Author: dkulp
Date: Fri Apr 6 20:36:32 2012
New Revision: 1310574
URL: http://svn.apache.org/viewvc?rev=1310574&view=rev
Log:
Move all the configuration/jsse stuff into API to resolve the split
package issue.
Added:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
(contents, props changed)
- copied, changed from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
(contents, props changed)
- copied, changed from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
(contents, props changed)
- copied, changed from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
(contents, props changed)
- copied, changed from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
Removed:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
Modified:
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
Copied:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
(from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java)
URL:
http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java?p2=cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java&r1=1310446&r2=1310574&rev=1310574&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
(original)
+++ cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
Fri Apr 6 20:36:32 2012
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.cxf.transport.https;
+package org.apache.cxf.configuration.jsse;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
@@ -28,7 +28,6 @@ import java.lang.reflect.Method;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
-import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@@ -44,13 +43,10 @@ import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
-import javax.servlet.http.HttpServletRequest;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.SystemPropertyAction;
import org.apache.cxf.configuration.security.FiltersType;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.security.transport.TLSSessionInfo;
/**
@@ -65,8 +61,6 @@ public final class SSLUtils {
private static final String DEFAULT_TRUST_STORE_TYPE = "JKS";
private static final String DEFAULT_SECURE_SOCKET_PROTOCOL = "TLSv1";
private static final String CERTIFICATE_FACTORY_TYPE = "X.509";
- private static final String SSL_CIPHER_SUITE_ATTRIBUTE =
"javax.servlet.request.cipher_suite";
- private static final String SSL_PEER_CERT_CHAIN_ATTRIBUTE =
"javax.servlet.request.X509Certificate";
private static final boolean DEFAULT_REQUIRE_CLIENT_AUTHENTICATION = false;
private static final boolean DEFAULT_WANT_CLIENT_AUTHENTICATION = true;
@@ -573,26 +567,7 @@ public final class SSLUtils {
return wantClientAuthentication;
}
- /**
- * Propogate in the message a TLSSessionInfo instance representative
- * of the TLS-specific information in the HTTP request.
- *
- * @param req the Jetty request
- * @param message the Message
- */
- public static void propogateSecureSession(HttpServletRequest request,
- Message message) {
- final String cipherSuite =
- (String) request.getAttribute(SSL_CIPHER_SUITE_ATTRIBUTE);
- if (cipherSuite != null) {
- final Certificate[] certs =
- (Certificate[])
request.getAttribute(SSL_PEER_CERT_CHAIN_ATTRIBUTE);
- message.put(TLSSessionInfo.class,
- new TLSSessionInfo(cipherSuite,
- null,
- certs));
- }
- }
+
public static void logUnSupportedPolicies(Object policy,
boolean client,
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Copied:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
(from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java)
URL:
http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java?p2=cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java&r1=1310446&r2=1310574&rev=1310574&view=diff
==============================================================================
(empty)
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Copied:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
(from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java)
URL:
http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java?p2=cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java&r1=1310446&r2=1310574&rev=1310574&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
(original)
+++
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
Fri Apr 6 20:36:32 2012
@@ -46,7 +46,6 @@ import org.apache.cxf.configuration.secu
import org.apache.cxf.configuration.security.KeyStoreType;
import org.apache.cxf.configuration.security.SecureRandomParameters;
import org.apache.cxf.configuration.security.TrustManagersType;
-import org.apache.cxf.transport.https.SSLUtils;
/**
* This class provides some functionality to convert the JAXB
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Copied:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
(from r1310446,
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java)
URL:
