/http/processors/ProviderProcessor.java Tue Jun 13 07:09:54 2006 @@ -23,6 +23,7 @@ import java.util.Iterator; import java.util.Map; +import javax.jbi.component.ComponentLifeCycle; import javax.jbi.messaging.DeliveryChannel; import javax.jbi.messaging.ExchangeStatus; import javax.jbi.messaging.Fault; @@ -47,8 +48,10 @@ import org.apache.commons.httpclient.protocol.ProtocolSocketFactory; import org.apache.servicemix.JbiConstants; import org.apache.servicemix.common.ExchangeProcessor; +import org.apache.servicemix.http.HttpConfiguration; import org.apache.servicemix.http.HttpEndpoint; import org.apache.servicemix.http.HttpLifeCycle; +import org.apache.servicemix.soap.Context; import org.apache.servicemix.soap.SoapHelper; import org.apache.servicemix.soap.marshalers.SoapMessage; import org.apache.servicemix.soap.marshalers.SoapReader; @@ -94,6 +97,8 @@ SoapMessage soapMessage = new SoapMessage(); NormalizedMessage nm = exchange.getMessage("in"); soapHelper.getJBIMarshaler().fromNMS(soapMessage, nm); + Context context = soapHelper.createContext(soapMessage); + soapHelper.onSend(context); SoapWriter writer = soapHelper.getSoapMarshaler().createWriter(soapMessage); Map headers = (Map) nm.getProperty(JbiConstants.PROTOCOL_HEADERS); if (headers != null) { @@ -122,6 +127,8 @@ Header contentType = method.getResponseHeader("Content-Type"); soapMessage = reader.read(method.getResponseBodyAsStream(), contentType != null ? contentType.getValue() : null); + context.setFaultMessage(soapMessage); + soapHelper.onAnswer(context); Fault fault = exchange.createFault(); fault.setProperty(JbiConstants.PROTOCOL_HEADERS, getHeaders(method)); soapHelper.getJBIMarshaler().toNMS(fault, soapMessage); @@ -138,6 +145,8 @@ Header contentType = method.getResponseHeader("Content-Type"); soapMessage = reader.read(method.getResponseBodyAsStream(), contentType != null ? contentType.getValue() : null); + context.setOutMessage(soapMessage); + soapHelper.onAnswer(context); msg.setProperty(JbiConstants.PROTOCOL_HEADERS, getHeaders(method)); soapHelper.getJBIMarshaler().toNMS(msg, soapMessage); ((InOut) exchange).setOutMessage(msg); @@ -151,6 +160,8 @@ SoapReader reader = soapHelper.getSoapMarshaler().createReader(); soapMessage = reader.read(method.getResponseBodyAsStream(), method.getResponseHeader("Content-Type").getValue()); + context.setOutMessage(soapMessage); + soapHelper.onAnswer(context); msg.setProperty(JbiConstants.PROTOCOL_HEADERS, getHeaders(method)); soapHelper.getJBIMarshaler().toNMS(msg, soapMessage); ((InOptionalOut) exchange).setOutMessage(msg); @@ -168,7 +179,9 @@ public void start() throws Exception { URI uri = new URI(endpoint.getLocationURI(), false); if (uri.getScheme().equals("https")) { - ProtocolSocketFactory sf = new CommonsHttpSSLSocketFactory(endpoint.getSsl()); + ProtocolSocketFactory sf = new CommonsHttpSSLSocketFactory( + endpoint.getSsl(), + endpoint.getKeystoreManager()); Protocol protocol = new Protocol("https", sf, 443); HttpHost host = new HttpHost(uri.getHost(), uri.getPort(), protocol); this.host = new HostConfiguration(); @@ -178,6 +191,11 @@ this.host.setHost(uri.getHost(), uri.getPort()); } channel = endpoint.getServiceUnit().getComponent().getComponentContext().getDeliveryChannel(); + } + + protected HttpConfiguration getConfiguration(HttpEndpoint endpoint) { + ComponentLifeCycle lf = endpoint.getServiceUnit().getComponent().getLifeCycle(); + return ((HttpLifeCycle) lf).getConfiguration(); } public void stop() throws Exception { Added: incubator/servicemix/trunk/servicemix-http/src/test/resources/org/apache/servicemix/http/security/request.xml URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-http/src/test/resources/org/apache/servicemix/http/security/request.xml?rev=413903&view=auto ============================================================================== --- incubator/servicemix/trunk/servicemix-http/src/test/resources/org/apache/servicemix/http/security/request.xml (added) +++ incubator/servicemix/trunk/servicemix-http/src/test/resources/org/apache/servicemix/http/security/request.xml Tue Jun 13 07:09:54 2006 @@ -0,0 +1,14 @@ + + + + + user1 + user1 + + + + + world + +