diff options
7 files changed, 202 insertions, 12 deletions
diff --git a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/DefaultServletHostExtensionPoint.java b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/DefaultServletHostExtensionPoint.java index 04b2f4c199..46f819d6b9 100644 --- a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/DefaultServletHostExtensionPoint.java +++ b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/DefaultServletHostExtensionPoint.java @@ -132,6 +132,10 @@ public class DefaultServletHostExtensionPoint implements ServletHostExtensionPoi public void addServletMapping(String uri, Servlet servlet) throws ServletMappingException { getServletHost().addServletMapping(uri, servlet); } + + public void addServletMapping(String uri, Servlet servlet, SecurityContext securityContext) throws ServletMappingException { + getServletHost().addServletMapping(uri, servlet, securityContext); + } public String getContextPath() { return getServletHost().getContextPath(); diff --git a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ExtensibleServletHost.java b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ExtensibleServletHost.java index 4dfa1dd8a3..668b069bf9 100644 --- a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ExtensibleServletHost.java +++ b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ExtensibleServletHost.java @@ -68,6 +68,16 @@ public class ExtensibleServletHost implements ServletHost { // For now just select the first one getDefaultServletHost().addServletMapping(uri, servlet); } + + public void addServletMapping(String uri, Servlet servlet, SecurityContext securityContext) throws ServletMappingException { + if (servletHosts.getServletHosts().isEmpty()) { + throw new ServletMappingException("No servlet host available"); + } + + // TODO implement selection of the correct Servlet host based on the mapping + // For now just select the first one + getDefaultServletHost().addServletMapping(uri, servlet, securityContext); + } public Servlet getServletMapping(String uri) throws ServletMappingException { if (servletHosts.getServletHosts().isEmpty()) { diff --git a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/SecurityContext.java b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/SecurityContext.java new file mode 100644 index 0000000000..f290bb3e59 --- /dev/null +++ b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/SecurityContext.java @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.host.http; + +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; + +/** + * A class to store policy context to enable Security QoS to + * HTTP binding + */ +public class SecurityContext { + private boolean isSSLEnabled = false; + private Properties sslProperties; + + private boolean isAuthenticationEnabled = false; + private List<UserContext> users = new ArrayList<UserContext>(); + + public boolean isSSLEnabled() { + return isSSLEnabled; + } + + public void setSSLEnabled(boolean value) { + this.isSSLEnabled = value; + } + + public Properties getSSLProperties() { + return sslProperties; + } + + public void setSSLProperties(Properties sslProperties) { + this.sslProperties = sslProperties; + } + + public boolean isAuthenticationEnabled() { + return this.isAuthenticationEnabled; + } + + public void setAuthenticationEnabled(boolean value) { + this.isAuthenticationEnabled = value; + } + + public List<UserContext> getUsers() { + return this.users; + } +} diff --git a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ServletHost.java b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ServletHost.java index 07a54c1c37..6747472bc1 100644 --- a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ServletHost.java +++ b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/ServletHost.java @@ -58,6 +58,19 @@ public interface ServletHost { * @throws ServletMappingException */ void addServletMapping(String uri, Servlet servlet) throws ServletMappingException; + + /** + * Add a mapping for an instance of a Servlet. This requests that the + * Servlet container direct all requests to the designated mapping to the + * supplied Servlet instance. SecurityContext can be passed to enable + * QoS services such as Confidentiality (SSL) and Authentication/Authorization + * + * @param uri the URI-mapping for the Servlet + * @param servlet the Servlet that should be invoked + * @param securityContext the SecurityContext to enable QoS services + * @throws ServletMappingException + */ + void addServletMapping(String uri, Servlet servlet, SecurityContext securityContext) throws ServletMappingException; /** * Remove a Servlet mapping. This directs the Servlet container not to direct diff --git a/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/UserContext.java b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/UserContext.java new file mode 100644 index 0000000000..4a19eda81d --- /dev/null +++ b/sca-java-2.x/trunk/modules/host-http/src/main/java/org/apache/tuscany/sca/host/http/UserContext.java @@ -0,0 +1,68 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.host.http; + +import java.util.ArrayList; +import java.util.List; + +/** + * Model class used to define list of users and it's roles + * + * These info is used to configure authentication/authorization + * in embedded http servers + * + * @version $Rev$ $Date$ + */ +public class UserContext { + private String username; + private String password; + private List<String> roles = new ArrayList<String>(); + + + public UserContext() { + + } + + public UserContext(String username, String password) { + this.username = username; + this.password = password; + } + + public String getUsername() { + return this.username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getPassword() { + return this.password; + } + + public void setPassword(String password) { + this.password = password; + } + + public List<String> getRoles() { + return this.roles; + } + +} diff --git