ws-axis-cvs mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	ruchi...@apache.org
Subject	svn commit: r390996 - in /webservices/axis2/trunk/java/modules: addressing/src/META-INF/ core/conf/ core/src/org/apache/axis2/deployment/ security/src/META-INF/ security/src/org/apache/axis2/security/trust/ security/src/org/apache/axis2/security/trust/...
Date	Mon, 03 Apr 2006 10:37:08 GMT
Author: ruchithf Date: Mon Apr 3 03:37:03 2006 New Revision: 390996 URL: http://svn.apache.org/viewcvs?rev=390996&view=rev Log: - Use sct-issuer-config parameter to configure the rahas module - The SCTIssuer now can issue tokens with wst:BinarySecret carrying the secret - Added the INFaultflow to the addressing module.xml and updated the axis2.xml s to include the dispatchers in the INFaultflow Modified: webservices/axis2/trunk/java/modules/addressing/src/META-INF/module.xml webservices/axis2/trunk/java/modules/core/conf/axis2.xml webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/deployment/axis2_default.xml webservices/axis2/trunk/java/modules/security/src/META-INF/rahas-module.xml webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/STSMessageReceiver.java webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TokenRequestDispatcherConfig.java webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TrustException.java webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/errors.properties webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/impl/SCTIssuer.java Modified: webservices/axis2/trunk/java/modules/addressing/src/META-INF/module.xml URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/addressing/src/META-INF/module.xml?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/addressing/src/META-INF/module.xml (original) +++ webservices/axis2/trunk/java/modules/addressing/src/META-INF/module.xml Mon Apr 3 03:37:03 2006 @@ -21,4 +21,13 @@ <order phase="MessageOut"/> </handler> </Outfaultflow> + + <INfaultflow> + <handler name="AddressingFinalInHandler" class="org.apache.axis2.handlers.addressing.AddressingFinalInHandler"> + <order phase="PreDispatch"/> + </handler> + <handler name="AddressingSubmissionInHandler" class="org.apache.axis2.handlers.addressing.AddressingSubmissionInHandler"> + <order phase="PreDispatch"/> + </handler> + </INfaultflow> </module> Modified: webservices/axis2/trunk/java/modules/core/conf/axis2.xml URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/core/conf/axis2.xml?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/core/conf/axis2.xml (original) +++ webservices/axis2/trunk/java/modules/core/conf/axis2.xml Mon Apr 3 03:37:03 2006 @@ -152,8 +152,34 @@ <phase name="MessageOut"/> </phaseOrder> <phaseOrder type="INfaultflow"> + <phase name="PreDispatch"/> + <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase"> + <handler name="RequestURIBasedDispatcher" + class="org.apache.axis2.engine.RequestURIBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + + <handler name="SOAPActionBasedDispatcher" + class="org.apache.axis2.engine.SOAPActionBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + + <handler name="AddressingBasedDispatcher" + class="org.apache.axis2.engine.AddressingBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + + <handler name="SOAPMessageBodyBasedDispatcher" + class="org.apache.axis2.engine.SOAPMessageBodyBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + <handler name="InstanceDispatcher" + class="org.apache.axis2.engine.InstanceDispatcher"> + <order phase="PostDispatch"/> + </handler> + </phase> <!-- user can add his own phases to this area --> - <phase name="OperationFaultInPhase"/> + <phase name="OperationInFaultPhase"/> </phaseOrder> <phaseOrder type="Outfaultflow"> <!-- user can add his own phases to this area --> Modified: webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/deployment/axis2_default.xml URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/deployment/axis2_default.xml?