Author: hemapani
Date: Thu Apr 27 12:22:08 2006
New Revision: 397616
URL: http://svn.apache.org/viewcvs?rev=397616&view=rev
Log:
create both client and server security config and load write one
Modified:
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/HandlerParameterDecoder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java?rev=397616&r1=397615&r2=397616&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/SecurityModule.java
Thu Apr 27 12:22:08 2006
@@ -34,131 +34,154 @@
import org.apache.ws.security.policy.parser.WSSPolicyProcessor;
public class SecurityModule implements Module {
- private AxisModule module;
+ private AxisModule module;
+
+ public void init(ConfigurationContext configContext, AxisModule module)
+ throws AxisFault {
+ this.module = module;
+ }
+
+ public void engageNotify(AxisDescription axisDescription) throws AxisFault {
+ Policy policy = axisDescription.getPolicyInclude().getEffectivePolicy();
+ if (axisDescription instanceof AxisOperation && policy != null) {
+ try {
+ WSSPolicyProcessor wssPolicyProcessor = new WSSPolicyProcessor();
+ wssPolicyProcessor.setup();
+ wssPolicyProcessor.processPolicy(policy);
+
+ //create server side config
+ WSS4JConfig serverConfig = WSS4JConfigBuilder
+ .build(wssPolicyProcessor.getRootPED()
+ .getTopLevelPEDs());
+
+ InflowConfiguration policyInflowConfig = serverConfig
+ .getInflowConfiguration();
+
+ Parameter infp = calcuateCurrentInflowConfiguration(policyInflowConfig,axisDescription).getProperty();
+ infp.setName(WSSHandlerConstants.INFLOW_SECURITY_SERVER);
+ axisDescription.addParameter(infp);
+
+ OutflowConfiguration policyOutflowConfig = serverConfig.getOutflowConfiguration();
+ Parameter outfp = calcuateCurrentOutflowConfiguration(policyOutflowConfig,axisDescription).getProperty();
+ outfp.setName(WSSHandlerConstants.OUTFLOW_SECURITY_SERVER);
+ axisDescription.addParameter(outfp);
+
+
+ //create client side config
+ wssPolicyProcessor = new WSSPolicyProcessor();
+ wssPolicyProcessor.setup();
+ wssPolicyProcessor.processPolicy(policy);
+
+ WSS4JConfig clientConfig = WSS4JConfigBuilder
+ .build(wssPolicyProcessor.getRootPED()
+ .getTopLevelPEDs(),false);
+
+ policyInflowConfig = clientConfig.getInflowConfiguration();
+
+ infp = calcuateCurrentInflowConfiguration(policyInflowConfig,axisDescription).getProperty();
+ infp.setName(WSSHandlerConstants.INFLOW_SECURITY_CLIENT);
+ axisDescription.addParameter(infp);
+
+ policyOutflowConfig = clientConfig.getOutflowConfiguration();
+ outfp = calcuateCurrentOutflowConfiguration(policyOutflowConfig,axisDescription).getProperty();
+ outfp.setName(WSSHandlerConstants.OUTFLOW_SECURITY_CLIENT);
+ axisDescription.addParameter(outfp);
+ } catch (Exception e) {
+ throw new AxisFault(e.getMessage(), e);
+ }
+ }
+ }
- public void init(ConfigurationContext configContext, AxisModule module)
- throws AxisFault {
- this.module = module;
- }
-
- public void engageNotify(AxisDescription axisDescription) throws AxisFault {
- Policy policy = axisDescription.getPolicyInclude().getEffectivePolicy();
- if (axisDescription instanceof AxisOperation && policy != null) {
- try {
- WSSPolicyProcessor wssPolicyProcessor = new WSSPolicyProcessor();
- wssPolicyProcessor.setup();
- wssPolicyProcessor.processPolicy(policy);
-
- WSS4JConfig config = WSS4JConfigBuilder
- .build(wssPolicyProcessor.getRootPED()
- .getTopLevelPEDs());
-
