summaryrefslogtreecommitdiffstats
path: root/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache
diff options
context:
space:
mode:
authorlresende <lresende@13f79535-47bb-0310-9956-ffa450edef68>2009-02-26 04:29:11 +0000
committerlresende <lresende@13f79535-47bb-0310-9956-ffa450edef68>2009-02-26 04:29:11 +0000
commita9e5f4e28a97f203eec296635aeef1ab4f6f38d8 (patch)
tree181c420581c3d647f6e32e50eed51b9b46119a82 /branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache
parent313e83d4f0dc58220e31c035e5350beb19139522 (diff)
Adding support to enable SSL when using binding-http using Confidentiality policy intent
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@748006 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache')
-rw-r--r--branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicy.java130
-rw-r--r--branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicyProcessor.java158
-rw-r--r--branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityPolicyDefinitionsProvider.java25
3 files changed, 300 insertions, 13 deletions
diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicy.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicy.java
new file mode 100644
index 0000000000..7c97b38968
--- /dev/null
+++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicy.java
@@ -0,0 +1,130 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.confidentiality;
+
+import java.util.Properties;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+
+/**
+ * Models the SCA Implementation Security Policy Assertion for Confidentiality.
+ *
+ * This would map to enabling SSL communication and would require
+ * the following configuration items :
+ *
+ * - javax.net.ssl.keyStore
+ * - javax.net.ssl.keyStorePassword
+ * - javax.net.ssl.keyStoreType
+ *
+ * - javax.net.ssl.trustStoreType
+ * - javax.net.ssl.trustStore
+ * - javax.net.ssl.trustStorePassword
+ *
+ * @version $Rev$ $Date$
+ */
+public class ConfidentialityPolicy implements Policy {
+ public static final QName NAME = new QName(Constants.SCA10_TUSCANY_NS, "confidentiality");
+
+ private String trustStore;
+ private String trustStorePassword;
+ private String keyStore;
+ private String keyStorePassword;
+ private String keyStoreType;
+ private String trustStoreType;
+
+ public String getTrustStore() {
+ return trustStore;
+ }
+
+ public void setTrustStore(String trustStore) {
+ this.trustStore = trustStore;
+ }
+
+ public String getTrustStorePassword() {
+ return trustStorePassword;
+ }
+
+ public void setTrustStorePassword(String trustStorePassword) {
+ this.trustStorePassword = trustStorePassword;
+ }
+
+ public String getKeyStore() {
+ return keyStore;
+ }
+
+ public void setKeyStore(String keyStore) {
+ this.keyStore = keyStore;
+ }
+
+ public String getKeyStorePassword() {
+ return keyStorePassword;
+ }
+
+ public void setKeyStorePassword(String keyStorePassword) {
+ this.keyStorePassword = keyStorePassword;
+ }
+
+ public String getKeyStoreType() {
+ return keyStoreType;
+ }
+
+ public void setKeyStoreType(String keyStoreType) {
+ this.keyStoreType = keyStoreType;
+ }
+
+ public String getTrustStoreType() {
+ return trustStoreType;
+ }
+
+ public void setTrustStoreType(String trustStoreType) {
+ this.trustStoreType = trustStoreType;
+ }
+
+ public QName getSchemaName() {
+ return NAME;
+ }
+
+ public boolean isUnresolved() {
+ return false;
+ }
+
+ public void setUnresolved(boolean unresolved) {
+
+ }
+
+ public Properties toProperties() {
+ Properties properties = new Properties();
+
+ properties.put("javax.net.ssl.trustStoreType", trustStoreType);
+ properties.put("javax.net.ssl.trustStore", trustStore);
+ properties.put("javax.net.ssl.trustStorePassword", trustStorePassword);
+
+ properties.put("javax.net.ssl.keyStoreType", keyStoreType);
+ properties.put("javax.net.ssl.keyStore", keyStore);
+ properties.put("javax.net.ssl.keyStorePassword", keyStorePassword);
+
+ return properties;
+ }
+
+}
diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicyProcessor.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicyProcessor.java
new file mode 100644
index 0000000000..8d9621da96
--- /dev/null
+++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/confidentiality/ConfidentialityPolicyProcessor.java
@@ -0,0 +1,158 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.confidentiality;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.assembly.builder.impl.ProblemImpl;
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+import org.apache.tuscany.sca.monitor.Monitor;
+import org.apache.tuscany.sca.monitor.Problem;
+import org.apache.tuscany.sca.monitor.Problem.Severity;
+
+public class ConfidentialityPolicyProcessor implements StAXArtifactProcessor<ConfidentialityPolicy> {
+ private static final QName KEY_STORE_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "keyStore");
+ private static final QName TRUST_STORE_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "trustStore");
+
+ private Monitor monitor;
+
+ public ConfidentialityPolicyProcessor(ModelFactoryExtensionPoint modelFactories, Monitor monitor) {
+ this.monitor = monitor;
+ }
+
+ /**
+ * Report a error.
