dims 02/02/13 07:21:16
Modified: java/samples/security ClientSigningHandler.java
SignedSOAPEnvelope.java
Log:
Fix for "Weird serialization behavior in Client side handler" problem using
transparent Signing and Verification.
Revision Changes Path
1.3 +15 -32 xml-axis/java/samples/security/ClientSigningHandler.java
Index: ClientSigningHandler.java
===================================================================
RCS file: /home/cvs/xml-axis/java/samples/security/ClientSigningHandler.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- ClientSigningHandler.java 23 Jan 2002 14:00:28 -0000 1.2
+++ ClientSigningHandler.java 13 Feb 2002 15:21:16 -0000 1.3
@@ -57,61 +57,44 @@
import org.apache.axis.AxisFault;
import org.apache.axis.Handler;
-import org.apache.axis.MessageContext;
-import org.apache.axis.handlers.BasicHandler;
-import org.apache.axis.AxisFault;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
+import org.apache.axis.handlers.BasicHandler;
import org.apache.axis.message.SOAPEnvelope;
-import org.apache.axis.utils.JavaUtils;
import org.apache.log4j.Category;
-import org.apache.xml.security.signature.XMLSignature;
-import org.apache.xml.security.utils.Constants;
-import org.apache.xpath.CachedXPathAPI;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import java.io.FileWriter;
-import java.io.PrintWriter;
-import java.io.FileOutputStream;
-import java.io.PrintWriter;
-import java.util.Date;
public class ClientSigningHandler extends BasicHandler {
static Category category =
Category.getInstance(ClientSigningHandler.class.getName());
- public void invoke(MessageContext msgContext) throws AxisFault
- {
+ public void invoke(MessageContext msgContext) throws AxisFault {
/** Sign the SOAPEnvelope
*/
try {
Handler serviceHandler = msgContext.getServiceHandler();
- String filename = (String)getOption("keystore");
+ String filename = (String) getOption("keystore");
if ((filename == null) || (filename.equals("")))
throw new AxisFault("Server.NoKeyStoreFile",
- "No KeyStore file configured for the
ClientSigningHandler!",
- null, null);
- Message requestMessage = msgContext.getRequestMessage();
- SOAPEnvelope unsignedEnvelope =
requestMessage.getSOAPEnvelope();
- // need to correctly compute baseuri
- SignedSOAPEnvelope signedEnvelope = new
SignedSOAPEnvelope(unsignedEnvelope,"http://xml-security",filename);
- requestMessage = new Message(signedEnvelope);
- msgContext.setCurrentMessage(requestMessage);
+ "No KeyStore file configured for the ClientSigningHandler!",
+ null, null);
+ Message requestMessage = msgContext.getRequestMessage();
+ SOAPEnvelope unsignedEnvelope = requestMessage.getSOAPEnvelope();
+ // need to correctly compute baseuri
+ SignedSOAPEnvelope signedEnvelope = new SignedSOAPEnvelope(msgContext,
unsignedEnvelope, "http://xml-security";, filename);
+ requestMessage = new Message(signedEnvelope);
+ msgContext.setCurrentMessage(requestMessage);
// and then pass on to next handler
//requestMessage.getSOAPPart().writeTo(System.out);
} catch (Exception e) {
throw AxisFault.makeFault(e);
- }
+ }
}
- public void undo(MessageContext msgContext)
- {
+ public void undo(MessageContext msgContext) {
try {
// probably needs to fault.
- } catch( Exception e ) {
- category.error( e );
+ } catch (Exception e) {
+ category.error(e);
}
}
}
1.6 +60 -43 xml-axis/java/samples/security/SignedSOAPEnvelope.java
Index: SignedSOAPEnvelope.java
===================================================================
RCS file: /home/cvs/xml-axis/java/samples/security/SignedSOAPEnvelope.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- SignedSOAPEnvelope.java 27 Jan 2002 03:42:02 -0000 1.5
+++ SignedSOAPEnvelope.java 13 Feb 2002 15:21:16 -0000 1.6
@@ -55,34 +55,34 @@
package samples.security;
-import org.apache.axis.client.Call;
-import org.apache.axis.client.Service;
-import org.apache.axis.utils.Options;
-
-import java.io.*;
-import java.security.cert.X509Certificate;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-
-import org.apache.axis.*;
+import org.apache.axis.Constants;
+import org.apache.axis.Message;
+import org.apache.axis.MessageContext;
+import org.apache.axis.client.AxisClient;
import org.apache.axis.configuration.NullProvider;
import org.apache.axis.encoding.DeserializationContextImpl;
+import org.apache.axis.encoding.SerializationContext;
+import org.apache.axis.encoding.SerializationContextImpl;
import org.apache.axis.message.SOAPEnvelope;
-import org.apache.axis.message.SOAPBodyElement;
-import org.apache.axis.message.MessageElement;
import org.apache.axis.message.SOAPHeader;
-import org.apache.axis.client.ServiceClient;
-import org.apache.axis.client.AxisClient;
-import org.apache.axis.transport.http.HTTPTransport ;
-import org.apache.axis.utils.*;
-import org.apache.xml.security.signature.XMLSignature;
+import org.apache.axis.utils.JavaUtils;