- InflowConfiguration policyInflowConfig = config
- .getInflowConfiguration();
- OutflowConfiguration policyOutflowConfig = config
- .getOutflowConfiguration();
-
- calcuateCurrentConfiguration(policyInflowConfig,
- policyOutflowConfig, axisDescription);
- } catch (Exception e) {
- throw new AxisFault(e.getMessage(), e);
- }
- }
- }
-
- public void shutdown(AxisConfiguration axisSystem) throws AxisFault {
- // Do nothing
- }
-
- private void calcuateCurrentConfiguration(
- InflowConfiguration policyInflowConfig,
- OutflowConfiguration policyOutflowConfig,
- AxisDescription axisDescription) throws AxisFault {
- // merge inflow configuration
- Parameter inflowModuleParam = (module != null) ? module
- .getParameter(WSSHandlerConstants.INFLOW_SECURITY): null;
- InflowConfiguration moduleInflowConfig = HandlerParameterDecoder
- .getInflowConfiguration(inflowModuleParam);
-
- Parameter inflowSecParam = axisDescription
- .getParameter(WSSHandlerConstants.INFLOW_SECURITY);
- InflowConfiguration staticInflowConfig = HandlerParameterDecoder
- .getInflowConfiguration(inflowSecParam);
-
- InflowConfiguration mergedInConf = mergeInflowConfiguration(
- staticInflowConfig, moduleInflowConfig);
- InflowConfiguration finalInConf = mergeInflowConfiguration(mergedInConf,policyInflowConfig);
-
- axisDescription.addParameter(finalInConf.getProperty());
-
- // merge outflow configuration
- Parameter outfloModuleParam = (module != null) ? module
- .getParameter(WSSHandlerConstants.OUTFLOW_SECURITY) : null;
- OutflowConfiguration moduleOutflowConfig = HandlerParameterDecoder
- .getOutflowConfiguration(outfloModuleParam);
- Parameter outflowSecParam = axisDescription
- .getParameter(WSSHandlerConstants.OUTFLOW_SECURITY);
- OutflowConfiguration staticOutflowConfig = HandlerParameterDecoder
- .getOutflowConfiguration(outflowSecParam);
-
- OutflowConfiguration mergedOutFlowConf = mergeOutflowConfiguration(
- staticOutflowConfig, moduleOutflowConfig);
- OutflowConfiguration finalOutFlowConf = mergeOutflowConfiguration(mergedOutFlowConf,policyOutflowConfig);
- axisDescription.addParameter(finalOutFlowConf.getProperty());
- }
-
- // overide secondry configuration with primry configuration
- private OutflowConfiguration mergeOutflowConfiguration(
- OutflowConfiguration primaryConfig,
- OutflowConfiguration secondryConf) {
- if (secondryConf == null && primaryConfig != null) {
- return primaryConfig;
- } else if (primaryConfig == null && secondryConf != null) {
- return secondryConf;
- } else if (primaryConfig == null && secondryConf == null) {
- return null;
- }
-
- secondryConf.setPasswordCallbackClass(primaryConfig
- .getPasswordCallbackClass());
- secondryConf.setSignaturePropFile(primaryConfig.getSignaturePropFile());
- secondryConf.setEncryptionPropFile(primaryConfig
- .getEncryptionPropFile());
- secondryConf.setEmbeddedKeyCallbackClass(primaryConfig
- .getEmbeddedKeyCallbackClass());
- secondryConf.setUser(primaryConfig.getUser());
- secondryConf.setEncryptionUser(primaryConfig.getEncryptionUser());
- return secondryConf;
- }
-
- // overide secondry configuration with primry configuration
- private InflowConfiguration mergeInflowConfiguration(
- InflowConfiguration primaryConfig, InflowConfiguration secondryConf) {
- if (secondryConf == null && primaryConfig != null) {
- return primaryConfig;
- } else if (primaryConfig == null && secondryConf != null) {
- return secondryConf;
