diff options
Diffstat (limited to '')
29 files changed, 214 insertions, 109 deletions
diff --git a/java/sca/demos/bigbank-account/pom.xml b/java/sca/demos/bigbank-account/pom.xml index 4456fac88b..1455b45684 100644 --- a/java/sca/demos/bigbank-account/pom.xml +++ b/java/sca/demos/bigbank-account/pom.xml @@ -43,7 +43,12 @@ <version>1.4-SNAPSHOT</version> </dependency> - + <dependency> + <groupId>org.apache.tuscany.sca</groupId> + <artifactId>tuscany-policy-security</artifactId> + <version>1.4-SNAPSHOT</version> + </dependency> + <dependency> <groupId>org.apache.ws.security</groupId> <artifactId>wss4j</artifactId> diff --git a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java index c8b73d4ed4..1d565f7ca1 100644 --- a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java +++ b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java @@ -13,6 +13,7 @@ import org.apache.tuscany.sca.invocation.Interceptor; import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.SecurityUtil; /* * Licensed to the Apache Software Foundation (ASF) under one @@ -52,10 +53,11 @@ public class CheckingsDeptAuthPolicyInterceptor implements Interceptor { Object msgBody = msg.getBody(); if (msgBody instanceof Object[]) { Object args[] = (Object[])msg.getBody(); - if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) { - BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL), - (String)args[0]); - } + Principal principal = SecurityUtil.getPrincipal(msg); + if (principal != null){ + BigbankCheckingsAcl.authorize(principal, + (String)args[0]); + } } Message responseMsg = null; diff --git a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java index 419b5def58..6667a4ba53 100644 --- a/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java +++ b/java/sca/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java @@ -23,6 +23,7 @@ import java.security.Principal; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.SecurityUtil; import org.apache.tuscany.sca.policy.util.PolicyHandler; /** @@ -39,10 +40,11 @@ public class CheckingsDeptAuthorizationPolicyHandler implements PolicyHandler { if ( context[count] instanceof Message ) { Message msg = (Message)context[count]; Object args[] = (Object[])msg.getBody(); - if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) { - BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL), - (String)args[0]); - } + Principal principal = SecurityUtil.getPrincipal(msg); + if (principal != null){ + BigbankCheckingsAcl.authorize(principal, + (String)args[0]); + } } } } diff --git a/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java b/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java index 82a8ca6689..6d829033a3 100644 --- a/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java +++ b/java/sca/itest/builder/src/test/java/org/apache/tuscany/sca/itest/builder/CustomCompositeBuilder.java @@ -78,7 +78,7 @@ public class CustomCompositeBuilder { private Composite domainComposite;
private boolean nonWiring;
- protected CustomCompositeBuilder(boolean nonWiring) {
+ public CustomCompositeBuilder(boolean nonWiring) {
this.nonWiring = nonWiring;
}
diff --git a/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml b/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml index 0cdda97a11..dd4350c6fe 100644 --- a/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml +++ b/java/sca/itest/jms/src/main/resources/policyHeaders/definitions.xml @@ -22,7 +22,7 @@ xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0" xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"> - <policySet name="JMSPolicySet" + <policySet name="JMSPolicySet1" provides="priority" appliesTo="sca:binding.jms"> <intentMap provides="priority" default="medium"> @@ -37,5 +37,18 @@ </qualifier> </intentMap> </policySet> + + <policySet name="JMSPolicySet2" + provides="deliveryMode" + appliesTo="sca:binding.jms"> + <intentMap provides="deliveryMode" default="nonPersistent"> + <qualifier name="persistent"> + <tuscany:jmsHeader JMSDeliveryMode="PERSISTENT"/> + </qualifier> + <qualifier name="nonPersistent"> + <tuscany:jmsHeader JMSDeliveryMode="NON_PERSISTENT"/> + </qualifier> + </intentMap> + </policySet> </definitions>
