Author: svkrish
Date: Mon Jan 28 09:31:02 2008
New Revision: 615963
URL: http://svn.apache.org/viewvc?rev=615963&view=rev
Log:
adding a service with support for integrity
Added:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/calculatorKeys.jks
(with props)
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/security.properties
Modified:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/SubtractService.java
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ClientPWCBHandler.java
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ServerPWCBHandler.java
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/Calculator.composite
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/definitions.xml
Modified:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/SubtractService.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/SubtractService.java?rev=615963&r1=615962&r2=615963&view=diff
==============================================================================
---
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/SubtractService.java
(original)
+++
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/SubtractService.java
Mon Jan 28 09:31:02 2008
@@ -18,9 +18,12 @@
*/
package calculator;
+import org.osoa.sca.annotations.Remotable;
+
/**
* The interface for the subtract service
*/
[EMAIL PROTECTED]
public interface SubtractService {
double subtract(double n1, double n2);
Modified:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ClientPWCBHandler.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ClientPWCBHandler.java?rev=615963&r1=615962&r2=615963&view=diff
==============================================================================
---
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ClientPWCBHandler.java
(original)
+++
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ClientPWCBHandler.java
Mon Jan 28 09:31:02 2008
@@ -37,8 +37,21 @@
System.out.println("*** Calling Client UserId/Password Handler
.... ");
WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
System.out.println("User Id = " + pwcb.getIdentifer());
- pwcb.setPassword("CalculatorUserPasswd");
System.out.println("Set Password = " + pwcb.getPassword());
+ System.out.println("Usage = " + pwcb.getUsage());
+ if ( pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN ) {
+ if ( pwcb.getIdentifer().equals("CalculatorUser")){
+ pwcb.setPassword("CalculatorUserPasswd");
+ } else {
+ throw new UnsupportedCallbackException(pwcb,
"Authentication Failed : UserId - Password mismatch");
+ }
+ } else if ( pwcb.getUsage() == WSPasswordCallback.SIGNATURE ) {
+ if ( pwcb.getIdentifer().equals("CalculatorUser")) {
+ pwcb.setPassword("CalculatorUserPasswd");
+ } else {
+ pwcb.setPassword("CalculatorAdmin");
+ }
+ }
}
}
Modified:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ServerPWCBHandler.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ServerPWCBHandler.java?rev=615963&r1=615962&r2=615963&view=diff
==============================================================================
---
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ServerPWCBHandler.java
(original)
+++
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/java/calculator/security/ServerPWCBHandler.java
Mon Jan 28 09:31:02 2008
@@ -38,8 +38,8 @@
WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
System.out.println("User Id = " + pwcb.getIdentifer());
System.out.println("Password = " + pwcb.getPassword());
-
- if ( pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN ) {
+ System.out.println("Usage = " + pwcb.getUsage());
+ if ( pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN
) {
if ( pwcb.getIdentifer().equals("CalculatorUser") &&
pwcb.getPassword().equals("CalculatorUserPasswd") ){
return;
@@ -47,7 +47,11 @@
throw new UnsupportedCallbackException(pwcb,
"Authentication Failed : UserId - Password mismatch");
}
} else if ( pwcb.getUsage() == WSPasswordCallback.SIGNATURE ) {
- pwcb.setPassword("CalculatorUserPasswd");
+ if ( pwcb.getIdentifer().equals("CalculatorUser")) {
+ pwcb.setPassword("CalculatorUserPasswd");
+ } else {
+ pwcb.setPassword("CalculatorAdmin");
+ }
}
}
}
Modified:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/Calculator.composite
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/Calculator.composite?rev=615963&r1=615962&r2=615963&view=diff
==============================================================================
---
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/Calculator.composite
(original)
+++
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/Calculator.composite
Mon Jan 28 09:31:02 2008
@@ -30,7 +30,11 @@
<binding.ws
uri="http://localhost:8080/sample-calculator-ws-secure-webapp/AddServiceComponent";
requires="calc:wsAuthentication" />
</reference>
- <reference name="subtractService"
target="SubtractServiceComponent"></reference>
+ <reference name="subtractService">
+ <interface.java interface="calculator.SubtractService" />
+ <binding.ws
uri="http://localhost:8080/sample-calculator-ws-secure-webapp/SubtractServiceComponent";
+ requires="calc:wsIntegrity" />
+ </reference>
<reference name="multiplyService"
target="MultiplyServiceComponent"></reference>
<reference name="divideService"
target="DivideServiceComponent"></reference>
</component>
@@ -45,6 +49,10 @@
<component name="SubtractServiceComponent">
<implementation.java class="calculator.SubtractServiceImpl"/>
+ <service name="SubtractService">
+ <interface.java interface="calculator.SubtractService" />
+ <binding.ws requires="integrity"/>
+ </service>
</component>
<component name="MultiplyServiceComponent">
Added:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/calculatorKeys.jks
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/calculatorKeys.jks?rev=615963&view=auto
==============================================================================
Binary file - no diff available.