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/deployment/axis2_default.xml (original) +++ webservices/axis2/trunk/java/modules/core/src/org/apache/axis2/deployment/axis2_default.xml Mon Apr 3 03:37:03 2006 @@ -110,6 +110,32 @@ <phase name="MessageOut"/> </phaseOrder> <phaseOrder type="INfaultflow"> + <phase name="PreDispatch"/> + <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase"> + <handler name="RequestURIBasedDispatcher" + class="org.apache.axis2.engine.RequestURIBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + + <handler name="SOAPActionBasedDispatcher" + class="org.apache.axis2.engine.SOAPActionBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + + <handler name="AddressingBasedDispatcher" + class="org.apache.axis2.engine.AddressingBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + + <handler name="SOAPMessageBodyBasedDispatcher" + class="org.apache.axis2.engine.SOAPMessageBodyBasedDispatcher"> + <order phase="Dispatch"/> + </handler> + <handler name="InstanceDispatcher" + class="org.apache.axis2.engine.InstanceDispatcher"> + <order phase="PostDispatch"/> + </handler> + </phase> <!-- user can add his own phases to this area --> <phase name="OperationInFaultPhase"/> </phaseOrder> Modified: webservices/axis2/trunk/java/modules/security/src/META-INF/rahas-module.xml URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/META-INF/rahas-module.xml?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/security/src/META-INF/rahas-module.xml (original) +++ webservices/axis2/trunk/java/modules/security/src/META-INF/rahas-module.xml Mon Apr 3 03:37:03 2006 @@ -26,12 +26,7 @@ <parameter name="token-dispatcher-configuration"> <token-dispatcher-configuration> <issuer class="org.apache.axis2.security.trust.impl.SCTIssuer" default="true"> - <configuration> - <sct-issuer-config> - <proofToken>EncryptedKey</proofToken> - <cryptoProperties>sctIssuer.properties</cryptoProperties> - </sct-issuer-config> - </configuration> + <configuration-param>sct-issuer-config</configuration-param> <tokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</tokenType> </issuer> </token-dispatcher-configuration> Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/STSMessageReceiver.java URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/STSMessageReceiver.java?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/STSMessageReceiver.java (original) +++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/STSMessageReceiver.java Mon Apr 3 03:37:03 2006 @@ -60,6 +60,7 @@ throw new TrustException("missingDispatcherConfiguration"); } } catch (TrustException e) { + e.printStackTrace(); //Log the exception log.error(e); throw new AxisFault(e.getFaultString(), e.getFaultCode()); Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TokenRequestDispatcherConfig.java URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TokenRequestDispatcherConfig.java?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TokenRequestDispatcherConfig.java (original) +++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TokenRequestDispatcherConfig.java Mon Apr 3 03:37:03 2006 @@ -90,9 +90,9 @@ } //Process configuration parameter name information - OMElement issuerParamNameElem = element.getFirstChildWithName(CONFIGURATION_ELEMENT); + OMElement issuerParamNameElem = element.getFirstChildWithName(CONFIGURATION_PARAM); String issuerParamName = (issuerParamNameElem != null) ? issuerParamNameElem.getText() : null; - if(issuerConfigElement != null) { + if(issuerParamName != null) { conf.configParamNames.put(issuerClass, issuerParamName); } Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TrustException.java URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TrustException.java?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TrustException.java (original) +++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/TrustException.java Mon Apr 3 03:37:03 2006 @@ -106,7 +106,11 @@ } catch (MissingResourceException e) { throw new RuntimeException("Undefined '" + faultCode + "' resource property"); } - return msg; + if(msg != null) { + return msg; + } else { + return faultCode; + } } / Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/errors.properties URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/errors.properties?