http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java?p2=cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java&r1=1310446&r2=1310574&rev=1310574&view=diff
==============================================================================
(empty)
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java?rev=1310574&r1=1310573&r2=1310574&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
(original)
+++
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
Fri Apr 6 20:36:32 2012
@@ -30,10 +30,10 @@ import javax.net.ssl.X509KeyManager;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.ReflectionInvokationHandler;
+import org.apache.cxf.configuration.jsse.SSLUtils;
import org.apache.cxf.configuration.security.ClientAuthentication;
import org.apache.cxf.configuration.security.FiltersType;
import org.apache.cxf.transport.https.AliasedX509ExtendedKeyManager;
-import org.apache.cxf.transport.https.SSLUtils;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
/**
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=1310574&r1=1310573&r2=1310574&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
(original)
+++
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Fri Apr 6 20:36:32 2012
@@ -62,6 +62,7 @@ import org.apache.cxf.message.MessageImp
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.policy.PolicyDataEngine;
import org.apache.cxf.security.SecurityContext;
+import org.apache.cxf.security.transport.TLSSessionInfo;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.transport.AbstractDestination;
import org.apache.cxf.transport.AbstractMultiplexDestination;
@@ -70,7 +71,6 @@ import org.apache.cxf.transport.Conduit;
import org.apache.cxf.transport.http.policy.impl.ServerPolicyCalculator;
import org.apache.cxf.transport.https.CertConstraints;
import org.apache.cxf.transport.https.CertConstraintsInterceptor;
-import org.apache.cxf.transport.https.SSLUtils;
import org.apache.cxf.transports.http.configuration.HTTPServerPolicy;
import org.apache.cxf.ws.addressing.EndpointReferenceType;
import org.apache.cxf.wsdl.EndpointReferenceUtils;
@@ -88,7 +88,7 @@ public abstract class AbstractHTTPDestin
public static final String HTTP_CONTEXT = "HTTP.CONTEXT";
public static final String HTTP_CONFIG = "HTTP.CONFIG";
public static final String HTTP_CONTEXT_MATCH_STRATEGY =
"HTTP_CONTEXT_MATCH_STRATEGY";
-
+
public static final String RESPONSE_HEADERS_COPIED = "http.headers.copied";
public static final String RESPONSE_COMMITED = "http.response.done";
public static final String REQUEST_REDIRECTED = "http.request.redirected";
@@ -97,7 +97,10 @@ public abstract class AbstractHTTPDestin
public static final String SERVICE_REDIRECTION =
"http.service.redirection";
private static final String HTTP_BASE_PATH = "http.base.path";
-
+
+ private static final String SSL_CIPHER_SUITE_ATTRIBUTE =
"javax.servlet.request.cipher_suite";
+ private static final String SSL_PEER_CERT_CHAIN_ATTRIBUTE =
"javax.servlet.request.X509Certificate";
+
private static final Logger LOG =
LogUtils.getL7dLogger(AbstractHTTPDestination.class);
protected final Bus bus;
@@ -315,14 +318,33 @@ public abstract class AbstractHTTPDestin
AuthorizationPolicy authPolicy =
getAuthorizationPolicyFromMessage(credentials);
inMessage.put(AuthorizationPolicy.class, authPolicy);
- SSLUtils.propogateSecureSession(req, inMessage);
+ propogateSecureSession(req, inMessage);
inMessage.put(CertConstraints.class.getName(), certConstraints);
inMessage.put(Message.IN_INTERCEPTORS,
Arrays.asList(new Interceptor[]
{CertConstraintsInterceptor.INSTANCE}));
}
-
+ /**
+ * Propogate in the message a TLSSessionInfo instance representative
+ * of the TLS-specific information in the HTTP request.
+ *
+ * @param req the Jetty request
+ * @param message the Message
+ */
+ private static void propogateSecureSession(HttpServletRequest request,
+ Message message) {
+ final String cipherSuite =
+ (String) request.getAttribute(SSL_CIPHER_SUITE_ATTRIBUTE);
+ if (cipherSuite != null) {
+ final java.security.cert.Certificate[] certs =
+ (java.security.cert.Certificate[])
request.getAttribute(SSL_PEER_CERT_CHAIN_ATTRIBUTE);
+ message.put(TLSSessionInfo.class,
+ new TLSSessionInfo(cipherSuite,
+ null,
+ certs));
+ }
+ }
private String setEncoding(final Message inMessage,
final HttpServletRequest req,
final String contentType) throws IOException {
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java?rev=1310574&r1=1310573&r2=1310574&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
(original)
+++
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
Fri Apr 6 20:36:32 2012
@@ -39,6 +39,7 @@ import javax.net.ssl.X509KeyManager;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.ReflectionInvokationHandler;
+import org.apache.cxf.configuration.jsse.SSLUtils;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
