Author: nandana
Date: Mon Feb 25 22:20:35 2008
New Revision: 631103
URL: http://svn.apache.org/viewvc?rev=631103&view=rev
Log:
Sample demonstrating the usage of WS - Metadata Exchange with WS - Trust
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/README.txt
(with props)
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/mex_policy.xml
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/policy.xml
(with props)
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/services.xml
(with props)
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/Client.java
(with props)
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/MexService.java
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/PWCBHandler.java
(with props)
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/SimpleService.java
(with props)
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/sts_policy.xml
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/README.txt
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/README.txt?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/README.txt
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/README.txt
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,5 @@
+WS-Trust ( With WS Metada Exchange) - RST - Resquest Security Token Service -
Issuing a SAML token - issuing a token
+
+When using this sample with the TCPMon to monitor the soap messages, you have
to use the
+correct URL in the client code before build the sample 05.
+
Propchange:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/README.txt
------------------------------------------------------------------------------
svn:executable = *
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/mex_policy.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/mex_policy.xml?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/mex_policy.xml
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/mex_policy.xml
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,49 @@
+<wsp:Policy wsu:Id="SigOnly"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+
<sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:SignedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/policy.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/policy.xml?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/policy.xml
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/policy.xml
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,110 @@
+<wsp:Policy wsu:Id="SgnOnlyAnonymous"
+
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
+ xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:RequireThumbprintReference/>
+
<sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:IssuedToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+ <Issuer
xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <Address
xmlns="http://www.w3.org/2005/08/addressing";>http://localhost:8080/axis2/services/STS</Address>
+ <Metadata
xmlns="http://www.w3.org/2005/08/addressing";>
+ <mex:Metadata
+
xmlns:mex="http://schemas.xmlsoap.org/ws/2004/09/mex";
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
+ <mex:MetadataSection
Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex";>
+ <mex:MetadataReference>
+ <Address
+
xmlns="http://www.w3.org/2005/08/addressing";>http://localhost:8080/axis2/services/mex</Address>
+ </mex:MetadataReference>
+ </mex:MetadataSection>
+ </mex:Metadata>
+ </Metadata>
+ </Issuer>
+
<sp:RequestSecurityTokenTemplate>
+ <t:TokenType
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType>
+ <t:KeyType
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey</t:KeyType>
+ <t:KeySize
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>256</t:KeySize>
+
</sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+
<sp:RequireInternalReference/>
+ </wsp:Policy>
+ </sp:IssuedToken>
+ <sp:SignedParts>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ <sp:SignedParts>
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>client</ramp:user>
+
<ramp:encryptionUser>service</ramp:encryptionUser>
+ <ramp:stsAlias>sts</ramp:stsAlias>
+
<ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample06.PWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+
+ <ramp:stsCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:stsCrypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
Propchange:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/policy.xml
------------------------------------------------------------------------------
svn:executable = *
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/services.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/services.xml?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/services.xml
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/services.xml
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,253 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+<!-- services.xml of Sample 06 : Trust sample with mex -->
+<serviceGroup>
+<service name="STS">
+ <module ref="rampart" />
+ <module ref="addressing" />
+ <module ref="rahas" />
+ <parameter name="saml-issuer-config">
+ <saml-issuer-config>
+ <issuerName>SAMPLE_STS</issuerName>
+ <issuerKeyAlias>sts</issuerKeyAlias>
+ <issuerKeyPassword>apache</issuerKeyPassword>
+ <cryptoProperties>
+ <crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property
name="org.apache.ws.security.crypto.merlin.file">sts.jks</property>
+ <property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</property>
+ </crypto>
+ </cryptoProperties>
+ <timeToLive>300000</timeToLive>
+ <keySize>256</keySize>
+ <addRequestedAttachedRef />
+ <addRequestedUnattachedRef />
+
+ <!--
+ Key computation mechanism
+ 1 - Use Request Entropy
+ 2 - Provide Entropy
+ 3 - Use Own Key
+ -->
+ <keyComputation>2</keyComputation>
+
+ <!--
+ proofKeyType element is valid only if the keyComputation is set
to 3
+ i.e. Use Own Key
+
