Author: dkulp Date: Tue Mar 17 19:42:30 2009 New Revision: 755365 URL: http://svn.apache.org/viewvc?rev=755365&view=rev Log: Updates to make sure streams close. Cache some properties.
Modified: cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyBuilderImpl.java cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Modified: cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyBuilderImpl.java URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyBuilderImpl.java?rev=755365&r1=755364&r2=755365&view=diff ============================================================================== --- cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyBuilderImpl.java (original) +++ cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyBuilderImpl.java Tue Mar 17 19:42:30 2009 @@ -100,10 +100,11 @@ if (!Constants.ELEM_POLICY_REF.equals(element.getLocalName())) { throw new PolicyException(new Message("NOT_A_POLICYREF_ELEMENT_EXC", BUNDLE)); } - - PolicyReference reference = new PolicyReference(); - reference.setURI(element.getAttribute("URI")); - return reference; + synchronized (element) { + PolicyReference reference = new PolicyReference(); + reference.setURI(element.getAttribute("URI")); + return reference; + } } /** @@ -141,57 +142,59 @@ } private PolicyOperator processOperationElement(Element operationElement, PolicyOperator operator) { - - if (Constants.TYPE_POLICY == operator.getType()) { - Policy policyOperator = (Policy)operator; - QName key; - - NamedNodeMap nnm = operationElement.getAttributes(); - for (int i = 0; i < nnm.getLength(); i++) { - Node n = nnm.item(i); - if (Node.ATTRIBUTE_NODE == n.getNodeType()) { - String namespace = n.getNamespaceURI(); - if (namespace == null) { - key = new QName(n.getLocalName()); - - } else if (n.getPrefix() == null) { - key = new QName(namespace, n.getLocalName()); - - } else { - key = new QName(namespace, n.getLocalName(), n.getPrefix()); + synchronized (operationElement) { + + if (Constants.TYPE_POLICY == operator.getType()) { + Policy policyOperator = (Policy)operator; + QName key; + + NamedNodeMap nnm = operationElement.getAttributes(); + for (int i = 0; i < nnm.getLength(); i++) { + Node n = nnm.item(i); + if (Node.ATTRIBUTE_NODE == n.getNodeType()) { + String namespace = n.getNamespaceURI(); + if (namespace == null) { + key = new QName(n.getLocalName()); + + } else if (n.getPrefix() == null) { + key = new QName(namespace, n.getLocalName()); + + } else { + key = new QName(namespace, n.getLocalName(), n.getPrefix()); + } + policyOperator.addAttribute(key, n.getNodeValue()); } - policyOperator.addAttribute(key, n.getNodeValue()); - } - } - } - - - Element childElement; - for (Node n = operationElement.getFirstChild(); n != null; n = n.getNextSibling()) { - if (Node.ELEMENT_NODE != n.getNodeType()) { - continue; + } } - childElement = (Element)n; - String namespaceURI = childElement.getNamespaceURI(); - String localName = childElement.getLocalName(); - - QName qn = new QName(namespaceURI, localName); - if (PolicyConstants.isPolicyElem(qn)) { - operator.addPolicyComponent(getPolicyOperator(childElement)); - } else if (PolicyConstants.isAll(qn)) { - operator.addPolicyComponent(getAllOperator(childElement)); - } else if (PolicyConstants.isExactlyOne(qn)) { - operator.addPolicyComponent(getExactlyOneOperator(childElement)); - } else if (PolicyConstants.isPolicyRefElem(qn)) { - operator.addPolicyComponent(getPolicyReference(childElement)); - } else if (null != assertionBuilderRegistry) { - PolicyAssertion a = assertionBuilderRegistry.build(childElement); - if (null != a) { - operator.addPolicyComponent(a); + + + Element childElement; + for (Node n = operationElement.getFirstChild(); n != null; n = n.getNextSibling()) { + if (Node.ELEMENT_NODE != n.getNodeType()) { + continue; + } + childElement = (Element)n; + String namespaceURI = childElement.getNamespaceURI(); + String localName = childElement.getLocalName(); + + QName qn = new QName(namespaceURI, localName); + if (PolicyConstants.isPolicyElem(qn)) { + operator.addPolicyComponent(getPolicyOperator(childElement)); + } else if (PolicyConstants.isAll(qn)) { + operator.addPolicyComponent(getAllOperator(childElement)); + } else if (PolicyConstants.isExactlyOne(qn)) { + operator.addPolicyComponent(getExactlyOneOperator(childElement)); + } else