resource...

ruchithf Tue, 03 Jul 2007 23:46:44 -0700

Author: ruchithf
Date: Tue Jul  3 23:46:22 2007
New Revision: 553099

URL: http://svn.apache.org/viewvc?view=rev&rev=553099
Log:
Set properties to be shared with both flows in a parent context of the message 
context
Handle soap actor properly
Added scenario 12 policy for RampartTest
Make sure we don't cache policy



Added:
    
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
    
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml
Modified:
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
    
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
    
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?view=diff&rev=553099&r1=553098&r2=553099
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
 Tue Jul  3 23:46:22 2007
@@ -17,16 +17,23 @@
 package org.apache.rampart;
 
 import org.apache.axiom.soap.SOAPEnvelope;
+import org.apache.axiom.soap.SOAPHeader;
+import org.apache.axiom.soap.SOAPHeaderBlock;
 import org.apache.axis2.AxisFault;
 import org.apache.axis2.context.MessageContext;
 import org.apache.rampart.policy.RampartPolicyData;
 import org.apache.rampart.util.Axis2Util;
 import org.apache.rampart.util.RampartUtil;
 import org.apache.ws.secpolicy.WSSPolicyException;
+import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSSecurityEngine;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.util.WSSecurityUtil;
 
+import javax.xml.namespace.QName;
+
+import java.util.ArrayList;
+import java.util.Iterator;
 import java.util.Vector;
 
 public class RampartEngine {
@@ -58,18 +65,33 @@
         
         ValidatorData data = new ValidatorData(rmd);
         
+        ArrayList headerBlocks = rmd.getMsgContext().getEnvelope()
+                .getHeader().getHeaderBlocksWithNSURI(WSConstants.WSSE_NS);
+        Iterator headerBlocksIterator = headerBlocks.iterator();
+        SOAPHeaderBlock secHeader = null;
+        while (headerBlocksIterator.hasNext()) {
+            SOAPHeaderBlock elem = (SOAPHeaderBlock) 
headerBlocksIterator.next();
+            if(elem.getLocalName().equals(WSConstants.WSSE_LN)) {
+                secHeader = elem;
+                break;
+            }
+        }
+        
+        String actorValue = secHeader.getAttributeValue(new QName(rmd
+                .getSoapConstants().getEnvelopeURI(), "actor"));
+
         if(rpd.isSymmetricBinding()) {
             //Here we have to create the CB handler to get the tokens from the 
             //token storage
             
             results = engine.processSecurityHeader(rmd.getDocument(), 
-                                null, 
+                                actorValue, 
                                 new 
TokenCallbackHandler(rmd.getTokenStorage(), RampartUtil.getPasswordCB(rmd)),
                                 
RampartUtil.getSignatureCrypto(rpd.getRampartConfig(), 
                                         
msgCtx.getAxisService().getClassLoader()));
         } else {
             results = engine.processSecurityHeader(rmd.getDocument(),
-                      null, 
+                      actorValue, 
                       new TokenCallbackHandler(rmd.getTokenStorage(), 
RampartUtil.getPasswordCB(rmd)),
                       RampartUtil.getSignatureCrypto(rpd.getRampartConfig(), 
                               msgCtx.getAxisService().getClassLoader()), 

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java?view=diff&rev=553099&r1=553098&r2=553099
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
 Tue Jul  3 23:46:22 2007
@@ -177,7 +177,6 @@
                 this.servicePolicy = 
(Policy)msgCtx.getProperty(KEY_RAMPART_POLICY);
             }
             
-            
             /*
              * Init policy:
              * When creating the RampartMessageData instance we 
@@ -195,12 +194,8 @@
                     OMElement policyElem = 
param.getParameterElement().getFirstElement();
                     this.servicePolicy = PolicyEngine.getPolicy(policyElem);
                 }
-
             }
             