+ Valid values are: EncryptedKey & BinarySecret
+ -->
+ <proofKeyType>BinarySecret</proofKeyType>
+ <trusted-services>
+ <!-- <service
alias="sts">http://localhost:8090/axis2/services/sample06/</service> -->
+ <service alias="sts">*</service>
+ </trusted-services>
+ </saml-issuer-config>
+ </parameter>
+
+ <wsp:Policy wsu:Id="SigOnly"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+
<sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:SignedParts>
+
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>sts</ramp:user>
+
<ramp:encryptionUser>client</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample06.PWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">sts.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+
+
+ </ramp:RampartConfig>
+
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+
+</service>
+<service name="sample06">
+ <operation name="echo">
+ <messageReceiver
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
+ </operation>
+ <parameter name="ServiceClass"
locked="false">org.apache.rampart.samples.policy.sample06.SimpleService</parameter>
+
+ <module ref="rampart" />
+ <module ref="addressing" />
+
+ <wsp:Policy wsu:Id="SgnOnlyAnonymous"
+
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
+ xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:RequireThumbprintReference/>
+
<sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:IssuedToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+ <Issuer
xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <Address
xmlns="http://www.w3.org/2005/08/addressing";>http://localhost:8090/axis2/services/STS</Address>
+ <Metadata
xmlns="http://www.w3.org/2005/08/addressing";>
+ <mex:Metadata
+
xmlns:mex="http://schemas.xmlsoap.org/ws/2004/09/mex";
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
+ <mex:MetadataSection
Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex";>
+ <mex:MetadataReference>
+ <Address
+
xmlns="http://www.w3.org/2005/08/addressing";>http://localhost:8080/axis2/services/mex</Address>
+ </mex:MetadataReference>
+ </mex:MetadataSection>
+ </mex:Metadata>
+ </Metadata>
+ </Issuer>
+
<sp:RequestSecurityTokenTemplate>
+ <t:TokenType
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
+ <t:KeyType
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey</t:KeyType>
+ <t:KeySize
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>256</t:KeySize>
+
</sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+
<sp:RequireInternalReference/>
+ </wsp:Policy>
+ </sp:IssuedToken>
+ <sp:SignedParts>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ <sp:SignedParts>
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>service</ramp:user>
+
<ramp:encryptionUser>client</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample06.PWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
+
+</service>
+<service name="mex">
+
+ <operation name="get">
+
<actionMapping>http://schemas.xmlsoap.org/ws/2004/09/mex/GetMetadata/Request</actionMapping>
+ <messageReceiver
class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ </operation>
+ <parameter name="ServiceClass"
locked="false">org.apache.rampart.samples.policy.sample06.MexService</parameter>
+
+ </service>
+
+</serviceGroup>
Propchange:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/services.xml
------------------------------------------------------------------------------
svn:executable = *
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/Client.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/Client.java?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/Client.java
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/Client.java
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.samples.policy.sample06;
+
+import org.apache.axiom.om.OMAbstractFactory;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.axiom.om.OMNamespace;
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axiom.soap.SOAP12Constants;
+import org.apache.axis2.addressing.AddressingConstants;
+import org.apache.axis2.addressing.EndpointReference;
+import org.apache.axis2.client.Options;
+import org.apache.axis2.client.ServiceClient;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.ConfigurationContextFactory;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.Token;
+import org.apache.rahas.TokenStorage;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.TrustUtil;
+import org.apache.rahas.client.STSClient;
+import org.apache.rampart.RampartMessageData;
+import org.apache.ws.secpolicy.SP11Constants;
+import org.apache.ws.secpolicy.SPConstants;
+import org.opensaml.XML;
+
+import javax.xml.namespace.QName;
+
+public class Client {
+
+ public static void main(String[] args) throws Exception {
+
+ if(args.length != 3) {
+ System.out.println("Usage: $java Client
endpoint_address client_repo_path policy_xml_path");
+ }
+
+ ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(args[1],
null);
+
+ ServiceClient client = new ServiceClient(ctx, null);
+
+ Options options = new Options();
+ options.setAction("urn:echo");
+ options.setTo(new EndpointReference(args[0]));
+ options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy(args[2]));
+
options.setSoapVersionURI(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI);
+ client.setOptions(options);
+
+ client.engageModule("addressing");
+ client.engageModule("rampart");
+
+ OMElement response = client.sendReceive(getPayload("Hello
world1"));
+ System.out.println("Response : " + response);
+
+
+ }
+
+ private static Policy loadPolicy(String xmlPath) throws Exception {
+ StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
+ return PolicyEngine.getPolicy(builder.getDocumentElement());
+ }
+
+ private static OMElement getSAMLToken(OMElement resp) {
+ OMElement rst = resp.getFirstChildWithName(new
QName(RahasConstants.WST_NS_05_02,
+
RahasConstants.IssuanceBindingLocalNames.