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/errors.properties (original) +++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/errors.properties Mon Apr 3 03:37:03 2006 @@ -26,4 +26,5 @@ expectedParameterMissing = Expected parameter missing : \"{0}\" reqestedSecTokMissing = RequestedSecurityToken missing in the response rptMissing = RequestedProofToken missing in the response -notSupported = Not supported: {0} \ No newline at end of file +notSupported = Not supported: {0} +errorCreatingSymmKey = Error in creating the ephemeral key \ No newline at end of file Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/impl/SCTIssuer.java URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/impl/SCTIssuer.java?rev=390996&r1=390995&r2=390996&view=diff ============================================================================== --- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/impl/SCTIssuer.java (original) +++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/trust/impl/SCTIssuer.java Mon Apr 3 03:37:03 2006 @@ -28,6 +28,7 @@ import org.apache.axis2.security.trust.TokenIssuer; import org.apache.axis2.security.trust.TokenStorage; import org.apache.axis2.security.trust.TrustException; +import org.apache.axis2.util.Base64; import org.apache.ws.security.WSConstants; import org.apache.ws.security.WSSecurityEngineResult; import org.apache.ws.security.WSSecurityException; @@ -43,6 +44,7 @@ import javax.xml.namespace.QName; import java.security.Principal; +import java.security.SecureRandom; import java.security.cert.X509Certificate; import java.util.Vector; @@ -113,10 +115,11 @@ //Look for the file if(config == null && this.configParamName != null) { - Parameter param = inMsgCtx - .getParameter(SCTIssuerConfig.SCT_ISSUER_CONFIG_PARAM); + Parameter param = inMsgCtx.getParameter(this.configParamName); if(param != null && param.getParameterElement() != null) { - config = SCTIssuerConfig.load(param.getParameterElement()); + config = SCTIssuerConfig.load(param.getParameterElement() + .getFirstChildWithName( + SCTIssuerConfig.SCT_ISSUER_CONFIG)); } else { throw new TrustException("expectedParameterMissing", new String[] { this.configParamName }); @@ -134,8 +137,9 @@ inMsgCtx, cert); return responseEnv; } else if(BINARY_SECRET.equals(config.proofTokenType)) { - // TODO - throw new UnsupportedOperationException("TODO"); + SOAPEnvelope responseEnv = this.doBinarySecret(config, + inMsgCtx); + return responseEnv; } else if(COMPUTED_KEY.equals(config.proofTokenType)) { // TODO throw new UnsupportedOperationException("TODO"); @@ -148,6 +152,52 @@ } + / + * @param config + * @param inMsgCtx + * @param cert + * @return + / + private SOAPEnvelope doBinarySecret(SCTIssuerConfig config, MessageContext msgCtx) throws TrustException { + + SOAPEnvelope env = this.getSOAPEnvelope(msgCtx); + //Get the document + Document doc = ((Element)env).getOwnerDocument(); + + SecurityContextToken sct = new SecurityContextToken(doc); + sct.setID("sctId-" + sct.getElement().hashCode()); + + OMElement rstrElem = env.getOMFactory().createOMElement( + new QName(Constants.WST_NS, + Constants.REQUEST_SECURITY_TOKEN_RESPONSE_LN, + Constants.WST_PREFIX), env.getBody()); + + OMElement rstElem = env.getOMFactory().createOMElement( + new QName(Constants.WST_NS, + Constants.REQUESTED_SECURITY_TOKEN_LN, + Constants.WST_PREFIX), rstrElem); + + rstElem.addChild((OMElement)sct.getElement()); + + OMElement reqProofTok = env.getOMFactory().createOMElement( + new QName(Constants.WST_NS, Constants.REQUESTED_PROOF_TOKEN_LN, + Constants.WST_PREFIX), rstrElem); + + OMElement binSecElem = env.getOMFactory().createOMElement( + new QName(Constants.WST_NS, Constants.BINARY_SECRET, + Constants.WST_PREFIX), reqProofTok); + + byte[] secret = this.generateEphemeralKey(); + binSecElem.setText(Base64.encode(secret)); + + //Store the tokens + Token sctToken = new Token(sct.getIdentifier(), (OMElement)sct.getElement()); + sctToken.setSecret(secret); + this.getTokenStore(msgCtx).add(sctToken); + + return env; + } + private SOAPEnvelope doEncryptedKey(SCTIssuerConfig config, MessageContext msgCtx, X509Certificate cert) throws TrustException { @@ -255,6 +305,23 @@ return storage; } + /* + * Create an ephemeral key + * + * @return + * @throws WSSecurityException + / + private byte[] generateEphemeralKey() throws TrustException { + try { + SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); + byte[] temp = new byte[16]; + random.nextBytes(temp); + return temp; + } catch (Exception e) { + throw new TrustException ("errorCreatingSymmKey", e); + } + } + / (non-Javadoc) * @see org.apache.axis2.security.trust.TokenIssuer#setConfigurationParamName(java.lang.String) */
Mime	Unnamed text/plain (inline, 7-Bit, 16899 bytes)
	View raw message