diff options
Diffstat (limited to 'branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security')
8 files changed, 527 insertions, 0 deletions
diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/AccountsDataPasswordCallbackHandler.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/AccountsDataPasswordCallbackHandler.java new file mode 100644 index 0000000000..579b4ee64b --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/AccountsDataPasswordCallbackHandler.java @@ -0,0 +1,54 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package bigbank.account.security; + +import java.io.IOException; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.UnsupportedCallbackException; + +import org.apache.ws.security.WSPasswordCallback; + +/** + * Sample userid passwd generation class + */ +public class AccountsDataPasswordCallbackHandler implements CallbackHandler { + + public void handle(Callback[] callbacks) throws IOException, + UnsupportedCallbackException { + for (int i = 0; i < callbacks.length; i++) { + WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i]; + if ( pwcb.getUsage() == WSPasswordCallback.SIGNATURE ) { + System.out.println(" Usage is SIGNATURE ... "); + pwcb.setPassword("bbservice"); + } else if ( pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN ) { + System.out.println("*** Calling ACCOUNTS-DATA Passwd Handler for AUTHENTICATING userID = " + + pwcb.getIdentifer() + " and password = " + pwcb.getPassword() ); + if ( pwcb.getIdentifer().equals("bbaservice") && pwcb.getPassword().equals("bbaservice")) { + System.out.println("AUTHENTICATION SUCCESSFUL!"); + } else { + System.out.println("AUTHENTICATION FAILED!"); + throw new UnsupportedCallbackException(pwcb, "UserId - Password Authentication Failed!"); + } + } + } + } + +} diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/BigbankCheckingsAcl.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/BigbankCheckingsAcl.java new file mode 100644 index 0000000000..5c64e11d10 --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/BigbankCheckingsAcl.java @@ -0,0 +1,48 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package bigbank.account.security; + +import java.security.Principal; +import java.util.Hashtable; +import java.util.Map; + +/** + * @version $Rev$ $Date$ + */ +public class BigbankCheckingsAcl { + private static Map<String, String>checkingsAcl = new Hashtable<String, String>(); + + static { + checkingsAcl.put("bbaservice", "Customer_01"); + checkingsAcl.put("bbUser01", "Customer_01"); + } + + + public static void authorize(Principal principal, String resource) { + if ( checkingsAcl.get(principal.getName()) == null || + !checkingsAcl.get(principal.getName()).equals(resource) ) { + throw new RuntimeException("User - " + principal.getName() + " not authorized to access account " + + resource); + } else { + System.out.println("Successfully Authorized '" + principal.getName() + " to access accounts of " + resource); + } + } + +} diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthImplementationPolicyProvider.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthImplementationPolicyProvider.java new file mode 100644 index 0000000000..c98dcacbf3 --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthImplementationPolicyProvider.java @@ -0,0 +1,90 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package bigbank.account.security; + +import org.apache.tuscany.sca.assembly.ConfiguredOperation; +import org.apache.tuscany.sca.assembly.Implementation; +import org.apache.tuscany.sca.assembly.OperationsConfigurator; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Interceptor; +import org.apache.tuscany.sca.invocation.Phase; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.runtime.RuntimeComponent; + +/** + * @version $Rev$ $Date$ + */ +public class CheckingsDeptAuthImplementationPolicyProvider implements PolicyProvider { + private RuntimeComponent component; + private Implementation implementation; + + public CheckingsDeptAuthImplementationPolicyProvider(RuntimeComponent component, Implementation implementation) { + super(); + this.component = component; + this.implementation = implementation; + } + + private String getContext() { + return "component.implementation: " + component.getURI() + "(" + implementation.getClass().getName() + ")"; + } + + private PolicySet findPolicySet(Operation operation) { + for (PolicySet ps : component.getPolicySets()) { + for (Object p : ps.getPolicies()) { + if (CheckingsDeptAuthPolicy.class.isInstance(p)) { + return ps; + } + } + } + + if ( component instanceof OperationsConfigurator ) { + for ( ConfiguredOperation confOp : ((OperationsConfigurator)component).getConfiguredOperations() ) { + if ( confOp.getName().equals(operation.getName())) { + for (PolicySet ps : confOp.getPolicySets()) { + for (Object p : ps.getPolicies()) { + if (CheckingsDeptAuthPolicy.class.isInstance(p)) { + return ps; + } + } + } + } + } + } + + return null; + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProvider#createInterceptor(org.apache.tuscany.sca.interfacedef.Operation) + */ + public Interceptor createInterceptor(Operation operation) { + PolicySet ps = findPolicySet(operation); + return ps == null ? null : new CheckingsDeptAuthPolicyInterceptor(getContext(), operation, ps); + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProvider#getPhase() + */ + public String getPhase() { + return Phase.IMPLEMENTATION_POLICY; + } + +} diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicy.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicy.java new file mode 100644 index 0000000000..121ee9a3f8 --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicy.java @@ -0,0 +1,46 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package bigbank.account.security; + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.policy.Policy; + +/** + * @version $Rev$ $Date$ + */ +public class CheckingsDeptAuthPolicy implements Policy { + + public QName getSchemaName() { + // TODO Auto-generated method stub + return null; + } + + public boolean isUnresolved() { + // TODO Auto-generated method stub + return false; + } + + public void setUnresolved(boolean unresolved) { + // TODO Auto-generated method stub + + } + +} diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java new file mode 100644 index 0000000000..c8b73d4ed4 --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyInterceptor.java @@ -0,0 +1,77 @@ +package bigbank.account.security; + +import java.security.Principal; +import java.util.logging.ConsoleHandler; +import java.util.logging.Handler; +import java.util.logging.Level; +import java.util.logging.Logger; + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Interceptor; +import org.apache.tuscany.sca.invocation.Invoker; +import org.apache.tuscany.sca.invocation.Message; +import org.apache.tuscany.sca.policy.PolicySet; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +/** + * Policy handler to handle PolicySet related to Logging with the QName + * {http://tuscany.apache.org/xmlns/sca/1.0/impl/java}LoggingPolicy + */ +public class CheckingsDeptAuthPolicyInterceptor implements Interceptor { + private Invoker next; + + public CheckingsDeptAuthPolicyInterceptor(String context, Operation operation, PolicySet policySet) { + super(); + init(); + } + + private final void init() { + } + + public Message invoke(Message msg) { + Object msgBody = msg.getBody(); + if (msgBody instanceof Object[]) { + Object args[] = (Object[])msg.getBody(); + if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) { + BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL), + (String)args[0]); + } + } + + Message responseMsg = null; + try { + responseMsg = getNext().invoke(msg); + return responseMsg; + } catch (RuntimeException e) { + throw e; + } + } + + public Invoker getNext() { + return next; + } + + public void setNext(Invoker next) { + this.next = next; + } +} diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyProviderFactory.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyProviderFactory.java new file mode 100644 index 0000000000..5fecef691e --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthPolicyProviderFactory.java @@ -0,0 +1,75 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package bigbank.account.security; + +import org.apache.tuscany.sca.assembly.Binding; +import org.apache.tuscany.sca.assembly.Implementation; +import org.apache.tuscany.sca.core.ExtensionPointRegistry; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.provider.PolicyProviderFactory; +import org.apache.tuscany.sca.runtime.RuntimeComponent; +import org.apache.tuscany.sca.runtime.RuntimeComponentReference; +import org.apache.tuscany.sca.runtime.RuntimeComponentService; + +/** + * @version $Rev$ $Date$ + */ +public class CheckingsDeptAuthPolicyProviderFactory implements PolicyProviderFactory<CheckingsDeptAuthPolicy> { + private ExtensionPointRegistry registry; + + public CheckingsDeptAuthPolicyProviderFactory(ExtensionPointRegistry registry) { + super(); + this.registry = registry; + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createImplementationPolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.assembly.Implementation) + */ + public PolicyProvider createImplementationPolicyProvider(RuntimeComponent component, Implementation implementation) { + return new