Author: keith
Date: Tue Jan 15 08:34:49 2008
New Revision: 12278
Log:
Adding security scenario7 to admin service at initialization
Adding login method to MahupUtils to call the login method of the admin service
in a secured manner
calling this new method to login from signin.jsp
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
trunk/mashup/java/modules/www/signin.jsp
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
==============================================================================
--- trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
(original)
+++ trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
Tue Jan 15 08:34:49 2008
@@ -91,5 +91,10 @@
public static final String MASHUP_USER_ROLE = "mashup_user";
public static final String SELF_REGISTRATION_ENABLED =
"self_registration_enabled";
+
+ public static final String MASHUP_ADMIN_SERVICE =
"wso2mashup-adminService";
+ public static final String MASHUP_ADMIN_SERVICEUT =
"MashupAdminServiceUT";
+ public static final String MASHUP_ADMIN_SERVICEIC = "MashupAdminServiceUT";
+ public static final String USER_LOGGED_IN = "UserLoggedIn";
public static final String INITIAL_SETUP_COMPLETE =
"initial_setup_complete";
}
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
==============================================================================
---
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
(original)
+++
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
Tue Jan 15 08:34:49 2008
@@ -29,6 +29,7 @@
import org.wso2.usermanager.UserManagerException;
import org.wso2.utils.ServerException;
import org.wso2.wsas.ServerInitializer;
+import org.wso2.wsas.admin.service.SecurityScenarioConfigAdmin;
import java.util.ArrayList;
import java.util.HashMap;
@@ -64,7 +65,16 @@
newMap.put("scripts/" + username, arrayList);
deploymentEngine.setDirectoryToExtensionMappingMap(newMap);
}
-
+
+ SecurityScenarioConfigAdmin admin = new
SecurityScenarioConfigAdmin();
+
admin.assignUsersAndRolesAndKeyStores(MashupConstants.MASHUP_ADMIN_SERVICEUT,
null, "scenario7", new String [] {"wso2is.jks"}, "wso2is.jks",
+ new String[] { },
+ new String[] {
MashupConstants.MASHUP_USER_ROLE });
+
+//
admin.assignUsersAndRoles(MashupConstants.MASHUP_ADMIN_SERVICEIC, null,
"scenario2",
+// new String[] { },
+// new String[] {
MashupConstants.MASHUP_USER_ROLE });
+
// Applying a dummy tag so that searching works
// https://wso2.org/jira/browse/REGISTRY-24
SecureRegistry secureRegistry =
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
==============================================================================
--- trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
(original)
+++ trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
Tue Jan 15 08:34:49 2008
@@ -15,14 +15,24 @@
*/
package org.wso2.mashup.utils;
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.AxisFault;
+import org.apache.axis2.addressing.EndpointReference;
+import org.apache.axis2.client.Options;
+import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.transport.http.util.URIEncoderDecoder;
import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.deployment.DeploymentEngine;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.util.XMLChar;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.rampart.RampartMessageData;
+import org.apache.rampart.policy.model.CryptoConfig;
+import org.apache.rampart.policy.model.RampartConfig;
import org.wso2.mashup.MashupConstants;
import org.wso2.mashup.MashupFault;
import org.wso2.usermanager.UserManagerException;
@@ -33,20 +43,12 @@
import org.wso2.wsas.persistence.PersistenceManager;
import org.wso2.wsas.persistence.dataobject.ServiceUserDO;
-import javax.management.InstanceNotFoundException;
-import javax.management.MBeanException;
-import javax.management.MBeanServer;
-import javax.management.MBeanServerFactory;
-import javax.management.MalformedObjectNameException;
-import javax.management.ObjectName;
-import javax.management.ReflectionException;
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileReader;
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
+import javax.management.*;