Propchange:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/calculatorKeys.jks
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/definitions.xml
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/definitions.xml?rev=615963&r1=615962&r2=615963&view=diff
==============================================================================
---
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/definitions.xml
(original)
+++
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/definitions.xml
Mon Jan 28 09:31:02 2008
@@ -53,6 +53,13 @@
</description>
</sca:intent>
+ <sca:intent name="calc:wsIntegrity"
+ constrains="sca:binding.ws">
+ <description>
+ Protect messages from unauthorized reading or
modification
+ </description>
+ </sca:intent>
+
<!-- WS Security POLICY SETS -->
<sca:policySet name="calc:wsAuthenticationPolicy"
provides="authentication"
@@ -81,6 +88,192 @@
</action>
</parameter>
</tuscany:wsConfigParam>
+ </sca:policySet>
+
+ <!-- sca:policySet name="wsIntegrityPolicy"
+ provides="integrity"
+ appliesTo="sca:binding.ws">
+ <tuscany:wsConfigParam>
+ <parameter name="InflowSecurity">
+ <action>
+ <items>UsernameToken Timestamp Signature</items>
+
<signaturePropFile>security.properties</signaturePropFile>
+
<passwordCallbackClass>calculator.security.ServerPWCBHandler</passwordCallbackClass>
+ </action>
+ </parameter>
+ <parameter name="OutflowSecurity">
+ <action>
+ <items>Timestamp Signature</items>
+ <user>CalculatorAdmin</user>
+
<signaturePropFile>security.properties</signaturePropFile>
+
<passwordCallbackClass>calculator.security.ServerPWCBHandler</passwordCallbackClass>
+
<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
+ </action>
+ </parameter>
+ </tuscany:wsConfigParam>
+ </sca:policySet>
+
+ <sca:policySet name="wsClientIntegrityPolicy"
+ provides="calc:wsIntegrity"
+ appliesTo="sca:binding.ws">
+ <tuscany:wsConfigParam>
+ <parameter name="InflowSecurity">
+ <action>
+ <items>Timestamp Signature</items>
+
<signaturePropFile>security.properties</signaturePropFile>
+ </action>
+ </parameter>
+ <parameter name="OutflowSecurity">
+ <action>
+ <items>UsernameToken Timestamp Signature</items>
+ <user>CalculatorUser</user>
+ <passwordType>PasswordText</passwordType>
+
<signaturePropFile>security.properties</signaturePropFile>
+
<passwordCallbackClass>calculator.security.ClientPWCBHandler</passwordCallbackClass>
+
<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
+ </action>
+ </parameter>
+ </tuscany:wsConfigParam>
+ </sca:policySet-->
+
+ <sca:policySet name="tuscany:wsSecurityPolicyForIntegrity"
+ provides="sca:integrity"
+ appliesTo="sca:binding.ws">
+ <wsp:Policy wsu:Id="SignOnly"
+
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+
<sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:SignedParts>
+
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>CalculatorAdmin</ramp:user>
+
<ramp:encryptionUser>CalculatorAdmin</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>calculator.security.ServerPWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">calculatorKeys.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">CalculatorAdmin</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </sca:policySet>
+
+ <sca:policySet name="tuscany:wsSecurityPolicyForClientIntegrity"
+ provides="calc:wsIntegrity"
+ appliesTo="sca:binding.ws">
+ <wsp:Policy wsu:Id="SignOnly"
+
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+
<sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:SignedParts>
+
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>CalculatorAdmin</ramp:user>
+
<ramp:encryptionUser>CalculatorAdmin</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>calculator.security.ClientPWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">calculatorKeys.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">CalculatorAdmin</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
</sca:policySet>
</sca:definitions>
Added:
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/security.properties
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/security.properties?rev=615963&view=auto
==============================================================================
---
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/security.properties
(added)
+++
incubator/tuscany/java/sca/samples/calculator-ws-secure-webapp/src/main/resources/security.properties
Mon Jan 28 09:31:02 2008
@@ -0,0 +1,4 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=CalculatorAdmin
+org.apache.ws.security.crypto.merlin.file=calculatorKeys.jks
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