if (PolicyConstants.isPolicyRefElem(qn)) { + operator.addPolicyComponent(getPolicyReference(childElement)); + } else if (null != assertionBuilderRegistry) { + PolicyAssertion a = assertionBuilderRegistry.build(childElement); + if (null != a) { + operator.addPolicyComponent(a); + } } } + return operator; } - return operator; } } Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=755365&r1=755364&r2=755365&view=diff ============================================================================== --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java (original) +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java Tue Mar 17 19:42:30 2009 @@ -20,6 +20,7 @@ package org.apache.cxf.ws.security.trust; import java.io.IOException; +import java.io.InputStream; import java.net.URL; import java.security.PublicKey; import java.security.cert.X509Certificate; @@ -794,13 +795,17 @@ } if (url != null) { properties = new Properties(); - properties.load(url.openStream()); + InputStream ins = url.openStream(); + properties.load(ins); + ins.close(); } else { throw new Fault("Could not find properties file " + url, LOG); } } else if (o instanceof URL) { properties = new Properties(); - properties.load(((URL)o).openStream()); + InputStream ins = ((URL)o).openStream(); + properties.load(ins); + ins.close(); } if (properties != null) { Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java?rev=755365&r1=755364&r2=755365&view=diff ============================================================================== --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java (original) +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java Tue Mar 17 19:42:30 2009 @@ -21,10 +21,10 @@ import java.net.URI; import java.util.HashMap; import java.util.HashSet; -import java.util.Hashtable; import java.util.Map; import java.util.Properties; import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; import javax.xml.namespace.QName; @@ -57,7 +57,7 @@ private Set<String> after = new HashSet<String>(); private String phase; private String id; - private Map<String, Crypto> cryptoTable = new Hashtable<String, Crypto>(); + private Map<String, Crypto> cryptoTable = new ConcurrentHashMap<String, Crypto>(); public AbstractWSS4JInterceptor() { super(); @@ -160,13 +160,13 @@ */ String sigPropFile = getString(WSHandlerConstants.SIG_PROP_FILE, reqData.getMsgContext()); + String refId = null; if (sigPropFile != null) { - if (cryptoTable.get(sigPropFile) == null) { + crypto = cryptoTable.get(sigPropFile); + if (crypto == null) { crypto = CryptoFactory.getInstance(sigPropFile, this .getClassLoader(reqData.getMsgContext())); cryptoTable.put(sigPropFile, crypto); - } else { - crypto = cryptoTable.get(sigPropFile); } } else if (getString(WSHandlerConstants.SIG_PROP_REF_ID, reqData .getMsgContext()) != null) { @@ -174,19 +174,16 @@ * If the property file is missing then * look for the Properties object */ - String refId = getString(WSHandlerConstants.SIG_PROP_REF_ID, + refId = getString(WSHandlerConstants.SIG_PROP_REF_ID, reqData.getMsgContext()); if (refId != null) { Object propObj = getProperty(reqData.getMsgContext(), refId); if (propObj instanceof Properties) { - if (cryptoTable.get(refId) == null) { + crypto = cryptoTable.get(refId); + if (crypto == null) { crypto = CryptoFactory.getInstance((Properties)propObj); cryptoTable.put(refId, crypto); - } else { - crypto = cryptoTable.get(refId); } - } else { - return crypto; } } } @@ -198,13 +195,13 @@ Crypto crypto = null; String decPropFile = getString(WSHandlerConstants.DEC_PROP_FILE, reqData.getMsgContext()); + String refId = null; if (decPropFile != null) { - if (cryptoTable.get(decPropFile) == null) { + crypto = cryptoTable.get(decPropFile); + if (crypto == null) { crypto = CryptoFactory.getInstance(decPropFile, this .getClassLoader(reqData.getMsgContext())); cryptoTable.put(decPropFile, crypto); - } else { - crypto = cryptoTable.get(decPropFile); } } else if (getString(WSHandlerConstants.DEC_PROP_REF_ID, reqData .getMsgContext()) != null) { @@ -212,19 +209,16 @@ * If the property file is missing then * look for the Properties object */ - String refId = getString(WSHandlerConstants.DEC_PROP_REF_ID, + refId = getString(WSHandlerConstants.DEC_PROP_REF_ID, reqData.getMsgContext()); if (refId != null) { Object propObj = getProperty(reqData.getMsgContext(), refId); if (propObj instanceof Properties) { - if (cryptoTable.get(refId) == null) { + crypto = cryptoTable.get(refId); + if (crypto == null) { crypto = CryptoFactory.getInstance((Properties)propObj); cryptoTable.put(refId, crypto); - } else { - crypto = cryptoTable.get(refId); } - } else { - return crypto; } } } @@ -240,13 +234,13 @@ */ String encPropFile = getString(WSHandlerConstants.ENC_PROP_FILE, reqData.getMsgContext()); + String refId = null; if (encPropFile != null) { - if (cryptoTable.get(encPropFile) == null) { + crypto = cryptoTable.get(encPropFile); + if (crypto == null) { crypto = CryptoFactory.getInstance(encPropFile, this .getClassLoader(reqData.getMsgContext())); cryptoTable.put(encPropFile, crypto); - } else { - crypto = cryptoTable.get(encPropFile); } } else if (getString(WSHandlerConstants.ENC_PROP_REF_ID, reqData .getMsgContext()) != null) { @@ -254,19 +248,16 @@ * If the property file is missing then * look for the Properties object */ - String refId = getString(WSHandlerConstants.ENC_PROP_REF_ID, + refId = getString(WSHandlerConstants.ENC_PROP_REF_ID, reqData.getMsgContext()); if (refId != null) { Object propObj = getProperty(reqData.getMsgContext(), refId); if (propObj instanceof Properties) { - if (cryptoTable.get(refId) == null) { + crypto = cryptoTable.get(refId); + if (crypto == null) { crypto = CryptoFactory.getInstance((Properties)propObj); cryptoTable.put(refId, crypto); - } else { - crypto = cryptoTable.get(encPropFile); } - } else { - return crypto; } } } else if (reqData.getSigCrypto() == null) { Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=755365&r1=755364&r2=755365&view=diff ============================================================================== --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java (original) +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java Tue Mar 17 19:42:30 2009 @@ -20,12 +20,15 @@ package org.apache.cxf.ws.security.wss4j; import java.io.IOException; +import java.io.InputStream; import java.net.URL; import java.util.Collection; import java.util.HashSet; import java.util.List; +import java.util.Map; import java.util.Properties; import java.util.Vector; +import java.util.concurrent.ConcurrentHashMap; import javax.xml.namespace.QName; import javax.xml.soap.SOAPException; @@ -37,9 +40,11 @@ import org.apache.cxf.Bus; import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.common.classloader.ClassLoaderUtils; +import org.apache.cxf.endpoint.Endpoint; import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.helpers.DOMUtils; import org.apache.cxf.resource.ResourceManager; +import org.apache.cxf.service.model.EndpointInfo; import org.apache.cxf.ws.policy.AssertionInfo; import org.apache.cxf.ws.policy.AssertionInfoMap; import org.apache.cxf.ws.policy.PolicyAssertion; @@ -64,6 +69,7 @@ * */ public class PolicyBasedWSS4JInInterceptor extends WSS4JInInterceptor { + public static final String PROPERTIES_CACHE = "ws-security.properties.cache"; /** * @@ -72,9 +78,24 @@ super(true); } - + protected static Map<Object, Properties> getPropertiesCache(SoapMessage message) { + EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo(); + synchronized (info) { + Map<Object, Properties> o = CastUtils.cast((Map<?, ?>)message + .getContextualProperty(PROPERTIES_CACHE)); + if (o == null) { + o = new ConcurrentHashMap<Object, Properties>(); + info.setProperty(PROPERTIES_CACHE, o); + } + return o; + } + } + private static Properties getProps(Object o, SoapMessage message) { - Properties properties = null; + Properties properties = getPropertiesCache(message).get(o); + if (properties != null) { + return properties; + } if (o instanceof Properties) { properties = (Properties)o; } else if (o instanceof String) { @@ -86,7 +107,9 @@ } if (url != null) { properties = new Properties(); - properties.load(url.openStream()); + InputStream ins = url.openStream(); + properties.load(ins); + ins.close(); } } catch (IOException e) { properties = null; @@ -94,12 +117,16 @@ } else if (o instanceof URL) { properties = new Properties(); try { - properties.load(((URL)o).openStream()); + InputStream ins = ((URL)o).openStream(); + properties.load(ins); + ins.close(); } catch (IOException e) { properties = null; } } - + if (properties != null) { + getPropertiesCache(message).put(o, properties); + } return properties; } Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=755365&r1=755364&r2=755365&view=diff ============================================================================== --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java (original) +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Tue Mar 17 19:42:30 2009 @@ -20,6 +20,7 @@ package org.apache.cxf.ws.security.wss4j.policyhandlers; import java.io.IOException; +import java.io.InputStream; import java.net.URL; import java.security.KeyStoreException; import java.security.cert.X509Certificate; @@ -33,6 +34,7 @@ import java.util.Properties; import java.util.Set; import java.util.Vector; +import java.util.concurrent.ConcurrentHashMap; import java.util.logging.Level; import java.util.logging.Logger; @@ -59,11 +61,13 @@ import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.endpoint.Endpoint; +import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.helpers.DOMUtils; import org.apache.cxf.helpers.MapNamespaceContext; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.message.MessageUtils; import org.apache.cxf.resource.ResourceManager; +import org.apache.cxf.service.model.EndpointInfo; import org.apache.cxf.ws.policy.AssertionInfo; import org.apache.cxf.ws.policy.AssertionInfoMap; import org.apache.cxf.ws.policy.PolicyAssertion; @@ -119,7 +123,9 @@ * */ public abstract class AbstractBindingBuilder { - private static final Logger LOG = LogUtils.getL7dLogger(AbstractBindingBuilder.class); + public static final String CRYPTO_CACHE = "ws-security.crypto.cache"; + private static final Logger LOG = LogUtils.getL7dLogger(AbstractBindingBuilder.class); + protected SPConstants.ProtectionOrder protectionOrder = SPConstants.ProtectionOrder.SignBeforeEncrypting; @@ -308,14 +314,27 @@ return null; } + protected final Map<Object, Crypto> getCryptoCache() { + EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo(); + synchronized (info) { + Map<Object, Crypto> o = CastUtils.cast((Map<?, ?>)message.getContextualProperty(CRYPTO_CACHE)); + if (o == null) { + o = new ConcurrentHashMap<Object, Crypto>(); + info.setProperty(CRYPTO_CACHE, o); + } + return o; + } + } protected final TokenStore getTokenStore() { - TokenStore tokenStore = (TokenStore)message.getContextualProperty(TokenStore.class.getName()); - if (tokenStore == null) { - tokenStore = new MemoryTokenStore(); - message.getExchange().get(Endpoint.class).getEndpointInfo() - .setProperty(TokenStore.class.getName(), tokenStore); + EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo(); + synchronized (info) { + TokenStore tokenStore = (TokenStore)message.getContextualProperty(TokenStore.class.getName()); + if (tokenStore == null) { + tokenStore = new MemoryTokenStore(); + info.setProperty(TokenStore.class.getName(), tokenStore); + } + return tokenStore; } - return tokenStore; } protected WSSecTimestamp createTimestamp() { Collection<AssertionInfo> ais; @@ -879,7 +898,15 @@ } - Object o = message.getContextualProperty(propKey); + Object o = message.getContextualProperty(propKey); + if (o == null) { + return null; + } + + crypto = getCryptoCache().get(o); + if (crypto != null) { + return crypto; + } Properties properties = null; if (o instanceof Properties) { properties = (Properties)o; @@ -891,8 +918,10 @@ url = ClassLoaderUtils.getResource((String)o, this.getClass()); } if (url != null) { + InputStream ins = url.openStream(); properties = new Properties(); - properties.load(url.openStream()); + properties.load(ins); + ins.close(); } else { policyNotAsserted(wrapper, "Could not find properties file " + o); } @@ -902,16 +931,19 @@ } else if (o instanceof URL) { properties = new Properties(); try { - properties.load(((URL)o).openStream()); + InputStream ins = ((URL)o).openStream(); + properties.load(ins); + ins.close(); } catch (IOException e) { policyNotAsserted(wrapper, e); } } if (properties != null) { - return CryptoFactory.getInstance(properties); + crypto = CryptoFactory.getInstance(properties); + getCryptoCache().put(o, crypto); } - return null; + return crypto; } public void setKeyIdentifierType(WSSecBase secBase, TokenWrapper wrapper, Token token) {