+import org.apache.axis.utils.Mapping;
+import org.apache.axis.utils.XMLUtils;
import org.apache.xml.security.c14n.Canonicalizer;
-import org.w3c.dom.Element;
+import org.apache.xml.security.signature.XMLSignature;
import org.w3c.dom.Document;
+import org.w3c.dom.Element;
import org.xml.sax.InputSource;
-public class SignedSOAPEnvelope extends SOAPEnvelope
-{
+import java.io.FileInputStream;
+import java.io.Reader;
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+
+public class SignedSOAPEnvelope extends SOAPEnvelope {
static String SOAPSECNS = "http://schemas.xmlsoap.org/soap/security/2000-12";;
static String SOAPSECprefix = "SOAP-SEC";
@@ -92,30 +92,32 @@
static String privateKeyAlias = "test";
static String privateKeyPass = "xmlsecurity";
static String certificateAlias = "test";
+ private MessageContext msgContext;
static {
org.apache.xml.security.Init.init();
}
- public SignedSOAPEnvelope (SOAPEnvelope env, String baseURI, String
keystoreFile) {
+ public SignedSOAPEnvelope(MessageContext msgContext, SOAPEnvelope env, String
baseURI, String keystoreFile) {
+ this.msgContext = msgContext;
init(env, baseURI, keystoreFile);
}
- public SignedSOAPEnvelope (SOAPEnvelope env, String baseURI) {
- init(env, baseURI, keystoreFile);
+ public SignedSOAPEnvelope(SOAPEnvelope env, String baseURI) {
+ init(env, baseURI, keystoreFile);
}
- private void init (SOAPEnvelope env, String baseURI, String keystoreFile) {
+ private void init(SOAPEnvelope env, String baseURI, String keystoreFile) {
try {
-System.out.println("Beginning Client signing...");
- env.addMapping(new Mapping(SOAPSECNS,SOAPSECprefix));
- env.addAttribute(Constants.URI_SOAP_ENV,"actor","some-uri");
- env.addAttribute(Constants.URI_SOAP_ENV,"mustUnderstand","1");
+ System.out.println("Beginning Client signing...");
+ env.addMapping(new Mapping(SOAPSECNS, SOAPSECprefix));
+ env.addAttribute(Constants.URI_SOAP_ENV, "actor", "some-uri");
+ env.addAttribute(Constants.URI_SOAP_ENV, "mustUnderstand", "1");
- SOAPHeader header = new
SOAPHeader(XMLUtils.StringToElement(SOAPSECNS,"Signature", ""));
+ SOAPHeader header = new SOAPHeader(XMLUtils.StringToElement(SOAPSECNS,
"Signature", ""));
env.addHeader(header);
- Document doc = env.getAsDocument();
+ Document doc = getSOAPEnvelopeAsDocument(env, msgContext);
KeyStore ks = KeyStore.getInstance(keystoreType);
FileInputStream fis = new FileInputStream(keystoreFile);
@@ -123,20 +125,20 @@
ks.load(fis, keystorePass.toCharArray());
PrivateKey privateKey = (PrivateKey) ks.getKey(privateKeyAlias,
- privateKeyPass.toCharArray());
+ privateKeyPass.toCharArray());
- Element soapHeaderElement =
(Element)((Element)doc.getFirstChild()).getElementsByTagNameNS("*","Header").item(0);
- Element soapSignatureElement =
(Element)soapHeaderElement.getElementsByTagNameNS("*","Signature").item(0);
+ Element soapHeaderElement = (Element) ((Element)
doc.getFirstChild()).getElementsByTagNameNS("*", "Header").item(0);
+ Element soapSignatureElement = (Element)
soapHeaderElement.getElementsByTagNameNS("*", "Signature").item(0);
XMLSignature sig = new XMLSignature(doc, baseURI,
- XMLSignature.ALGO_ID_SIGNATURE_DSA);
+ XMLSignature.ALGO_ID_SIGNATURE_DSA);
soapSignatureElement.appendChild(sig.getElement());
sig.addDocument("#Body");
X509Certificate cert =
- (X509Certificate) ks.getCertificate(certificateAlias);
+ (X509Certificate) ks.getCertificate(certificateAlias);
sig.addKeyInfo(cert);
@@ -147,19 +149,34 @@
byte[] canonicalMessage = c14n.canonicalizeDocument(doc);
InputSource is = new InputSource(new
java.io.ByteArrayInputStream(canonicalMessage));
- DeserializationContextImpl dser = null ;
- AxisClient tmpEngine = new AxisClient(new NullProvider());
- MessageContext msgContext = new MessageContext(tmpEngine);
+ DeserializationContextImpl dser = null;
+ if (msgContext == null) {
+ AxisClient tmpEngine = new AxisClient(new NullProvider());
+ msgContext = new MessageContext(tmpEngine);
+ }
dser = new DeserializationContextImpl(is, msgContext,
- Message.REQUEST, this );
+ Message.REQUEST, this);
dser.parse();
-System.out.println("Client signing complete.");
- }
- catch( Exception e ) {
+ System.out.println("Client signing complete.");
+ } catch (Exception e) {
e.printStackTrace();
- throw new RuntimeException( e.toString() );
+ throw new RuntimeException(e.toString());
}
}
+ private Document getSOAPEnvelopeAsDocument(SOAPEnvelope env, MessageContext
msgContext)
+ throws Exception {
+ StringWriter writer = new StringWriter();
+ SerializationContext serializeContext = new
SerializationContextImpl(writer, msgContext);
+ env.output(serializeContext);
+ writer.close();
+
+ Reader reader = new StringReader(writer.getBuffer().toString());
+ Document doc = XMLUtils.newDocument(new InputSource(reader));
+ if (doc == null)
+ throw new Exception(
+ JavaUtils.getMessage("noDoc00", writer.getBuffer().toString()));
+ return doc;
+ }
}