+import javax.xml.stream.XMLStreamException;
+import java.io.*;
import java.util.ArrayList;
import java.util.Hashtable;
+import java.util.Properties;
public class MashupUtils {
@@ -363,6 +365,72 @@
return serviceUiSource;
}
+ public static void login(String username, String password) throws
MashupFault {
+ try {
+ ServerManager serverManager = ServerManager.getInstance();
+ ConfigurationContext context = serverManager.configContext;
+ ConfigurationContext defaultConfigurationContext =
+
ConfigurationContextFactory.createDefaultConfigurationContext();
+
defaultConfigurationContext.setAxisConfiguration(context.getAxisConfiguration());
+ ServiceClient client = new
ServiceClient(defaultConfigurationContext, null);
+ client.engageModule("rampart");
+ client.engageModule("addressing");
+ Options options = client.getOptions();
+ options.setAction("urn:login");
+ options.setTo(new EndpointReference("http://localhost:"; +
serverManager.getHttpPort() +
+ context.getContextRoot() + context.getServicePath() +
"/MashupAdminServiceUT/login"));
+ options.setUserName(username);
+ options.setPassword(password);
+ client.setOptions(options);
+ String wso2wsasHome = System.getProperty("wso2wsas.home");
+ Policy stsPolicy = loadPolicy(wso2wsasHome + File.separator +
+ "conf" + File.separator + "rampart" + File.separator +
"scenario7-policy.xml");
+
client.getServiceContext().setProperty(RampartMessageData.KEY_RAMPART_POLICY,
stsPolicy);
+ client.sendReceive(null);
+ } catch (AxisFault axisFault) {
+ throw new MashupFault(axisFault);
+ } catch (XMLStreamException e) {
+ throw new MashupFault(e);
+ } catch (Exception e) {
+ throw new MashupFault(e);
+ }
+ }
+
+ private static Policy loadPolicy(String xmlPath) throws XMLStreamException,
+ FileNotFoundException {
+
+ ServerConfiguration serverConfig = ServerConfiguration.getInstance();
+ StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
+ Policy policy = PolicyEngine.getPolicy(builder.getDocumentElement());
+
+ RampartConfig rc = new RampartConfig();
+
+ String alias =
serverConfig.getFirstProperty("Security.KeyStore.KeyAlias");
+ String keystoreLocation =
serverConfig.getFirstProperty("Security.KeyStore.Location");
+ String keystoreType =
serverConfig.getFirstProperty("Security.KeyStore.Type");
+ String keystorePassword =
serverConfig.getFirstProperty("Security.KeyStore.Password");
+ rc.setEncryptionUser(alias);
+
+
+ File keyStoreFile = new File(keystoreLocation);
+
+ CryptoConfig encrCryptoConfig = new CryptoConfig();
+
encrCryptoConfig.setProvider("org.apache.ws.security.components.crypto.Merlin");
+
+ Properties prop2 = new Properties();
+
+ prop2.put("org.apache.ws.security.crypto.merlin.keystore.type",
keystoreType);
+ prop2.put("org.apache.ws.security.crypto.merlin.file",
keyStoreFile.getAbsolutePath());
+ prop2.put("org.apache.ws.security.crypto.merlin.keystore.password",
keystorePassword);
+ encrCryptoConfig.setProp(prop2);
+
+ rc.setEncrCryptoConfig(encrCryptoConfig);
+
+ policy.addAssertion(rc);
+
+ return policy;
+ }
+
public static String isPossibleToCreateService(String servicePath) {
String success = "OK";
Modified:
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
==============================================================================
---
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
(original)
+++
trunk/mashup/java/modules/javascriptdeployer/src/org/wso2/mashup/deployer/JSDeployer.java
Tue Jan 15 08:34:49 2008
@@ -146,7 +146,7 @@
AxisServiceGroup serviceGroup = new AxisServiceGroup(axisConfig);
serviceGroup.setServiceGroupClassLoader(deploymentFileData.getClassLoader());
ArrayList serviceList = processService(deploymentFileData,
serviceGroup,
- configCtx);
+ configCtx);
if (serviceList != null) {
DeploymentEngine.addServiceGroup(serviceGroup, serviceList,
deploymentFileData
.getFile().toURL(), deploymentFileData, axisConfig);
Modified: trunk/mashup/java/modules/www/signin.jsp
==============================================================================
--- trunk/mashup/java/modules/www/signin.jsp (original)
+++ trunk/mashup/java/modules/www/signin.jsp Tue Jan 15 08:34:49 2008
@@ -14,16 +14,13 @@
* limitations under the License.