- } else if (primaryConfig == null && secondryConf == null) {
- return null;
- }
-
- secondryConf.setPasswordCallbackClass(primaryConfig
- .getPasswordCallbackClass());
- secondryConf.setDecryptionPropFile(primaryConfig
- .getDecryptionPropFile());
- secondryConf.setSignaturePropFile(primaryConfig.getSignaturePropFile());
- String enableSignatureConfirmation = primaryConfig.getEnableSignatureConfirmation();
- if (enableSignatureConfirmation != null) {
- secondryConf.setEnableSignatureConfirmation("1"
- .equals(enableSignatureConfirmation)
- || "true".equals(enableSignatureConfirmation));
- }
- return secondryConf;
- }
-
- /* (non-Javadoc)
- * @see org.apache.axis2.modules.Module#shutdown(org.apache.axis2.context.ConfigurationContext)
- */
public void shutdown(ConfigurationContext configurationContext) throws AxisFault {
+ // Do nothing
+ }
+
+ private InflowConfiguration calcuateCurrentInflowConfiguration(
+ InflowConfiguration policyInflowConfig,
+ AxisDescription axisDescription) throws AxisFault {
+ // merge inflow configuration
+ Parameter inflowModuleParam = module
+ .getParameter(WSSHandlerConstants.INFLOW_SECURITY);
+ InflowConfiguration moduleInflowConfig = HandlerParameterDecoder
+ .getInflowConfiguration(inflowModuleParam);
+
+ Parameter inflowSecParam = axisDescription
+ .getParameter(WSSHandlerConstants.INFLOW_SECURITY);
+ InflowConfiguration staticInflowConfig = HandlerParameterDecoder
+ .getInflowConfiguration(inflowSecParam);
+
+ InflowConfiguration mergedInConf = mergeInflowConfiguration(
+ staticInflowConfig, moduleInflowConfig);
+ InflowConfiguration finalInConf = mergeInflowConfiguration(mergedInConf,policyInflowConfig);
+ return finalInConf;
+ }
+
+ private OutflowConfiguration calcuateCurrentOutflowConfiguration(
+ OutflowConfiguration policyOutflowConfig,
+ AxisDescription axisDescription) throws AxisFault {
+ // merge outflow configuration
+ Parameter outfloModuleParam = module
+ .getParameter(WSSHandlerConstants.OUTFLOW_SECURITY);
+ OutflowConfiguration moduleOutflowConfig = HandlerParameterDecoder
+ .getOutflowConfiguration(outfloModuleParam);
+ Parameter outflowSecParam = axisDescription
+ .getParameter(WSSHandlerConstants.OUTFLOW_SECURITY);
+ OutflowConfiguration staticOutflowConfig = HandlerParameterDecoder
+ .getOutflowConfiguration(outflowSecParam);
+
+ OutflowConfiguration mergedOutFlowConf = mergeOutflowConfiguration(
+ staticOutflowConfig, moduleOutflowConfig);
+ OutflowConfiguration finalOutFlowConf = mergeOutflowConfiguration(mergedOutFlowConf,policyOutflowConfig);
+ return finalOutFlowConf;
+ }
+
+
+
+
+
+ // overide secondry configuration with primry configuration
+ private OutflowConfiguration mergeOutflowConfiguration(
+ OutflowConfiguration primaryConfig,
+ OutflowConfiguration secondryConf) {
+ if (secondryConf == null && primaryConfig != null) {
+ return primaryConfig;
+ } else if (primaryConfig == null && secondryConf != null) {
+ return secondryConf;
+ } else if (primaryConfig == null && secondryConf == null) {
+ return null;
+ }
+
+ secondryConf.setPasswordCallbackClass(primaryConfig
+ .getPasswordCallbackClass());
+ secondryConf.setSignaturePropFile(primaryConfig.getSignaturePropFile());
+ secondryConf.setEncryptionPropFile(primaryConfig
+ .getEncryptionPropFile());
+ secondryConf.setEmbeddedKeyCallbackClass(primaryConfig
+ .getEmbeddedKeyCallbackClass());
+ secondryConf.setUser(primaryConfig.getUser());