\ No newline at end of file diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java index 98a164c612..17b5da42be 100644 --- a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java @@ -19,11 +19,15 @@ package org.apache.tuscany.sca.binding.jms.policy.authentication.token; +import javax.security.auth.Subject; + import org.apache.tuscany.sca.interfacedef.Operation; import org.apache.tuscany.sca.invocation.Interceptor; import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.SecurityUtil; +import org.apache.tuscany.sca.policy.authentication.token.TokenPrincipal; /** * Policy handler to handle PolicySet related to Logging with the QName @@ -63,9 +67,13 @@ public class JMSTokenAuthenticationReferencePolicyInterceptor implements Interce if ( policy.getTokenName() != null){ - // add header to Tuscany message - msg.getHeaders().put(policy.getTokenName().toString(), - "SomeJMSAuthorizationToken"); + Subject subject = SecurityUtil.getSubject(msg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); + + if (principal == null){ + principal = new TokenPrincipal("SomeJMSAuthorizationToken"); + subject.getPrincipals().add(principal); + } } return getNext().invoke(msg); diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java index 1280abc3e0..ec3be6e165 100644 --- a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java @@ -66,18 +66,14 @@ public class JMSTokenAuthenticationServicePolicyInterceptor implements Intercept } public Message invoke(Message msg) { + Subject subject = SecurityUtil.getSubject(msg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); - String token = (String)msg.getHeaders().get(policy.getTokenName().toString()); - - if (token != null) { - System.out.println("Token: " + token); + if (principal != null) { + System.out.println("Token: " + principal.getName()); // call out here to some 3rd party system to do whatever you - // need to turn header credentials into an authenticated principal - - Subject subject = SecurityUtil.getSubject(msg); - Principal principal = new TokenPrincipal(token); - subject.getPrincipals().add(principal); + // need to authenticate the principal } return getNext().invoke(msg); diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java index e109c52fba..1c16e3fa1b 100644 --- a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java @@ -35,7 +35,7 @@ import org.apache.tuscany.sca.policy.Policy; public class JMSHeaderPolicy implements Policy { public static final QName JMS_HEADER_POLICY_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "jmsHeader"); public static final String JMS_HEADER_JMS_TYPE = "JMSType"; - public static final String JMS_HEADER_JMS_CORRELATION_ID = "JMSDeliveryMode"; + public static final String JMS_HEADER_JMS_CORRELATION_ID = "JMSCorrelationID"; public static final String JMS_HEADER_JMS_DELIVERY_MODE = "JMSDeliveryMode"; public static final String JMS_HEADER_JMS_TIME_TO_LIVE = "JMSTimeToLive"; public static final String JMS_HEADER_JMS_PRIORITY = "JMSPriority"; diff --git a/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml b/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml index 044ed834e6..66ec011844 100644 --- a/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml +++ b/java/sca/modules/binding-jms-policy/src/main/resources/org/apache/tuscany/sca/binding/jms/policy/definitions.xml @@ -27,14 +27,37 @@ mayProvide="atLeastOnce atMostOnce ordered conversation" /--> <!-- PolicyIntents defined by the SCA Runtime Extension for JMS Binding --> + <sca:intent name="JMS" constrains="sca:binding.jms"> <sca:description> Communication through this binding requires JMS </sca:description> </sca:intent> + <!-- delivery mode --> + <intent name="deliveryMode" + constrains="sca:binding.jms"> + <description> + This intent is used to indicate the deliver mode + of the sent message + </description> + </intent> + + <intent name="deliveryMode.persistent"> + <description> + Message are sent persistently + </description> + </intent> + + <intent name="deliveryMode.nonPersistent"> + <description> + Message are sent persistently + </description> + </intent> + + <!-- priority --> <intent name="priority" - constrains="sca:binding"> + constrains="sca:binding.jms"> <description> This intent is used to indicate the priority of the sent message diff --git a/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java b/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java index 4c0e3d2e11..a9da07ca7d 100644 --- a/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java +++ b/java/sca/modules/binding-jms-policy/src/test/java/org/apache/tuscany/sca/binding/jms/policy/PolicyProcessorTestCase.java @@ -49,7 +49,7 @@ import org.junit.Test; */ public class PolicyProcessorTestCase { private final static List<String> SEQ = - Arrays.asList("<tuscany:jmsHeader xmlns:tuscany=\"http://tuscany.apache.org/xmlns/sca/1.0\" JMSType=\"ABC\" JMSDeliveryMode=\"PERSISTENT\" JMSDeliveryMode=\"PERSISTENT\" JMSTimeToLive=\"123\" JMSPriority=\"4\"><tuscany:property name=\"aProperty\">property value</tuscany:property></tuscany:jmsHeader>", + Arrays.asList("<tuscany:jmsHeader xmlns:tuscany=\"http://tuscany.apache.org/xmlns/sca/1.0\" JMSType=\"ABC\" JMSDeliveryMode=\"PERSISTENT\" JMSTimeToLive=\"123\" JMSPriority=\"4\"><tuscany:property