On Wed, May 18, 2011 at 6:37 AM, Prabath Siriwardena <[email protected]>wrote:
> Would it be an issue to get a dependency on wso2 commons ? I guess no... > First Asela could you please explain how this resolver resolve functionality works? First we need to make sure there is no any carbon specific things there. I think this code has derived from Apache Synapse. Then some one might ask the question why this code has not gone as an apache commons project. thanks, Amila. > > Thanks & regards, > -Prabath > > On Wed, May 18, 2011 at 2:04 AM, Afkham Azeez <[email protected]> wrote: > > This is causing a build break it seems. Also, how are you planning to > > getting this fix into the Apache trunk? > > > > On Tue, May 17, 2011 at 11:54 AM, <[email protected]> wrote: > >> > >> Author: asela > >> Date: Mon May 16 23:24:49 2011 > >> New Revision: 94446 > >> URL: http://wso2.org/svn/browse/wso2?view=rev&revision=94446 > >> > >> Log: > >> Appling secure vault patch for Axis2 - AXIS2-4725 and Adding method to > >> resolve password of NIO SSL and Mail transport. But Please note > >> implementation must be in the underline transport code in all defined > >> transports, actually not in Axis2. It is Ta ODO item for next release by > >> keeping secure vault as WS-commoms or WSO2-commons project. In 3.2.0, > we > >> are condsider only on email and NIO-SSL > >> > >> Modified: > >> branches/carbon/3.2.0/dependencies/axis2/modules/kernel/pom.xml > >> > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/deployment/AxisConfigBuilder.java > >> > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/engine/AxisConfiguration.java > >> > >> Modified: > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/pom.xml > >> URL: > >> > http://wso2.org/svn/browse/wso2/branches/carbon/3.2.0/dependencies/axis2/modules/kernel/pom.xml?rev=94446&r1=94445&r2=94446&view=diff > >> > >> > ============================================================================== > >> --- branches/carbon/3.2.0/dependencies/axis2/modules/kernel/pom.xml > >> (original) > >> +++ branches/carbon/3.2.0/dependencies/axis2/modules/kernel/pom.xml > >> Mon May 16 23:24:49 2011 > >> @@ -96,6 +96,11 @@ > >> <artifactId>commons-io</artifactId> > >> <scope>test</scope> > >> </dependency> > >> + <dependency> > >> + <groupId>org.wso2.securevault</groupId> > >> + <artifactId>org.wso2.securevault</artifactId> > >> + <version>1.0.0-SNAPSHOT</version> > >> + </dependency> > >> </dependencies> > >> <scm> > >> > >> <connection>scm:svn: > http://svn.apache.org/repos/asf/axis/axis2/java/core/branches/1_6/modules/kernel > </connection> > >> > >> Modified: > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/deployment/AxisConfigBuilder.java > >> URL: > >> > http://wso2.org/svn/browse/wso2/branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/deployment/AxisConfigBuilder.java?rev=94446&r1=94445&r2=94446&view=diff > >> > >> > ============================================================================== > >> --- > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/deployment/AxisConfigBuilder.java > >> (original) > >> +++ > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/deployment/AxisConfigBuilder.java > >> Mon May 16 23:24:49 2011 > >> @@ -53,6 +53,8 @@ > >> import org.apache.axis2.util.ThreadContextMigratorUtil; > >> import org.apache.commons.logging.Log; > >> import org.apache.commons.logging.LogFactory; > >> +import org.wso2.securevault.SecretResolver; > >> +import org.wso2.securevault.SecretResolverFactory; > >> > >> import javax.xml.namespace.QName; > >> import javax.xml.stream.XMLStreamException; > >> @@ -87,7 +89,7 @@ > >> public void populateConfig() throws DeploymentException { > >> try { > >> OMElement config_element = buildOM(); > >> - > >> + > >> > axisConfig.setSecretResolver(SecretResolverFactory.create(config_element, > >> false)); > >> if (!TAG_AXISCONFIG.equals(config_element.getLocalName())) { > >> throw new > >> DeploymentException(Messages.getMessage("badelementfound", > TAG_AXISCONFIG, > >> > >> config_element.getLocalName())); > >> @@ -644,6 +646,7 @@ > >> try { > >> Iterator itr = transport.getChildrenWithName(new > >> QName(TAG_PARAMETER)); > >> processParameters(itr, transportIN, axisConfig); > >> + resolveTransportPasswords(transportIN); > >> // adding to axis2 config > >> axisConfig.addTransportIn(transportIN); > >> transportReceivers.add(transportIN); > >> @@ -692,6 +695,7 @@ > >> Iterator itr = transport.getChildrenWithName(new > >> QName(TAG_PARAMETER)); > >> > >> processParameters(itr, transportout, axisConfig); > >> + resolveTransportPasswords(transportout); > >> // adding to axis2 config > >> axisConfig.addTransportOut(transportout); > >> } catch (NoClassDefFoundError e) { > >> @@ -785,4 +789,69 @@ > >> Class phaseClass = > >> Loader.loadClass(axisConfig.getSystemClassLoader(), className); > >> return (Phase) phaseClass.newInstance(); > >> } > >> + > >> + /** > >> + * This is to resolve secured passwords of the transport sender and > >> listeners. > >> + * But this implementation must be in the underline transport code. > >> TODO > >> + * This method is just to resolve the Email sender and NIO SSL > >> transport passwords. > >> + * @param transport Implementations of ParameterInclude > >> + */ > >> + private void resolveTransportPasswords(ParameterInclude transport) > { > >> + > >> + SecretResolver secretResolver = axisConfig.getSecretResolver(); > >> + if(secretResolver.isInitialized()){ > >> + String keyStorePassToken = null; > >> + String keyStoreKeyPassToken = null; > >> + String trustStorePassToken = null; > >> + String emailSenderPassword = null; > >> + if (transport instanceof TransportOutDescription){ > >> + keyStorePassToken = > >> "Axis2.Https.Sender.KeyStore.Password"; > >> + keyStoreKeyPassToken = > >> "Axis2.Https.Sender.KeyStore.KeyPassword"; > >> + trustStorePassToken = > >> "Axis2.Https.Sender.TrustStore.Password"; > >> + emailSenderPassword = > "Axis2.Mailto.Parameter.Password"; > >> + } > >> + if (transport instanceof TransportInDescription){ > >> + keyStorePassToken = > >> "Axis2.Https.Listener.KeyStore.Password"; > >> + keyStoreKeyPassToken = > >> "Axis2.Https.Listener.KeyStore.KeyPassword"; > >> + trustStorePassToken = > >> "Axis2.Https.Listener.TrustStore.Password"; > >> + } > >> + > >> + Parameter keyParam = transport.getParameter("keystore"); > >> + Parameter trustParam = > transport.getParameter("truststore"); > >> + Parameter emailPasswordParam = > >> transport.getParameter("mail.smtp.password"); > >> + > >> + if (keyParam != null) { > >> + OMElement ksEle = > >> keyParam.getParameterElement().getFirstElement(); > >> + if(ksEle != null){ > >> + OMElement storePasswordElement = > >> ksEle.getFirstChildWithName(new QName("Password")); > >> + OMElement keyPasswordElement = > >> ksEle.getFirstChildWithName(new QName("KeyPassword")); > >> + > if(secretResolver.isTokenProtected(keyStorePassToken) > >> && storePasswordElement != null){ > >> + String storePassword = > >> secretResolver.resolve(keyStorePassToken); > >> + ksEle.getFirstChildWithName(new > >> QName("Password")).setText(storePassword ); > >> + > >> + } > >> + > >> if(secretResolver.isTokenProtected(keyStoreKeyPassToken) && > >> keyPasswordElement != null){ > >> + String keyPassword = > >> secretResolver.resolve(keyStoreKeyPassToken); > >> + ksEle.getFirstChildWithName(new > >> QName("KeyPassword")).setText(keyPassword); > >> + } > >> + } > >> + } > >> + > >> + if (trustParam != null) { > >> + OMElement tsEle = > >> trustParam.getParameterElement().getFirstElement(); > >> + if(tsEle != null){ > >> + OMElement storePasswordElement = > >> tsEle.getFirstChildWithName(new QName("Password")); > >> + > >> if(secretResolver.isTokenProtected(trustStorePassToken) && > >> storePasswordElement != null){ > >> + String storePassword = > >> secretResolver.resolve(trustStorePassToken); > >> + tsEle.getFirstChildWithName(new > >> QName("Password")).setText(storePassword ); > >> + } > >> + } > >> + } > >> + > >> + if(secretResolver.isTokenProtected(emailSenderPassword) && > >> emailPasswordParam != null) { > >> + String emailPassword = > >> secretResolver.resolve(emailSenderPassword); > >> + emailPasswordParam.setValue(emailPassword); > >> + } > >> + } > >> + } > >> } > >> > >> Modified: > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/engine/AxisConfiguration.java > >> URL: > >> > http://wso2.org/svn/browse/wso2/branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/engine/AxisConfiguration.java?rev=94446&r1=94445&r2=94446&view=diff > >> > >> > ============================================================================== > >> --- > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/engine/AxisConfiguration.java > >> (original) > >> +++ > >> > branches/carbon/3.2.0/dependencies/axis2/modules/kernel/src/org/apache/axis2/engine/AxisConfiguration.java > >> Mon May 16 23:24:49 2011 > >> @@ -68,6 +68,7 @@ > >> import org.apache.axis2.util.JavaUtils; > >> import org.apache.commons.logging.Log; > >> import org.apache.commons.logging.LogFactory; > >> +import org.wso2.securevault.SecretResolver; > >> > >> /** > >> * Class AxisConfiguration > >> @@ -167,6 +168,12 @@ > >> private TransactionConfiguration transactionConfiguration; > >> > >> /** > >> + * To secure the password in axis2.xml. SecretResolver must be > >> initialized > >> + * When building axis configuration > >> + */ > >> + private SecretResolver secretResolver; > >> + > >> + /** > >> * Constructor AxisConfiguration. > >> */ > >> public AxisConfiguration() { > >> @@ -1545,4 +1552,12 @@ > >> } > >> return childFirstClassLoading; > >> } > >> + > >> + public SecretResolver getSecretResolver() { > >> + return secretResolver; > >> + } > >> + > >> + public void setSecretResolver(SecretResolver secretResolver) { > >> + this.secretResolver = secretResolver; > >> + } > >> } > >> _______________________________________________ > >> Carbon-commits mailing list > >> [email protected] > >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-commits > > > > > > > > -- > > Afkham Azeez > > Director of Architecture; WSO2, Inc.; http://wso2.com > > Member; Apache Software Foundation; http://www.apache.org/ > > > > email: [email protected] cell: +94 77 3320919 > > blog: http://blog.afkham.org > > twitter: http://twitter.com/afkham_azeez > > linked-in: http://lk.linkedin.com/in/afkhamazeez > > > > Lean . Enterprise . Middleware > > > > _______________________________________________ > > Carbon-commits mailing list > > [email protected] > > https://wso2.org/cgi-bin/mailman/listinfo/carbon-commits > > > > > > > > -- > Thanks & Regards, > Prabath > > http://blog.facilelogin.com > http://RampartFAQ.com > _______________________________________________ > Carbon-commits mailing list > [email protected] > https://wso2.org/cgi-bin/mailman/listinfo/carbon-commits >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
