diff options
| author | slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68> | 2008-09-24 08:13:02 +0000 |
|---|---|---|
| committer | slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68> | 2008-09-24 08:13:02 +0000 |
| commit | 8d6c3f989bb2f359091468534730080425afa8c4 (patch) | |
| tree | 986a29d3ef78d0b960ddb4dc98e15adc831ffe84 | |
| parent | 9f462538f3ac1e5522a87206a0668ecdecc9e3c4 (diff) | |
Change message getHeaders() operation to return a list, remove the QoS context and change various tests to take account of this assuming that the security information is now passed in the header. This pass the security context is not consolidated into a single subject. The tests that used to pass just a principal still do. Also add a delivery mode JMS policy test. Add some ignores.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@698457 13f79535-47bb-0310-9956-ffa450edef68
29 files changed, 214 insertions, 109 deletions
diff --git a/java/sca/demos/bigbank-account/pom.xml b/java/sca/demos/bigbank-account/pom.xml index 4456fac88b..1455b45684 100644 --- a/java/sca/demos/bigbank-account/pom.xml +++ b/java/sca/demos/bigbank-account/pom.xml @@ -43,7 +43,12 @@ <version>1.4-SNAPSHOT</version> </dependency> - + <dependency> + <groupId>org.apache.tuscany.sca</groupId> + <artifactId>tuscany-policy-security</artifactId> + <version>1.4-SNAPSHOT</version> + </dependency> + <dependency> <groupId>org.apache.ws.security</groupId> <artifactId>wss4j</artifactId> diff --git a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java index c8b73d4ed4..1d565f7ca1 100644 --- a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java +++ b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java @@ -13,6 +13,7 @@ import org.apache.tuscany.sca.invocation.Interceptor; import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.SecurityUtil; /* * Licensed to the Apache Software Foundation (ASF) under one @@ -52,10 +53,11 @@ public class CheckingsDeptAuthPolicyInterceptor implements Interceptor { Object msgBody = msg.getBody(); if (msgBody instanceof Object[]) { Object args[] = (Object[])msg.getBody(); - if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) { - BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL), - (String)args[0]); - } + Principal principal = SecurityUtil.getPrincipal(msg); + if (principal != null){ + BigbankCheckingsAcl.authorize(principal, + (String)args[0]); + } } Message responseMsg = null; diff --git a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java index 419b5def58..6667a4ba53 100644 --- a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java +++ b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java @@ -23,6 +23,7 @@ import java.security.Principal; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.SecurityUtil; import org.apache.tuscany.sca.policy.util.PolicyHandler; /** @@ -39,10 +40,11 @@ public class CheckingsDeptAuthorizationPolicyHandler implements PolicyHandler { if ( context[count] instanceof Message ) { Message msg = (Message)context[count]; Object args[] = (Object[])msg.getBody(); - if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) { - BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL), - (String)args[0]); - } + Principal principal = SecurityUtil.getPrincipal(msg); + if (principal != null){ + BigbankCheckingsAcl.authorize(principal, + (String)args[0]); + } } } } diff --git a/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java b/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java index 82a8ca6689..6d829033a3 100644 --- a/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java +++ b/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java @@ -78,7 +78,7 @@ public class CustomCompositeBuilder { private Composite domainComposite;
private boolean nonWiring;
- protected CustomCompositeBuilder(boolean nonWiring) {
+ public CustomCompositeBuilder(boolean nonWiring) {
this.nonWiring = nonWiring;
}
diff --git a/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml b/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml index 0cdda97a11..dd4350c6fe 100644 --- a/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml +++ b/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml @@ -22,7 +22,7 @@ xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0" xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"> - <policySet name="JMSPolicySet" + <policySet name="JMSPolicySet1" provides="priority" appliesTo="sca:binding.jms"> <intentMap provides="priority" default="medium"> @@ -37,5 +37,18 @@ </qualifier> </intentMap> </policySet> + + <policySet name="JMSPolicySet2" + provides="deliveryMode" + appliesTo="sca:binding.jms"> + <intentMap provides="deliveryMode" default="nonPersistent"> + <qualifier name="persistent"> + <tuscany:jmsHeader JMSDeliveryMode="PERSISTENT"/> + </qualifier> + <qualifier name="nonPersistent"> + <tuscany:jmsHeader JMSDeliveryMode="NON_PERSISTENT"/> + </qualifier> + </intentMap> + </policySet> </definitions>