--%>
<%@ page errorPage="error.jsp" %>
-<%@ page import="com.sun.syndication.feed.synd.SyndContent"
+<%@ page import="com.sun.syndication.feed.synd.*"
%>
-<%@ page import="com.sun.syndication.feed.synd.SyndContentImpl" %>
-<%@ page import="com.sun.syndication.feed.synd.SyndEntry" %>
-<%@ page import="com.sun.syndication.feed.synd.SyndEntryImpl" %>
-<%@ page import="com.sun.syndication.feed.synd.SyndFeed" %>
-<%@ page import="com.sun.syndication.feed.synd.SyndFeedImpl" %>
<%@ page import="com.sun.syndication.io.SyndFeedOutput" %>
<%@ page import="org.apache.axis2.context.ConfigurationContext" %>
<%@ page import="org.wso2.mashup.MashupConstants" %>
+<%@ page import="org.wso2.mashup.MashupFault" %>
+<%@ page import="org.wso2.mashup.utils.MashupUtils" %>
<%@ page import="org.wso2.mashup.utils.QueryResult" %>
<%@ page import="org.wso2.mashup.utils.QueryResults" %>
<%@ page import="org.wso2.mashup.webapp.identity.InfoCardHandler" %>
@@ -33,12 +30,7 @@
<%@ page import="org.wso2.mashup.webapp.userprofile.UserQuery" %>
<%@ page import="org.wso2.mashup.webapp.utils.QueryParamUtils" %>
<%@ page import="org.wso2.mashup.webapp.utils.RegistryUtils" %>
-<%@ page import="org.wso2.registry.Comment" %>
-<%@ page import="org.wso2.registry.Registry" %>
-<%@ page import="org.wso2.registry.RegistryConstants" %>
-<%@ page import="org.wso2.registry.RegistryException" %>
-<%@ page import="org.wso2.registry.Resource" %>
-<%@ page import="org.wso2.registry.Tag" %>
+<%@ page import="org.wso2.registry.*" %>
<%@ page import="org.wso2.registry.jdbc.JDBCRegistry" %>
<%@ page import="org.wso2.registry.secure.SecureRegistry" %>
<%@ page import="org.wso2.usermanager.Realm" %>
@@ -50,11 +42,7 @@
<%@ page import="java.io.FileReader" %>
<%@ page import="java.net.URL" %>
<%@ page import="java.net.URLDecoder" %>
-<%@ page import="java.util.ArrayList" %>
-<%@ page import="java.util.Date" %>
-<%@ page import="java.util.Iterator" %>
-<%@ page import="java.util.List" %>
-<%@ page import="java.util.Map" %>
+<%@ page import="java.util.*" %>
<%
Registry registry = RegistryUtils.getRegistry(request);
// required by header.jsp
@@ -88,8 +76,9 @@
Realm realm = (Realm)
context.getAttribute(RegistryConstants.REGISTRY_REALM);
- SecureRegistry secureRegistry = new
SecureRegistry(nameProvided, passwordProvided,
-
jdbcRegistry, realm);
+ MashupUtils.login(nameProvided, passwordProvided);
+
+ SecureRegistry secureRegistry = new
SecureRegistry(nameProvided, jdbcRegistry, realm);
request.getSession().setAttribute(MashupConstants.USER_REGISTRY,
secureRegistry);
@@ -101,6 +90,8 @@
}
} catch (RegistryException e) {
success = false;
+ } catch (MashupFault e) {
+ success = false;
}
}
}
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