name=\"aProperty\">property value</tuscany:property></tuscany:jmsHeader>", "<tuscany:jmsTokenAuthentication xmlns:tuscany=\"http://tuscany.apache.org/xmlns/sca/1.0\" tuscany:tokenName=\"{http://tuscany.apache.org/foo}myname\" />"); @Test diff --git a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java index cfa099e875..9c5fba5de6 100644 --- a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java +++ b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingInvoker.java @@ -30,6 +30,7 @@ import javax.jms.MessageConsumer; import javax.jms.MessageProducer; import javax.jms.Session; import javax.naming.NamingException; +import javax.security.auth.Subject; import org.apache.tuscany.sca.binding.jms.impl.JMSBinding; import org.apache.tuscany.sca.binding.jms.impl.JMSBindingConstants; @@ -42,6 +43,8 @@ import org.apache.tuscany.sca.invocation.DataExchangeSemantics; import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.policy.PolicySet; import org.apache.tuscany.sca.policy.PolicySetAttachPoint; +import org.apache.tuscany.sca.policy.SecurityUtil; +import org.apache.tuscany.sca.policy.authentication.token.TokenPrincipal; import org.apache.tuscany.sca.runtime.ReferenceParameters; import org.apache.tuscany.sca.runtime.RuntimeComponentReference; import org.apache.tuscany.sca.runtime.RuntimeComponentService; @@ -401,8 +404,11 @@ public class JMSBindingInvoker implements Invoker, DataExchangeSemantics { } if (jmsTokenAuthenticationPolicy != null) { - String token = (String)tuscanyMsg.getHeaders().get(jmsTokenAuthenticationPolicy.getTokenName().toString()); - jmsMsg.setStringProperty(jmsTokenAuthenticationPolicy.getTokenName().toString(), token); + Subject subject = SecurityUtil.getSubject(tuscanyMsg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); + if (principal != null){ + jmsMsg.setStringProperty(jmsTokenAuthenticationPolicy.getTokenName().toString(), principal.getName()); + } } } diff --git a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java index f28c85f160..87b1bb21e2 100644 --- a/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java +++ b/java/sca/modules/binding-jms-runtime/src/main/java/org/apache/tuscany/sca/binding/jms/provider/JMSBindingListener.java @@ -32,6 +32,7 @@ import javax.jms.Queue; import javax.jms.Session; import javax.jms.Topic; import javax.naming.NamingException; +import javax.security.auth.Subject; import org.apache.tuscany.sca.assembly.Binding; import org.apache.tuscany.sca.binding.jms.impl.JMSBinding; @@ -43,6 +44,8 @@ import org.apache.tuscany.sca.core.invocation.MessageImpl; import org.apache.tuscany.sca.interfacedef.Operation; import org.apache.tuscany.sca.policy.PolicySet; import org.apache.tuscany.sca.policy.PolicySetAttachPoint; +import org.apache.tuscany.sca.policy.SecurityUtil; +import org.apache.tuscany.sca.policy.authentication.token.TokenPrincipal; import org.apache.tuscany.sca.runtime.EndpointReference; import org.apache.tuscany.sca.runtime.ReferenceParameters; import org.apache.tuscany.sca.runtime.RuntimeComponentService; @@ -205,8 +208,15 @@ public class JMSBindingListener implements MessageListener { if (jmsTokenAuthenticationPolicy != null) { String token = requestJMSMsg.getStringProperty(jmsTokenAuthenticationPolicy.getTokenName().toString()); - tuscanyMsg.getHeaders().put(jmsTokenAuthenticationPolicy.getTokenName().toString(), - token); + + Subject subject = SecurityUtil.getSubject(tuscanyMsg); + TokenPrincipal principal = SecurityUtil.getPrincipal(subject, TokenPrincipal.class); + + if (principal == null){ + principal = new TokenPrincipal(token); + subject.getPrincipals().add(principal); + } + } } diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java index 1ed80ba4da..c6cd96e647 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationReferencePolicyInterceptor.java @@ -84,8 +84,7 @@ public class Axis2TokenAuthenticationReferencePolicyInterceptor implements Inter header.setHeaderString("SomeWSAuthorizationToken"); // add header to Tuscany message - msg.getHeaders().put(policy.getTokenName().toString(), - header); + msg.getHeaders().add(header); } return getNext().invoke(msg); diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java index 993f59d159..43505a8d33 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/token/Axis2TokenAuthenticationServicePolicyInterceptor.java @@ -23,6 +23,8 @@ import java.security.Principal; import javax.security.auth.Subject; +import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2HeaderPolicyUtil; +import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeader; import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeaderString; import org.apache.tuscany.sca.interfacedef.Operation; import org.apache.tuscany.sca.invocation.Interceptor; @@ -66,7 +68,7 @@ public class Axis2TokenAuthenticationServicePolicyInterceptor implements Interce public Message invoke(Message msg) { - Axis2SOAPHeaderString header = (Axis2SOAPHeaderString)msg.getHeaders().get(policy.getTokenName().toString()); + Axis2SOAPHeaderString header = (Axis2SOAPHeaderString)Axis2HeaderPolicyUtil.getHeader(msg, policy.getTokenName()); if (header != null) { System.out.println("Token: " + header.getHeaderString()); diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderPolicyUtil.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderPolicyUtil.java new file mode 100644 index 0000000000..98d011a8fc --- /dev/null +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderPolicyUtil.java @@ -0,0 +1,50 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.ws.axis2.policy.header; + + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.invocation.Message; + + +/** + * + * @version $Rev$ $Date$ + */ +public class Axis2HeaderPolicyUtil { + + public static Axis2SOAPHeader getHeader(Message msg, QName headerName){ + + Axis2SOAPHeader axis2Header = null; + + for (Object header : msg.getHeaders()){ + if (header instanceof Axis2SOAPHeader){ + Axis2SOAPHeader tmpHeader = (Axis2SOAPHeader)header; + + if (tmpHeader.getHeaderName().equals(headerName)){ + axis2Header = tmpHeader; + break; + } + } + } + + return axis2Header; + } +} diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java index 161bb8d563..1b3315bb76 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderReferencePolicyInterceptor.java @@ -73,23 +73,7 @@ public class Axis2HeaderReferencePolicyInterceptor implements Interceptor { } public Message invoke(Message msg) { - // could call out here to some 3rd party system to get credentials - - if ( policy.getHeaderName() != null){ - // create Axis representation of header - //OMElement header = SOAPFactory - - OMFactory factory = OMAbstractFactory.getOMFactory(); - OMNamespace ns1 = factory.createOMNamespace(policy.getHeaderName().getNamespaceURI(), - policy.getHeaderName().getPrefix()); - OMElement header = factory.createOMElement(policy.getHeaderName().getLocalPart(),ns1); - OMText headerText = factory.createOMText(header,"SomeAuthTokenText"); - header.addChild(headerText); - - // add header to Tuscany message - msg.getHeaders().put(policy.getHeaderName().toString(), - policy); - } + // TODO - not yet implemented return getNext().invoke(msg); } diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java index 924c68a891..a758ca5261 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2HeaderServicePolicyInterceptor.java @@ -62,17 +62,7 @@ public class Axis2HeaderServicePolicyInterceptor implements Interceptor { } public Message invoke(Message msg) { - - OMElement header = (OMElement)msg.getHeaders().get(policy.getHeaderName().toString()); - - if (header != null) { - - System.out.println("Token: " + header.getText()); - // could call out here to some 3rd part system to do whatever you - // need to turn credentials into a principal - - msg.getQoSContext().put(Message.QOS_CTX_SECURITY_PRINCIPAL, header.getText()); - } + // TODO - not yet implemented return getNext().invoke(msg); } diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java index b5994ff2c3..0eefeac87b 100644 --- a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java +++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/header/Axis2SOAPHeaderString.java @@ -54,6 +54,7 @@ public class Axis2SOAPHeaderString extends Axis2SOAPHeader { } public void setAsSOAPHeaderBlock(OMElement header) { + super.setAsSOAPHeaderBlock(header); headerString = header.getText(); } } diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java index c51a5bad29..d4250e3244 100644 --- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java +++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java @@ -808,7 +808,7 @@ public class Axis2ServiceProvider { WSSecurityEngineResult securityResult = (WSSecurityEngineResult)wshr.getResults().elementAt(count2); if ( securityResult.get("principal") != null ) { - message.getQoSContext().put(Message.QOS_CTX_SECURITY_PRINCIPAL, securityResult.get("principal")); + message.getHeaders().add(securityResult.get("principal")); } } } diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java index 58f7c11f60..873e23a98a 100644 --- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java +++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java @@ -114,15 +114,5 @@ public class Axis2BindingBasicAuthenticationConfigurator { BasicAuthenticationPrincipal principal = new BasicAuthenticationPrincipal(username, password); subject.getPrincipals().add(principal); - - // Set the