+ *
+ * @param problems
+ * @param message
+ * @param model
+ */
+ private void error(String message, Object model, Object... messageParameters) {
+ if (monitor != null) {
+ Problem problem = new ProblemImpl(this.getClass().getName(), "policy-security-validation-messages", Severity.ERROR, model, message, (Object[])messageParameters);
+ monitor.problem(problem);
+ }
+ }
+
+ public QName getArtifactType() {
+ return ConfidentialityPolicy.NAME;
+ }
+
+ public Class<ConfidentialityPolicy> getModelType() {
+ return ConfidentialityPolicy.class;
+ }
+
+ public ConfidentialityPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+ ConfidentialityPolicy policy = new ConfidentialityPolicy();
+ int event = reader.getEventType();
+ QName start = reader.getName();
+ QName name = null;
+ while (true) {
+ switch (event) {
+ case START_ELEMENT:
+ name = reader.getName();
+ if(KEY_STORE_QNAME.equals(name)) {
+ //<tuscany:keyStore type="JKS" file="conf/tomcat.keystore" password="apache"/>
+ String type = reader.getAttributeValue(null, "type");
+ if(type == null) {
+ error("RequiredAttributeKeyStoreTypeMissing", reader);
+ } else {
+ policy.setKeyStoreType(type);
+ }
+
+ String file = reader.getAttributeValue(null, "file");
+ if(file == null) {
+ error("RequiredAttributeKeyStoreFileMissing", reader);
+ } else {
+ policy.setKeyStore(file);
+ }
+
+ String password = reader.getAttributeValue(null, "password");
+ if(file == null) {
+ error("RequiredAttributeKeyStorePasswordMissing", reader);
+ } else {
+ policy.setKeyStorePassword(password);
+ }
+
+ } else if(TRUST_STORE_QNAME.equals(name)) {
+ //<tuscany:trustStore type="" file="" password=""/>
+ String type = reader.getAttributeValue(null, "type");
+ if(type == null) {
+ error("RequiredAttributeTrustStoreTypeMissing", reader);
+ } else {
+ policy.setTrustStoreType(type);
+ }
+
+ String file = reader.getAttributeValue(null, "file");
+ if(file == null) {
+ error("RequiredAttributeTrusStoreFileMissing", reader);
+ } else {
+ policy.setTrustStore(file);
+ }
+
+ String password = reader.getAttributeValue(null, "password");
+ if(file == null) {
+ error("RequiredAttributeTrustStorePasswordMissing", reader);
+ } else {
+ policy.setTrustStorePassword(password);
+ }
+
+ }
+ break;
+ case END_ELEMENT:
+ if (start.equals(reader.getName())) {
+ if (reader.hasNext()) {
+ reader.next();
+ }
+ return policy;
+ }
+
+ }
+ if (reader.hasNext()) {
+ event = reader.next();
+ } else {
+ return policy;
+ }
+ } }
+
+ public void write(ConfidentialityPolicy model, XMLStreamWriter writer) throws ContributionWriteException,
+ XMLStreamException {
+ // TODO Auto-generated method stub
+
+ }
+
+ public void resolve(ConfidentialityPolicy model, ModelResolver resolver) throws ContributionResolveException {
+ // TODO Auto-generated method stub
+
+ }
+
+}
diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityPolicyDefinitionsProvider.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityPolicyDefinitionsProvider.java
index cfe856e0f2..c914d99365 100644
--- a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityPolicyDefinitionsProvider.java
+++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityPolicyDefinitionsProvider.java
@@ -34,16 +34,18 @@ import org.apache.tuscany.sca.provider.SCADefinitionsProviderException;
/**
* Provider for Policy Intents and PolicySet definitions related to security
- *
+ *
* @version $Rev$ $Date$
*/
public class SecurityPolicyDefinitionsProvider implements SCADefinitionsProvider {
+ private static final String definitionsFile = "org/apache/tuscany/sca/policy/security/definitions.xml";
private static final String tuscanyDefinitionsFile = "org/apache/tuscany/sca/policy/security/tuscany_definitions.xml";
- private String definitionsFile = "org/apache/tuscany/sca/policy/security/definitions.xml";
+
URLArtifactProcessor urlArtifactProcessor = null;
public SecurityPolicyDefinitionsProvider(ExtensionPointRegistry registry) {
- URLArtifactProcessorExtensionPoint documentProcessors = registry.getExtensionPoint(URLArtifactProcessorExtensionPoint.class);
+ URLArtifactProcessorExtensionPoint documentProcessors =
+ registry.getExtensionPoint(URLArtifactProcessorExtensionPoint.class);
urlArtifactProcessor = (URLArtifactProcessor)documentProcessors.getProcessor(SCADefinitions.class);
}
@@ -51,34 +53,31 @@ public class SecurityPolicyDefinitionsProvider implements SCADefinitionsProvider
SCADefinitions scaDefns = null;
SCADefinitions tuscanyDefns = null;
try {
- // Allow privileged access to load resource. Requires RuntimePermssion in security policy.
+ // Allow privileged access to load resource. Requires
+ // RuntimePermssion in security policy.
URL definitionsFileUrl = AccessController.doPrivileged(new PrivilegedAction<URL>() {
public URL run() {
return getClass().getClassLoader().getResource(definitionsFile);
}
- });
+ });
URI uri = new URI(definitionsFile);
- scaDefns = (SCADefinitions)urlArtifactProcessor.read(null,
- uri,
- definitionsFileUrl);
+ scaDefns = (SCADefinitions)urlArtifactProcessor.read(null, uri, definitionsFileUrl);
definitionsFileUrl = AccessController.doPrivileged(new PrivilegedAction<URL>() {
public URL run() {
return getClass().getClassLoader().getResource(tuscanyDefinitionsFile);
}
- });
+ });
uri = new URI(definitionsFile);
- tuscanyDefns = (SCADefinitions)urlArtifactProcessor.read(null,
- uri,
- definitionsFileUrl);
+ tuscanyDefns = (SCADefinitions)urlArtifactProcessor.read(null, uri, definitionsFileUrl);
SCADefinitionsUtil.aggregateSCADefinitions(tuscanyDefns, scaDefns);
return scaDefns;
- } catch ( Exception e ) {
+ } catch (Exception e) {
throw new SCADefinitionsProviderException(e);
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 17:14:50 +0000