-            if(this.isInitiator && this.servicePolicy != null) {
-                
msgCtx.getServiceContext().setProperty(RampartMessageData.KEY_RAMPART_POLICY, 
this.servicePolicy);
-            }
             
             if(this.servicePolicy != null){
                 List it = (List)this.servicePolicy.getAlternatives().next();

Modified: 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?view=diff&rev=553099&r1=553098&r2=553099
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
 Tue Jul  3 23:46:22 2007
@@ -101,7 +101,7 @@
                 System.out.println("Testing WS-SecConv: custom scenario " + i);
                 options.setAction("urn:echo");
                 options.setTo(new EndpointReference("http://127.0.0.1:"; + PORT 
+ "/axis2/services/SecureServiceSC" + i));
-                options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, 
loadPolicy("/rampart/policy/sc-" + i + ".xml"));
+                
serviceClient.getServiceContext().setProperty(RampartMessageData.KEY_RAMPART_POLICY,
 loadPolicy("/rampart/policy/sc-" + i + ".xml"));
                 serviceClient.setOptions(options);
 
                 //Blocking invocation

Added: 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml?view=auto&rev=553099
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
 (added)
+++ 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
 Tue Jul  3 23:46:22 2007
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ !      http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+ 
+<wsp:Policy wsu:Id="SigEncrUT" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+       <wsp:ExactlyOne>
+               <wsp:All>
+                       <sp:AsymmetricBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <wsp:Policy>
+                                       <sp:InitiatorToken>
+                                               <wsp:Policy>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+                                                               <wsp:Policy>
+                                                                       
<sp:WssX509V3Token10/>
+                                                               </wsp:Policy>
+                                                       </sp:X509Token>
+                                               </wsp:Policy>
+                                       </sp:InitiatorToken>
+                                       <sp:RecipientToken>
+                                               <wsp:Policy>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+                                                               <wsp:Policy>
+                                                                       
<sp:WssX509V3Token10/>
+                                                               </wsp:Policy>
+                                                       </sp:X509Token>
+                                               </wsp:Policy>
+                                       </sp:RecipientToken>
+                                       <sp:AlgorithmSuite>
+                                               <wsp:Policy>
+                                                       <sp:TripleDesRsa15/>
+                                               </wsp:Policy>
+                                       </sp:AlgorithmSuite>
+                                       <sp:Layout>
+                                               <wsp:Policy>
+                                                       <sp:Strict/>
+                                               </wsp:Policy>
+                                       </sp:Layout>
+                                       <sp:IncludeTimestamp/>
+                                       <sp:OnlySignEntireHeadersAndBody/>
+                               </wsp:Policy>
+                       </sp:AsymmetricBinding>
+                       <sp:SignedSupportingTokens 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <wsp:Policy>
+                                       <sp:UsernameToken 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
 />
+                         </wsp:Policy>
+                       </sp:SignedSupportingTokens>
+                       <sp:Wss10 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <wsp:Policy>
+                                       <sp:MustSupportRefKeyIdentifier/>
+                                       <sp:MustSupportRefIssuerSerial/>
+                               </wsp:Policy>
+                       </sp:Wss10>
+                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:SignedParts>
+                       <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:EncryptedParts>
+                       <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";> 
+                               <ramp:user>alice</ramp:user>
+                               <ramp:encryptionUser>bob</ramp:encryptionUser>
+                               
<ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+                               
+                               <ramp:signatureCrypto>
+                                       <ramp:crypto 
provider="org.apache.ws.security.components.crypto.Merlin">
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+                                       </ramp:crypto>
+                               </ramp:signatureCrypto>
+                               <ramp:encryptionCypto>
+                                       <ramp:crypto 
provider="org.apache.ws.security.components.crypto.Merlin">
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+                                       </ramp:crypto>
+                               </ramp:encryptionCypto>
+                       </ramp:RampartConfig>
+
+               </wsp:All>
+       </wsp:ExactlyOne>
+</wsp:Policy>