+ secondryConf.setEncryptionUser(primaryConfig.getEncryptionUser());
+ return secondryConf;
+ }
+
+ // overide secondry configuration with primry configuration
+ private InflowConfiguration mergeInflowConfiguration(
+ InflowConfiguration primaryConfig, InflowConfiguration secondryConf) {
+ if (secondryConf == null && primaryConfig != null) {
+ return primaryConfig;
+ } else if (primaryConfig == null && secondryConf != null) {
+ return secondryConf;
+ } else if (primaryConfig == null && secondryConf == null) {
+ return null;
+ }
+
+ secondryConf.setPasswordCallbackClass(primaryConfig
+ .getPasswordCallbackClass());
+ secondryConf.setDecryptionPropFile(primaryConfig
+ .getDecryptionPropFile());
+ secondryConf.setSignaturePropFile(primaryConfig.getSignaturePropFile());
+ if(primaryConfig.getEnableSignatureConfirmation() != null && "false".equals(primaryConfig.getEnableSignatureConfirmation())){
+ secondryConf.setEnableSignatureConfirmation(false);
+ }
+ return secondryConf;
}
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java?rev=397616&r1=397615&r2=397616&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
Thu Apr 27 12:22:08 2006
@@ -26,15 +26,21 @@
*/
public final static String SECURITY_MODULE_NAME = "security";
- /**
+ /**
* Inflow security parameter
*/
public static final String INFLOW_SECURITY = "InflowSecurity";
+
+ public static final String INFLOW_SECURITY_SERVER = "InflowSecurity-server";
+ public static final String INFLOW_SECURITY_CLIENT = "InflowSecurity-client";
/**
* Outflow security parameter
*/
public static final String OUTFLOW_SECURITY = "OutflowSecurity";
+
+ public static final String OUTFLOW_SECURITY_SERVER = "OutflowSecurity-server";
+ public static final String OUTFLOW_SECURITY_CLIENT = "OutflowSecurity-client";
public static final String ACTION = "action";
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/HandlerParameterDecoder.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/HandlerParameterDecoder.java?rev=397616&r1=397615&r2=397616&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/HandlerParameterDecoder.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/HandlerParameterDecoder.java
Thu Apr 27 12:22:08 2006
@@ -47,12 +47,25 @@
*/
public static void processParameters(MessageContext msgCtx, boolean inflow)
throws Exception {
-
- //TODO: check whether policy is available
+ Parameter inFlowSecParam;
+ Parameter outFlowSecParam;
+
+ if(msgCtx.isServerSide()){
+ inFlowSecParam = (Parameter)msgCtx.getParameter(WSSHandlerConstants.INFLOW_SECURITY_SERVER);
+ outFlowSecParam = (Parameter)msgCtx.getParameter(WSSHandlerConstants.OUTFLOW_SECURITY_SERVER);
+ }else{
+ inFlowSecParam = (Parameter)msgCtx.getParameter(WSSHandlerConstants.INFLOW_SECURITY_CLIENT);
+ outFlowSecParam = (Parameter)msgCtx.getParameter(WSSHandlerConstants.OUTFLOW_SECURITY_CLIENT);
+ }
- Parameter inFlowSecParam = (Parameter)msgCtx.getProperty(WSSHandlerConstants.INFLOW_SECURITY);
-
- Parameter outFlowSecParam = (Parameter)msgCtx.getProperty(WSSHandlerConstants.OUTFLOW_SECURITY);
+ //TODO: check whether policy is available
+ if(inFlowSecParam == null){
+ inFlowSecParam = (Parameter)msgCtx.getProperty(WSSHandlerConstants.INFLOW_SECURITY);
+ }
+
+ if(outFlowSecParam == null){
+ outFlowSecParam = (Parameter)msgCtx.getProperty(WSSHandlerConstants.OUTFLOW_SECURITY);
+ }
//If the configs are not availabale in the file