CheckingsDeptAuthImplementationPolicyProvider(component, implementation); + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createReferencePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentReference, org.apache.tuscany.sca.assembly.Binding) + */ + public PolicyProvider createReferencePolicyProvider(RuntimeComponent component, + RuntimeComponentReference reference, + Binding binding) { + return null; + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createServicePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentService, org.apache.tuscany.sca.assembly.Binding) + */ + public PolicyProvider createServicePolicyProvider(RuntimeComponent component, + RuntimeComponentService service, + Binding binding) { + return null; + } + + /** + * @see org.apache.tuscany.sca.provider.ProviderFactory#getModelType() + */ + public Class getModelType() { + // TODO Auto-generated method stub + return null; + } + +} diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java new file mode 100644 index 0000000000..419b5def58 --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyHandler.java @@ -0,0 +1,65 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package bigbank.account.security; + +import java.security.Principal; + +import org.apache.tuscany.sca.invocation.Message; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.util.PolicyHandler; + +/** + * @version $Rev$ $Date$ + */ +public class CheckingsDeptAuthorizationPolicyHandler implements PolicyHandler { + private PolicySet applicablePolicySet = null; + + public void afterInvoke(Object... context) { + } + + public void beforeInvoke(Object... context) { + for ( int count = 0 ; count < context.length ; ++count ) { + if ( context[count] instanceof Message ) { + Message msg = (Message)context[count]; + Object args[] = (Object[])msg.getBody(); + if ( msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL) != null ) { + BigbankCheckingsAcl.authorize((Principal)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL), + (String)args[0]); + } + } + } + } + + public void cleanUp(Object... arg0) { + } + + public PolicySet getApplicablePolicySet() { + return this.applicablePolicySet; + } + + public void setApplicablePolicySet(PolicySet policySet) { + this.applicablePolicySet = policySet; + } + + public void setUp(Object... arg0) { + + } + +} diff --git a/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyProcessor.java b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyProcessor.java new file mode 100644 index 0000000000..da1b6e1d06 --- /dev/null +++ b/branches/sca-java-1.3/demos/bigbank-account/src/main/java/bigbank/account/security/CheckingsDeptAuthorizationPolicyProcessor.java @@ -0,0 +1,72 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package bigbank.account.security; + +import javax.xml.namespace.QName; +import javax.xml.stream.XMLStreamException; +import javax.xml.stream.XMLStreamReader; +import javax.xml.stream.XMLStreamWriter; + +import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint; +import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.resolver.ModelResolver; +import org.apache.tuscany.sca.contribution.service.ContributionReadException; +import org.apache.tuscany.sca.contribution.service.ContributionResolveException; +import org.apache.tuscany.sca.contribution.service.ContributionWriteException; + +/** + * Implementation of a Policy Processor + * + */ +public class CheckingsDeptAuthorizationPolicyProcessor implements StAXArtifactProcessor<CheckingsDeptAuthPolicy> { + private static final QName CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME = new QName("http://bigbank/checkings", "AuthPolicy"); + public QName getArtifactType() { + return CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME; + } + + public CheckingsDeptAuthorizationPolicyProcessor(ModelFactoryExtensionPoint modelFactories) { + } + + + public CheckingsDeptAuthPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException { + CheckingsDeptAuthPolicy policy = new CheckingsDeptAuthPolicy(); + return policy; + } + + public void write(CheckingsDeptAuthPolicy policy, XMLStreamWriter writer) throws ContributionWriteException, + XMLStreamException { + String prefix = "tuscany"; + writer.writeStartElement(prefix, + CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME.getLocalPart(), + CHECKINGS_DEPT_AUTHORIZATION_POLICY_QNAME.getNamespaceURI()); + writer.writeNamespace("chk", "http://bigbank/checkings"); + + + writer.writeEndElement(); + } + + public Class<CheckingsDeptAuthPolicy> getModelType() { + return CheckingsDeptAuthPolicy.class; + } + + public void resolve(CheckingsDeptAuthPolicy arg0, ModelResolver arg1) throws ContributionResolveException { + + } + +} |