a/sca-java-2.x/trunk/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/JettyServer.java b/sca-java-2.x/trunk/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/JettyServer.java index e746767338..b526103552 100644 --- a/sca-java-2.x/trunk/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/JettyServer.java +++ b/sca-java-2.x/trunk/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/JettyServer.java @@ -44,6 +44,7 @@ import org.apache.tuscany.sca.core.ExtensionPointRegistry; import org.apache.tuscany.sca.core.LifeCycleListener; import org.apache.tuscany.sca.core.UtilityExtensionPoint; import org.apache.tuscany.sca.host.http.DefaultResourceServlet; +import org.apache.tuscany.sca.host.http.SecurityContext; import org.apache.tuscany.sca.host.http.ServletHost; import org.apache.tuscany.sca.host.http.ServletMappingException; import org.apache.tuscany.sca.work.WorkScheduler; @@ -70,7 +71,7 @@ public class JettyServer implements ServletHost, LifeCycleListener { private final Object joinLock = new Object(); private String trustStore; - private String truststorePassword; + private String trustStorePassword; private String keyStore; private String keyStorePassword; @@ -79,8 +80,10 @@ public class JettyServer implements ServletHost, LifeCycleListener { private boolean sendServerVersion; private WorkScheduler workScheduler; - private int defaultPort = portDefault; + public static int portDefault = 8080; + private int defaultPort = portDefault; + private int defaultSSLPort = 443; /** * Represents a port and the server that serves it. @@ -117,7 +120,7 @@ public class JettyServer implements ServletHost, LifeCycleListener { AccessController.doPrivileged(new PrivilegedAction<Object>() { public Object run() { trustStore = System.getProperty("javax.net.ssl.trustStore"); - truststorePassword = System.getProperty("javax.net.ssl.trustStorePassword"); + trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword"); keyStore = System.getProperty("javax.net.ssl.keyStore"); keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword"); @@ -172,14 +175,23 @@ public class JettyServer implements ServletHost, LifeCycleListener { } } - private void configureSSL(SslSocketConnector connector) { + private void configureSSL(SslSocketConnector connector, SecurityContext securityContext) { connector.setProtocol("TLS"); + if (securityContext != null) { + keyStoreType = securityContext.getSSLProperties().getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType()); + keyStore = securityContext.getSSLProperties().getProperty("javax.net.ssl.keyStore"); + keyStorePassword = securityContext.getSSLProperties().getProperty("javax.net.ssl.keyStorePassword"); + + trustStoreType = securityContext.getSSLProperties().getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType()); + trustStore = securityContext.getSSLProperties().getProperty("javax.net.ssl.trustStore"); + trustStorePassword = securityContext.getSSLProperties().getProperty("javax.net.ssl.trustStorePassword"); + } connector.setKeystore(keyStore); connector.setKeyPassword(keyStorePassword); connector.setKeystoreType(keyStoreType); connector.setTruststore(trustStore); - connector.setTrustPassword(truststorePassword); + connector.setTrustPassword(trustStorePassword); connector.setTruststoreType(trustStoreType); connector.setPassword(keyStorePassword); @@ -188,18 +200,32 @@ public class JettyServer implements ServletHost, LifeCycleListener { } } - + public void addServletMapping(String suri, Servlet servlet) throws ServletMappingException { + addServletMapping(suri, servlet, null); + } + + public void addServletMapping(String suri, Servlet servlet, final SecurityContext securityContext) throws ServletMappingException { URI uri = URI.create(suri); // Get the URI scheme and port - String scheme = uri.getScheme(); - if (scheme == null) { - scheme = "http"; + String scheme = null; + if(securityContext != null && securityContext.isSSLEnabled()) { + scheme = "https"; + } else { + scheme = uri.getScheme(); + if (scheme == null) { + scheme = "http"; + } } + int portNumber = uri.getPort(); if (portNumber == -1) { - portNumber = defaultPort; + if ("http".equals(scheme)) { + portNumber = defaultPort; + } else { + portNumber = defaultSSLPort; + } } // Get the port object associated with the given port number @@ -215,7 +241,7 @@ public class JettyServer implements ServletHost, LifeCycleListener { // httpConnector.setPort(portNumber); SslSocketConnector sslConnector = new SslSocketConnector(); sslConnector.setPort(portNumber); - configureSSL(sslConnector); + configureSSL(sslConnector, securityContext); server.setConnectors(new Connector[] {sslConnector}); } else { SelectChannelConnector selectConnector = new SelectChannelConnector(); diff --git a/sca-java-2.x/trunk/modules/host-webapp/src/main/java/org/apache/tuscany/sca/host/webapp/WebAppServletHost.java b/sca-java-2.x/trunk/modules/host-webapp/src/main/java/org/apache/tuscany/sca/host/webapp/WebAppServletHost.java index 4e32d8bcad..3d9937f42c 100644 --- a/sca-java-2.x/trunk/modules/host-webapp/src/main/java/org/apache/tuscany/sca/host/webapp/WebAppServletHost.java +++ b/sca-java-2.x/trunk/modules/host-webapp/src/main/java/org/apache/tuscany/sca/host/webapp/WebAppServletHost.java @@ -38,6 +38,7 @@ import javax.servlet.ServletConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; +import org.apache.tuscany.sca.host.http.SecurityContext; import org.apache.tuscany.sca.host.http.ServletHost; import org.apache.tuscany.sca.host.http.ServletMappingException; import org.apache.tuscany.sca.node.Node; @@ -75,8 +76,12 @@ public class WebAppServletHost implements ServletHost { public String getName() { return "webapp"; } - + public void addServletMapping(String suri, Servlet servlet) throws ServletMappingException { + addServletMapping(suri, servlet, null); + } + + public void addServletMapping(String suri, Servlet servlet, SecurityContext securityContext) throws ServletMappingException { URI pathURI = URI.create(suri); // Make sure that the path starts with a / |