if(inFlowSecParam == null) {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java?rev=397616&r1=397615&r2=397616&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
(original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/WSS4JConfigBuilder.java
Thu Apr 27 12:22:08 2006
@@ -35,8 +35,11 @@
import java.util.Iterator;
public class WSS4JConfigBuilder {
-
- public static WSS4JConfig build(ArrayList topLevelPeds) throws WSSPolicyException {
+ public static WSS4JConfig build(ArrayList topLevelPeds) throws WSSPolicyException {
+ return build(topLevelPeds,true);
+ }
+
+ public static WSS4JConfig build(ArrayList topLevelPeds,boolean serverSide) throws WSSPolicyException
{
Iterator topLevelPEDIterator = topLevelPeds.iterator();
WSS4JConfig config = new WSS4JConfig();
while (topLevelPEDIterator.hasNext()) {
@@ -55,11 +58,11 @@
//Unrecognized token
}
}
- finalizeConfig(config);
+ finalizeConfig(config,serverSide);
return config;
}
- private static void finalizeConfig(WSS4JConfig config) throws WSSPolicyException{
+ private static void finalizeConfig(WSS4JConfig config,boolean serverSide) throws WSSPolicyException{
config.getInflowConfiguration().setEnableSignatureConfirmation(false);
config.getOutflowConfiguration().setEnableSignatureConfirmation(false);
@@ -133,26 +136,45 @@
}
- if(config.binding instanceof AsymmetricBinding) {
- AsymmetricBinding asymmetricBinding = (AsymmetricBinding) config.binding;
- Token recipientToken = asymmetricBinding.getRecipientToken()
- .getReceipientToken();
- String initiatorInclusion = recipientToken.getInclusion();
- if (initiatorInclusion
- .equals(Constants.INCLUDE_ALWAYS_TO_RECIPIENT)
- || initiatorInclusion.equals(Constants.INCLUDE_ALWAYS)) {
- config.getOutflowConfiguration().setSignatureKeyIdentifier(
- WSSHandlerConstants.BST_DIRECT_REFERENCE);
- } else {
- if(recipientToken instanceof X509Token) {
+ if(config.binding instanceof AsymmetricBinding) {
+ if(serverSide){
+ AsymmetricBinding asymmetricBinding = (AsymmetricBinding) config.binding;
+ Token recipientToken = asymmetricBinding.getRecipientToken()
+ .getReceipientToken();
+ String initiatorInclusion = recipientToken.getInclusion();
+ if (initiatorInclusion
+ .equals(Constants.INCLUDE_ALWAYS_TO_RECIPIENT)
+ || initiatorInclusion.equals(Constants.INCLUDE_ALWAYS)) {
config.getOutflowConfiguration().setSignatureKeyIdentifier(
- WSSHandlerConstants.SKI_KEY_IDENTIFIER);
+ WSSHandlerConstants.BST_DIRECT_REFERENCE);
+ } else {
+ if(recipientToken instanceof X509Token) {
+ config.getOutflowConfiguration().setSignatureKeyIdentifier(
+ WSSHandlerConstants.SKI_KEY_IDENTIFIER);
+ }
+ }
+ }else{
+ AsymmetricBinding asymmetricBinding = (AsymmetricBinding) config.binding;
+ Token initiatorToken = asymmetricBinding.getInitiatorToken().getInitiatorToken();
+ String initiatorInclusion = initiatorToken.getInclusion();
+ if (initiatorInclusion
+ .equals(Constants.INCLUDE_ALWAYS_TO_RECIPIENT)
+ || initiatorInclusion.equals(Constants.INCLUDE_ALWAYS)) {
+ config.getOutflowConfiguration().setSignatureKeyIdentifier(
+ WSSHandlerConstants.BST_DIRECT_REFERENCE);
+ } else {
+ if(initiatorToken instanceof X509Token) {
+ config.getOutflowConfiguration().setSignatureKeyIdentifier(
+ WSSHandlerConstants.SKI_KEY_IDENTIFIER);
+ }
}
}
} else {
//TODO Handle symmetric binding
}
}
+
+
if(config.supportingToken != null) {
if(config.supportingToken.getType() == Constants.SUPPORTING_TOKEN_SUPPORTING
||
|