Added: 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml?view=auto&rev=553099
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml
 (added)
+++ 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml
 Tue Jul  3 23:46:22 2007
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ !      http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+<service name="SecureService12">
+               <!--No timestamp test-->
+       <module ref="addressing"/>
+       <module ref="rampart"/>
+
+       <parameter locked="false" 
name="ServiceClass">org.apache.rampart.Service</parameter>
+
+       <operation name="echo">
+               <messageReceiver 
class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+               <actionMapping>urn:echo</actionMapping>
+       </operation>
+       
+<wsp:Policy wsu:Id="SigEncrUT" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+       <wsp:ExactlyOne>
+               <wsp:All>
+                       <sp:AsymmetricBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <wsp:Policy>
+                                       <sp:InitiatorToken>
+                                               <wsp:Policy>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+                                                               <wsp:Policy>
+                                                                       
<sp:WssX509V3Token10/>
+                                                               </wsp:Policy>
+                                                       </sp:X509Token>
+                                               </wsp:Policy>
+                                       </sp:InitiatorToken>
+                                       <sp:RecipientToken>
+                                               <wsp:Policy>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+                                                               <wsp:Policy>
+                                                                       
<sp:WssX509V3Token10/>
+                                                               </wsp:Policy>
+                                                       </sp:X509Token>
+                                               </wsp:Policy>
+                                       </sp:RecipientToken>
+                                       <sp:AlgorithmSuite>
+                                               <wsp:Policy>
+                                                       <sp:TripleDesRsa15/>
+                                               </wsp:Policy>
+                                       </sp:AlgorithmSuite>
+                                       <sp:Layout>
+                                               <wsp:Policy>
+                                                       <sp:Strict/>
+                                               </wsp:Policy>
+                                       </sp:Layout>
+                                       <sp:IncludeTimestamp/>
+                                       <sp:OnlySignEntireHeadersAndBody/>
+                               </wsp:Policy>
+                       </sp:AsymmetricBinding>
+                       <sp:SignedSupportingTokens 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <wsp:Policy>
+                                       <sp:UsernameToken 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
 />
+                         </wsp:Policy>
+                       </sp:SignedSupportingTokens>
+                       <sp:Wss10 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <wsp:Policy>
+                                       <sp:MustSupportRefKeyIdentifier/>
+                                       <sp:MustSupportRefIssuerSerial/>
+                               </wsp:Policy>
+                       </sp:Wss10>
+                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:SignedParts>
+                       <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:EncryptedParts>
+                       <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";> 
+                               <ramp:user>bob</ramp:user>
+                               <ramp:encryptionUser>alice</ramp:encryptionUser>
+                               
<ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+                               
+                               <ramp:signatureCrypto>
+                                       <ramp:crypto 
provider="org.apache.ws.security.components.crypto.Merlin">
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+                                       </ramp:crypto>
+                               </ramp:signatureCrypto>
+                               <ramp:encryptionCypto>
+                                       <ramp:crypto 
provider="org.apache.ws.security.components.crypto.Merlin">
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+                                               <ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+                                       </ramp:crypto>
+                               </ramp:encryptionCypto>
+                       </ramp:RampartConfig>
+
+               </wsp:All>
+       </wsp:ExactlyOne>
+</wsp:Policy>
+
+</service>
\ No newline at end of file

Modified: 
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java?view=diff&rev=553099&r1=553098&r2=553099
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
 Tue Jul  3 23:46:22 2007
@@ -118,7 +118,7 @@
             
             ServiceClient client = getServiceClient(rstQn, issuerAddress);
             
-            client.getOptions().setProperty(RAMPART_POLICY, issuerPolicy);
+            client.getServiceContext().setProperty(RAMPART_POLICY, 
issuerPolicy);
             client.getOptions().setSoapVersionURI(this.soapVersion); 
 
             //Process the STS and service policy policy

svn commit: r553099 - in /webservices/rampart/trunk/java/modules: rampart-core/src/main/java/org/apache/rampart/ rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/ rampart-integration/src/test/resource...

Reply via email to