\ No newline at end of file diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java index 98a164c612..17b5da42be 100644 --- a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java @@ -19,11 +19,15 @@ package org.apache.tuscany.sca.binding.jms.policy.authentication.token; +import javax.security.auth.Subject; + import org.apache.tuscany.sca.interfacedef.Operation; import org.apache.tuscany.sca.invocation.Interceptor; import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.SecurityUtil; +import org.apache.tuscany.sca.policy.authentication.token.TokenPrincipal; /** * Policy handler to handle PolicySet related to Logging with the QName @@ -63,9 +67,13 @@ public class JMSTokenAuthenticationReferencePolicyInterceptor implements Interce if ( policy.getTokenName() != null){ - // add header to Tuscany message - msg.getHeaders().put(policy.getTokenName().toString(), - "SomeJMSAuthorizationToken"); + Subject subject = SecurityUtil.getSubject(msg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); + + if (principal == null){ + principal = new TokenPrincipal("SomeJMSAuthorizationToken"); + subject.getPrincipals().add(principal); + } } return getNext().invoke(msg); diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java index 1280abc3e0..ec3be6e165 100644 --- a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java @@ -66,18 +66,14 @@ public class JMSTokenAuthenticationServicePolicyInterceptor implements Intercept } public Message invoke(Message msg) { + Subject subject = SecurityUtil.getSubject(msg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); - String token = (String)msg.getHeaders().get(policy.getTokenName().toString()); - - if (token != null) { - System.out.println("Token: " + token); + if (principal != null) { + System.out.println("Token: " + principal.getName()); // call out here to some 3rd party system to do whatever you - // need to turn header credentials into an authenticated principal - - Subject subject = SecurityUtil.getSubject(msg); - Principal principal = new TokenPrincipal(token); - subject.getPrincipals().add(principal); + // need to authenticate the principal } return getNext().invoke(msg); diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java index e109c52fba..1c16e3fa1b 100644 --- a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java @@ -35,7 +35,7 @@ import org.apache.tuscany.sca.policy.Policy; public class JMSHeaderPolicy implements Policy { public static final QName JMS_HEADER_POLICY_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "jmsHeader"); public static final String JMS_HEADER_JMS_TYPE = "JMSType"; - public static final String JMS_HEADER_JMS_CORRELATION_ID = "JMSDeliveryMode"; + public static final String JMS_HEADER_JMS_CORRELATION_ID = "JMSCorrelationID"; public static final String JMS_HEADER_JMS_DELIVERY_MODE = "JMSDeliveryMode"; public static final String JMS_HEADER_JMS_TIME_TO_LIVE = "JMSTimeToLive"; public static final String JMS_HEADER_JMS_PRIORITY = "JMSPriority"; diff --git a/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml b/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml index 044ed834e6..66ec011844 100644 --- a/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml +++ b/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml @@ -27,14 +27,37 @@ mayProvide="atLeastOnce atMostOnce ordered conversation" /--> <!-- PolicyIntents defined by the SCA Runtime Extension for JMS Binding --> + <sca:intent name="JMS" constrains="sca:binding.jms"> <sca:description> Communication through this binding requires JMS </sca:description> </sca:intent> + <!-- delivery mode --> + <intent name="deliveryMode" + constrains="sca:binding.jms"> + <description> + This intent is used to indicate the deliver mode + of the sent message + </description> + </intent> + + <intent name="deliveryMode.persistent"> + <description> + Message are sent persistently + </description> + </intent> + + <intent name="deliveryMode.nonPersistent"> + <description> + Message are sent persistently + </description> + </intent> + + <!