http headers - // This is just an experiment, looking at the alternatives to extracting - // username and password in the binding. With HTTP headers in the message it - // could be deferred to the interceptor. Asymetric though when compared with the - // reference support. - // how to defined the scheme for message headers? - msg.getHeaders().put("httpheaders", httpHeaderProperties); } - - } diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java index 0c3577104b..647f934c02 100644 --- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java +++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java @@ -27,6 +27,7 @@ import org.apache.axiom.om.OMFactory; import org.apache.axiom.soap.SOAPEnvelope; import org.apache.axiom.soap.SOAPHeader; import org.apache.axis2.context.MessageContext; +import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2HeaderPolicyUtil; import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeader; import org.apache.tuscany.sca.invocation.Message; @@ -46,9 +47,11 @@ public class Axis2BindingHeaderConfigurator { OMFactory factory = envelope.getOMFactory(); SOAPHeader soapHeader = envelope.getHeader(); - Axis2SOAPHeader header = (Axis2SOAPHeader)msg.getHeaders().get(headerQName.toString()); + Axis2SOAPHeader header = Axis2HeaderPolicyUtil.getHeader(msg, headerQName) ; - soapHeader.addChild(header.getAsSOAPHeaderBlock(factory)); + if (header != null){ + soapHeader.addChild(header.getAsSOAPHeaderBlock(factory)); + } } } @@ -60,7 +63,7 @@ public class Axis2BindingHeaderConfigurator { header.setAsSOAPHeaderBlock(omHeader); - msg.getHeaders().put(headerQName.toString(), header); + msg.getHeaders().add(header); } } diff --git a/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java b/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java index 61835217de..179ec9e6f2 100644 --- a/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java +++ b/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java @@ -18,6 +18,7 @@ */ package org.apache.tuscany.sca.invocation; +import java.util.List; import java.util.Map; import org.apache.tuscany.sca.interfacedef.Operation; @@ -29,8 +30,6 @@ import org.apache.tuscany.sca.runtime.EndpointReference; * @version $Rev $Date$ */ public interface Message { - String QOS_CTX_SECURITY_PRINCIPAL = "PRINCIPAL"; - String QOS_CTX_SECURITY_SUBJECT = "SUBJECT"; /** * Returns the body of the message, which will be the payload or parameters associated with the wire @@ -109,17 +108,9 @@ public interface Message { void setOperation(Operation op); /** - * Returns a map of objects that represents the QoS context that wraps this message such as - * invoking authenticated principal and so on. - * - * @return - */ - Map<String, Object> getQoSContext(); - - /** * Returns a map of objects that are contained in the message header * * @return */ - Map<String, Object> getHeaders(); + List<Object> getHeaders(); } diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java index 0c5dc63a89..ed6c3df8fa 100644 --- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java +++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/RequestContextImpl.java @@ -48,7 +48,15 @@ public class RequestContextImpl implements RequestContext { } public Subject getSecuritySubject() { - return (Subject)ThreadMessageContext.getMessageContext().getQoSContext().get(Message.QOS_CTX_SECURITY_SUBJECT); + Subject subject = null; + + for (Object header : ThreadMessageContext.getMessageContext().getHeaders()){ + if (header instanceof Subject){ + subject = (Subject)header; + break; + } + } + return subject; } public String getServiceName() { diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java index 4ce88f5e2e..a6013cf3c9 100644 --- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java +++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java @@ -18,7 +18,9 @@ */ package org.apache.tuscany.sca.core.invocation; +import java.util.ArrayList; import java.util.Hashtable; +import java.util.List; import java.util.Map; import org.apache.tuscany.sca.core.assembly.EndpointReferenceImpl; @@ -32,12 +34,11 @@ import org.apache.tuscany.sca.runtime.EndpointReference; * @version $Rev $Date$ */ public class MessageImpl implements Message { - private Map<String, Object> headers = new Hashtable<String, Object>(); + private List<Object> headers = new ArrayList<Object>(); private Object body; private Object messageID; private boolean isFault; private Operation operation; - private Map<String, Object> qosContext = new Hashtable<String, Object>(); private EndpointReference from; private EndpointReference to; @@ -97,12 +98,8 @@ public class MessageImpl implements Message { public void setOperation(Operation op) { this.operation = op; } - - public Map<String, Object> getQoSContext() { - return qosContext; - } - public Map<String, Object> getHeaders() { + public List<Object> getHeaders() { return headers; } diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java index c79fe46a7e..582d1ee141 100644 --- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java +++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java @@ -19,6 +19,7 @@ package org.apache.tuscany.sca.core.invocation; import java.util.LinkedList; +import java.util.List; import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; @@ -186,7 +187,7 @@ public class NonBlockingInterceptor implements Interceptor { return null; } - public Map<String, Object> getHeaders() { + public List<Object> getHeaders() { return null; } } diff --git a/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java b/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java index 8db7e5bed3..7a3c4bdf5a 100644 --- a/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java +++ b/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java @@ -18,6 +18,7 @@ */
package org.apache.tuscany.sca.implementation.notification;
+import java.util.List;
import java.util.Map;
import org.apache.tuscany.sca.interfacedef.Operation;
@@ -89,11 +90,8 @@ public class ImmutableMessage implements Message { return null;
}
- public Map<String, Object> getQoSContext() {
- return null;
- }
- public Map<String, Object> getHeaders() {
+ public List<Object> getHeaders() {
return null;
}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java index 7e32973b9a..2216de5361 100644 --- a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java +++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/SecurityUtil.java @@ -33,11 +33,19 @@ import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPri public class SecurityUtil { public static Subject getSubject(Message msg){ - Subject subject = (Subject)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_SUBJECT); + + Subject subject = null; + + for (Object header : msg.getHeaders()){ + if (header instanceof Subject){ + subject = (Subject)header; + break; + } + } if (subject == null){ subject = new Subject(); - msg.getQoSContext().put(Message.QOS_CTX_SECURITY_SUBJECT, subject); + msg.getHeaders().add(subject); } return subject; @@ -52,4 +60,18 @@ public class SecurityUtil { return null; } + + public static Principal getPrincipal(Message msg){ + + Principal principal = null; + + for (Object header : msg.getHeaders()){ + if (header instanceof Principal){ + principal = (Principal)header; + break; + } + } + + return principal; + } } diff --git a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java index 2ebcc8470a..5c692df4ec 100644 --- a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java +++ b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java @@ -7,6 +7,7 @@ import org.apache.tuscany.sca.invocation.Interceptor; import org.apache.tuscany.sca.invocation.Invoker;
import org.apache.tuscany.sca.invocation.Message;
import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.SecurityUtil;
/*
* Licensed to the Apache Software Foundation (ASF) under one
@@ -46,10 +47,11 @@ public class CheckingsDeptAuthPolicyInterceptor implements Interceptor { Object msgBody = msg.getBody();
if (msgBody instanceof Object[]) {
Object args[] = (Object[])msg.getBody();
- if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) {
- BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL),
- (String)args[0]);
- }
+ Principal principal = SecurityUtil.getPrincipal(msg);
+ if (principal != null){
+ BigbankCheckingsAcl.authorize(principal,
+ (String)args[0]);
+ }
}
Message responseMsg = null;
diff --git a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java index 5668fa23b9..b023adf907 100644 --- a/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java +++ b/java/sca/samples/spring-bigbank-checkaccount/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java @@ -23,6 +23,7 @@ import java.security.Principal; import org.apache.tuscany.sca.invocation.Message;
import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.SecurityUtil;
import org.apache.tuscany.sca.policy.util.PolicyHandler;
/**
@@ -39,10 +40,11 @@ public class CheckingsDeptAuthorizationPolicyHandler implements PolicyHandler { if ( context[count] instanceof Message ) {
Message msg = (Message)context[count];
Object args[] = (Object[])msg.getBody();
- if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) {
- BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL),
- (String)args[0]);
- }
+ Principal principal = SecurityUtil.getPrincipal(msg);
+ if (principal != null){
+ BigbankCheckingsAcl.authorize(principal,
+ (String)args[0]);
+ }
}
}
}
|