+
REQUESTED_SECURITY_TOKEN));
+ OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS,
"Assertion"));
+ return elem;
+ }
+
+
+ private static OMElement getPayload(String value) {
+ OMFactory factory = OMAbstractFactory.getOMFactory();
+ OMNamespace ns =
factory.createOMNamespace("http://sample06.policy.samples.rampart.apache.org","ns1";);
+ OMElement elem = factory.createOMElement("echo", ns);
+ OMElement childElem = factory.createOMElement("param0", null);
+ childElem.setText(value);
+ elem.addChild(childElem);
+
+ return elem;
+
+ }
+
+ private static OMElement getRSTTemplate() throws Exception {
+ OMFactory fac = OMAbstractFactory.getOMFactory();
+ OMElement elem =
fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
+ TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
elem).setText(RahasConstants.TOK_TYPE_SAML_10);
+ TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
RahasConstants.KEY_TYPE_SYMM_KEY);
+ TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256);
+ return elem;
+ }
+
+}
Propchange:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/Client.java
------------------------------------------------------------------------------
svn:executable = *
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/MexService.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/MexService.java?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/MexService.java
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/MexService.java
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,52 @@
+package org.apache.rampart.samples.policy.sample06;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.stream.XMLStreamException;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.mex.MexConstants;
+import org.apache.axis2.mex.om.Metadata;
+import org.apache.axis2.mex.om.MetadataSection;
+
+public class MexService {
+
+ public OMElement get(OMElement element) throws AxisFault {
+
+ MetadataSection section = new MetadataSection();
+ section.setDialect(MexConstants.SPEC.DIALECT_TYPE_POLICY);
+ section.setinlineData(getPolicy());
+
+ List lst = new ArrayList();
+ lst.add(section);
+
+ Metadata mdata = new Metadata();
+ mdata.setMetadatSections(lst);
+
+ return mdata.toOM();
+
+ }
+
+
+ private OMElement getPolicy() throws AxisFault {
+
+ try {
+
+ File file = new File("sample06/mex_policy.xml");
+ System.out.println(file.getAbsolutePath());
+ StAXOMBuilder builder = new StAXOMBuilder(new
FileInputStream(file));
+ return builder.getDocumentElement();
+ } catch (FileNotFoundException e) {
+ throw new AxisFault("Error reading the file",e);
+ } catch (XMLStreamException e) {
+ throw new AxisFault("Error parsing the file",e);
+ }
+ }
+
+}
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/PWCBHandler.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/PWCBHandler.java?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/PWCBHandler.java
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/PWCBHandler.java
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.samples.policy.sample06;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import java.io.IOException;
+
+public class PWCBHandler implements CallbackHandler {
+
+ public void handle(Callback[] callbacks) throws IOException,
+ UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
+ String id = pwcb.getIdentifer();
+ if("client".equals(id)) {
+ pwcb.setPassword("apache");
+ } else if("service".equals(id)) {
+ pwcb.setPassword("apache");
+ } else if("sts".equals(id)) {
+ pwcb.setPassword("apache");
+ }
+ }
+ }
+
+}
Propchange:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/PWCBHandler.java
------------------------------------------------------------------------------
svn:executable = *
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/SimpleService.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/SimpleService.java?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/SimpleService.java
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/SimpleService.java
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2003-2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.rampart.samples.policy.sample06;
+
+public class SimpleService {
+
+ public String echo(String arg) {
+ return arg;
+ }
+}
Propchange:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/src/org/apache/rampart/samples/policy/sample06/SimpleService.java
------------------------------------------------------------------------------
svn:executable = *
Added:
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/sts_policy.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/sts_policy.xml?rev=631103&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/sts_policy.xml
(added)
+++
webservices/rampart/trunk/java/modules/rampart-samples/policy/sample06/sts_policy.xml
Mon Feb 25 22:20:35 2008
@@ -0,0 +1,64 @@
+<wsp:Policy wsu:Id="SigOnly"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+
<sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:SignedParts>
+
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>client</ramp:user>
+
<ramp:encryptionUser>service</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample05.PWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