-- priority --> <intent name="priority" - constrains="sca:binding"> + constrains="sca:binding.jms"> <description> This intent is used to indicate the priority of the sent message diff --git a/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java b/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java index 4c0e3d2e11..a9da07ca7d 100644 --- a/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java +++ b/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java @@ -49,7 +49,7 @@ import org.junit.Test; */ public class PolicyProcessorTestCase { private final static List<String> SEQ = - Arrays.asList("<tuscany:jmsHeader xmlns:tuscany=\"http://tuscany.apache.org/xmlns/sca/1.0\" JMSType=\"ABC\" JMSDeliveryMode=\"PERSISTENT\" JMSDeliveryMode=\"PERSISTENT\" JMSTimeToLive=\"123\" JMSPriority=\"4\"><tuscany:property name=\"aProperty\">property value</tuscany:property></tuscany:jmsHeader>", + Arrays.asList("<tuscany:jmsHeader xmlns:tuscany=\"http://tuscany.apache.org/xmlns/sca/1.0\" JMSType=\"ABC\" JMSDeliveryMode=\"PERSISTENT\" JMSTimeToLive=\"123\" JMSPriority=\"4\"><tuscany:property name=\"aProperty\">property value</tuscany:property></tuscany:jmsHeader>", "<tuscany:jmsTokenAuthentication xmlns:tuscany=\"http://tuscany.apache.org/xmlns/sca/1.0\" tuscany:tokenName=\"{http://tuscany.apache.org/foo}myname\" />"); @Test diff --git a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java index cfa099e875..9c5fba5de6 100644 --- a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java +++ b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java @@ -30,6 +30,7 @@ import javax.jms.MessageConsumer; import javax.jms.MessageProducer; import javax.jms.Session; import javax.naming.NamingException; +import javax.security.auth.Subject; import org.apache.tuscany.sca.binding.jms.impl.JMSBinding; import org.apache.tuscany.sca.binding.jms.impl.JMSBindingConstants; @@ -42,6 +43,8 @@ import org.apache.tuscany.sca.invocation.DataExchangeSemantics; import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.policy.PolicySet; import org.apache.tuscany.sca.policy.PolicySetAttachPoint; +import org.apache.tuscany.sca.policy.SecurityUtil; +import org.apache.tuscany.sca.policy.authentication.token.TokenPrincipal; import org.apache.tuscany.sca.runtime.ReferenceParameters; import org.apache.tuscany.sca.runtime.RuntimeComponentReference; import org.apache.tuscany.sca.runtime.RuntimeComponentService; @@ -401,8 +404,11 @@ public class JMSBindingInvoker implements Invoker, DataExchangeSemantics { } if (jmsTokenAuthenticationPolicy != null) { - String token = (String)tuscanyMsg.getHeaders().get(jmsTokenAuthenticationPolicy.getTokenName().toString()); - jmsMsg.setStringProperty(jmsTokenAuthenticationPolicy.getTokenName().toString(), token); + Subject subject = SecurityUtil.getSubject(tuscanyMsg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); + if (principal != null){ + jmsMsg.setStringProperty(jmsTokenAuthenticationPolicy.getTokenName().toString(), principal.getName()); + } } } diff --git a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java index f28c85f160..87b1bb21e2 100644 --- a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java +++ b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java @@ -32,6 +32,7 @@ import javax.jms.Queue; import javax.jms.Session; import javax.jms.Topic; import javax.naming.NamingException; +import javax.security.auth.Subject; import org.apache.tuscany.sca.assembly.Binding; import org.apache.tuscany.sca.binding.jms.impl.JMSBinding; @@ -43,6 +44,8 @@ import org.apache.tuscany.sca.core.invocation.MessageImpl; import org.apache.tuscany.sca.interfacedef.Operation; import org.apache.tuscany.sca.policy.PolicySet; import org.apache.tuscany.sca.policy.PolicySetAttachPoint; +import org.apache.tuscany.sca.policy.SecurityUtil; +import org.apache.tuscany.sca.policy.authentication.token.TokenPrincipal; import org.apache.tuscany.sca.runtime.EndpointReference; import org.apache.tuscany.sca.runtime.ReferenceParameters; import org.apache.tuscany.sca.runtime.RuntimeComponentService; @@ -205,8 +208,15 @@ public class JMSBindingListener implements MessageListener { if (jmsTokenAuthenticationPolicy != null) { String token = requestJMSMsg.getStringProperty(jmsTokenAuthenticationPolicy.getTokenName().toString()); - tuscanyMsg.getHeaders().put(jmsTokenAuthenticationPolicy.getTokenName().toString(), - token); + + Subject subject = SecurityUtil.getSubject(tuscanyMsg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); + + if (principal == null){ + principal = new TokenPrincipal(token); + subject.getPrincipals().add(principal); + } + } } diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java index 1ed80ba4da..c6cd96e647 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java @@ -84,8 +84,7 @@ public class Axis2TokenAuthenticationReferencePolicyInterceptor implements Inter header.setHeaderString("SomeWSAuthorizationToken"); // add header to Tuscany message - msg.getHeaders().put(policy.getTokenName().toString(), - header); + msg.getHeaders().add(header); } return getNext().invoke(msg); diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java index 993f59d159..43505a8d33 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java @@ -23,6 +23,8 @@ import java.security.Principal; import javax.security.auth.Subject; +import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2HeaderPolicyUtil; +import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeader; import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeaderString; import org.apache.tuscany.sca.interfacedef.Operation; import org.apache.tuscany.sca.invocation.Interceptor; @@ -66,7 +68,7 @@ public class Axis2TokenAuthenticationServicePolicyInterceptor implements Interce public Message invoke(Message msg) { - Axis2SOAPHeaderString header = (Axis2SOAPHeaderString)msg.getHeaders().get(policy.getTokenName().toString()); + Axis2SOAPHeaderString header = (Axis2SOAPHeaderString)Axis2HeaderPolicyUtil.getHeader(msg, policy.getTokenName()); if (header != null) { System.out.println("Token: " + header.getHeaderString()); diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderPolicyUtil.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderPolicyUtil.java new file mode 100644 index 0000000000..98d011a8fc --- /dev/null +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderPolicyUtil.java @@ -0,0 +1,50 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.ws.axis2.policy.header; + + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.invocation.Message; + + +/** + * + * @version $Rev$ $Date$ + */ +public class Axis2HeaderPolicyUtil { + + public static Axis2SOAPHeader getHeader(Message msg, QName headerName){ + + Axis2SOAPHeader axis2Header = null; + + for (Object header : msg.getHeaders()){ + if (header instanceof Axis2SOAPHeader){ + Axis2SOAPHeader tmpHeader = (Axis2SOAPHeader)header; + + if (tmpHeader.getHeaderName().equals(headerName)){ + axis2Header = tmpHeader; + break; + } + } + } + + return axis2Header; + } +} diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java index 161bb8d563..1b3315bb76 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java @@ -73,23 +73,7 @@ public class Axis2HeaderReferencePolicyInterceptor implements Interceptor { } public Message invoke(Message msg) { - // could call out here to some 3rd party system to get credentials - - if ( policy.getHeaderName() != null){ - // create Axis representation of header - //OMElement header = SOAPFactory - - OMFactory factory = OMAbstractFactory.getOMFactory(); - OMNamespace ns1 = factory.createOMNamespace(policy.getHeaderName().getNamespaceURI(), - policy.getHeaderName().getPrefix()); - OMElement header = factory.createOMElement(policy.getHeaderName().getLocalPart(),ns1); - OMText headerText = factory.createOMText(header,"SomeAuthTokenText"); - header.addChild(headerText); - - // add header to Tuscany message - msg.getHeaders().put(policy.getHeaderName().toString(), - policy); - } + // TODO - not yet implemented return getNext().invoke(msg); } diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java index 924c68a891..a758ca5261 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java @@ -62,17 +62,7 @@ public class Axis2HeaderServicePolicyInterceptor implements Interceptor { } public Message invoke(Message msg) { - - OMElement header = (OMElement)msg.getHeaders().get(policy.getHeaderName().toString()); - - if (header != null) { - - System.out.println("Token: " + header.getText()); - // could call out here to some 3rd part system to do whatever you - // need to turn credentials into a principal - - msg.getQoSContext().put(Message.QOS_CTX_SECURITY_PRINCIPAL, header.getText()); - } + // TODO - not yet implemented return getNext().invoke(msg); } diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java index b5994ff2c3..0eefeac87b 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java @@ -54,6 +54,7 @@ public class Axis2SOAPHeaderString extends Axis2SOAPHeader { } public void setAsSOAPHeaderBlock(OMElement header) { + super.setAsSOAPHeaderBlock(header); headerString = header.getText(); } } diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java index c51a5bad29..d4250e3244 100644 --- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java +++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java @@ -808,7 +808,7 @@ public class Axis2ServiceProvider { WSSecurityEngineResult securityResult = (WSSecurityEngineResult)wshr.getResults().elementAt(count2); if ( securityResult.get("principal") != null ) { - message.getQoSContext().put(Message.QOS_CTX_SECURITY_PRINCIPAL, securityResult.get("principal")); + message.getHeaders().add(securityResult.get("principal")); } } } diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java index 58f7c11f60..873e23a98a 100644 --- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java +++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java @@ -114,15 +114,5 @@ public class Axis2BindingBasicAuthenticationConfigurator { BasicAuthenticationPrincipal principal = new BasicAuthenticationPrincipal(username, password); subject.getPrincipals().add(principal); - - // Set the http headers - // This is just an experiment, looking at the alternatives to extracting - // username and password in the binding. With HTTP headers in the message it - // could be deferred to the interceptor. Asymetric though when compared with the - // reference support. - // how to defined the scheme for message headers? - msg.getHeaders().put("httpheaders", httpHeaderProperties); } - - } diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java index 0c3577104b..647f934c02 100644 --- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java +++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java @@ -27,6 +27,7 @@ import org.apache.axiom.om.OMFactory; import org.apache.axiom.soap.SOAPEnvelope; import org.apache.axiom.soap.SOAPHeader; import org.apache.axis2.context.MessageContext; +import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2HeaderPolicyUtil; import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeader; import org.apache.tuscany.sca.invocation.Message; @@ -46,9 +47,11 @@ public class Axis2BindingHeaderConfigurator { OMFactory factory = envelope.getOMFactory(); SOAPHeader soapHeader = envelope.getHeader(); - Axis2SOAPHeader header = (Axis2SOAPHeader)msg.getHeaders().get(headerQName.toString()); + Axis2SOAPHeader header = Axis2HeaderPolicyUtil.getHeader(msg, headerQName) ; - soapHeader.addChild(header.getAsSOAPHeaderBlock(factory)); + if (header != null){ + soapHeader.addChild(header.getAsSOAPHeaderBlock(factory)); + } } } @@ -60,7 +63,7 @@ public class Axis2BindingHeaderConfigurator { header.setAsSOAPHeaderBlock(omHeader); - msg.getHeaders().put(headerQName.toString(), header); + msg.getHeaders().add(header); } } diff --git a/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java b/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java index 61835217de..179ec9e6f2 100644 --- a/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java +++ b/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java @@ -18,6 +18,7 @@ */ package org.apache.tuscany.sca.invocation; +import java.util.List; import java.util.Map; import org.apache.tuscany.sca.interfacedef.Operation; @@ -29,8 +30,6 @@ import org.apache.tuscany.sca.runtime.EndpointReference; * @version $Rev $Date$ */ public interface Message { - String QOS_CTX_SECURITY_PRINCIPAL = "PRINCIPAL"; - String QOS_CTX_SECURITY_SUBJECT = "SUBJECT"; /** * Returns the body of the message, which will be the payload or parameters associated with the wire @@ -109,17 +108,9 @@ public interface Message { void setOperation(Operation op); /** - * Returns a map of objects that represents the QoS context that wraps this message such as - * invoking authenticated principal and so on. - * - * @return - */ - Map<String, Object> getQoSContext(); - - /** * Returns a map of objects that are contained in the message header * * @return */ - Map<String, Object> getHeaders(); + List<Object> getHeaders(); } diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java index 0c5dc63a89..ed6c3df8fa 100644 --- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java +++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java @@ -48,7 +48,15 @@ public class RequestContextImpl implements RequestContext { } public Subject getSecuritySubject() { - return (Subject)ThreadMessageContext.getMessageContext().getQoSContext().get(Message.QOS_CTX_SECURITY_SUBJECT); + Subject subject = null; + + for (Object header : ThreadMessageContext.getMessageContext().getHeaders()){ + if (header instanceof Subject){ + subject = (Subject)header; + break; + } + } + return subject; } public String getServiceName() { diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java index 4ce88f5e2e..a6013cf3c9 100644 --- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java +++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java @@ -18,7 +18,9 @@ */ package org.apache.tuscany.sca.core.invocation; +import java.util.ArrayList; import java.util.Hashtable; +import java.util.List; import java.util.Map; import org.apache.tuscany.sca.core.assembly.EndpointReferenceImpl; @@ -32,12 +34,11 @@ import org.apache.tuscany.sca.runtime.EndpointReference; * @version $Rev $Date$ */ public class MessageImpl implements Message { - private Map<String, Object> headers = new Hashtable<String, Object>(); + private List<Object> headers = new ArrayList<Object>(); private Object body; private Object messageID; private boolean isFault; private Operation operation; - private Map<String, Object> qosContext = new Hashtable<String, Object>(); private EndpointReference from; private EndpointReference to; @@ -97,12 +98,8 @@ public class MessageImpl implements Message { public void setOperation(Operation op) { this.operation = op; } - - public Map<String, Object> getQoSContext() { - return qosContext; - } - public Map<String, Object> getHeaders() { + public List<Object> getHeaders() { return headers; } diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java index c79fe46a7e..582d1ee141 100644 --- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java +++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java @@ -19,6 +19,7 @@ package org.apache.tuscany.sca.core.invocation; import java.util.LinkedList; +import java.util.List; import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; @@ -186,7 +187,7 @@ public class NonBlockingInterceptor implements Interceptor { return null; } - public Map<String, Object> getHeaders() { + public List<Object> getHeaders() { return null; } } diff --git a/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java b/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java index 8db7e5bed3..7a3c4bdf5a 100644 --- a/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java +++ b/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java @@ -18,6 +18,7 @@ */
package org.apache.tuscany.sca.implementation.notification;
+import java.util.List;
import java.util.Map;
import org.apache.tuscany.sca.interfacedef.Operation;
@@ -89,11 +90,8 @@ public class ImmutableMessage implements Message { return null;
}
- public Map<String, Object> getQoSContext() {
- return null;
- }
- public Map<String, Object> getHeaders() {
+ public List<Object> getHeaders() {
return null;
}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java index 7e32973b9a..2216de5361 100644 --- a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java +++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java @@ -33,11 +33,19 @@ import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPri public class SecurityUtil { public static Subject getSubject(Message msg){ - Subject subject = (Subject)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_SUBJECT); + + Subject subject = null; + + for (Object header : msg.getHeaders()){ + if (header instanceof Subject){ + subject = (Subject)header; + break; + } + } if (subject == null){ subject = new Subject(); - msg.getQoSContext().put(Message.QOS_CTX_SECURITY_SUBJECT, subject); + msg.getHeaders().add(subject); } return subject; @@ -52,4 +60,18 @@ public class SecurityUtil { return null; } + + public static Principal getPrincipal(Message msg){ + + Principal principal = null; + + for (Object header : msg.getHeaders()){ + if (header instanceof Principal){ + principal = (Principal)header; + break; + } + } + + return principal; + } } diff --git a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java index 2ebcc8470a..5c692df4ec 100644 --- a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java +++ b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java @@ -7,6 +7,7 @@ import org.apache.tuscany.sca.invocation.Interceptor; import org.apache.tuscany.sca.invocation.Invoker;
import org.apache.tuscany.sca.invocation.Message;
import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.SecurityUtil;
/*
* Licensed to the Apache Software Foundation (ASF) under one
@@ -46,10 +47,11 @@ public class CheckingsDeptAuthPolicyInterceptor implements Interceptor { Object msgBody = msg.getBody();
if (msgBody instanceof Object[]) {
Object args[] = (Object[])msg.getBody();
- if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) {
- BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL),
- (String)args[0]);
- }
+ Principal principal = SecurityUtil.getPrincipal(msg);
+ if (principal != null){
+ BigbankCheckingsAcl.authorize(principal,
+ (String)args[0]);
+ }
}
Message responseMsg = null;
diff --git a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java index 5668fa23b9..b023adf907 100644 --- a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java +++ b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java @@ -23,6 +23,7 @@ import java.security.Principal; import org.apache.tuscany.sca.invocation.Message;
import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.SecurityUtil;
import org.apache.tuscany.sca.policy.util.PolicyHandler;
/**
@@ -39,10 +40,11 @@ public class CheckingsDeptAuthorizationPolicyHandler implements PolicyHandler { if ( context[count] instanceof Message ) {
Message msg = (Message)context[count];
Object args[] = (Object[])msg.getBody();
- if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) {
- BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL),
- (String)args[0]);
- }
+ Principal principal = SecurityUtil.getPrincipal(msg);
+ if (principal != null){
+ BigbankCheckingsAcl.authorize(principal,
+ (String)args[0]);
+ }
}
}
}
|