diff options
Diffstat (limited to 'tags/java/sca/1.0-RC1b/modules/policy-security/src')
6 files changed, 509 insertions, 0 deletions
diff --git a/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/ws/Axis2ConfigParamPolicy.java b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/ws/Axis2ConfigParamPolicy.java new file mode 100644 index 0000000000..7846810621 --- /dev/null +++ b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/ws/Axis2ConfigParamPolicy.java @@ -0,0 +1,38 @@ +/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.tuscany.sca.policy.security.ws;
+
+import java.util.ArrayList;
+import java.util.Hashtable;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.axiom.om.OMElement;
+
+/**
+ * Implementation for policies that could be injected as parameter
+ * into the axis2config.
+ */
+public class Axis2ConfigParamPolicy {
+ private Map<String, OMElement> paramElements = new Hashtable<String, OMElement>();
+
+ public Map<String, OMElement> getParamElements() {
+ return paramElements;
+ }
+}
diff --git a/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/ws/Axis2ConfigParamPolicyProcessor.java b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/ws/Axis2ConfigParamPolicyProcessor.java new file mode 100644 index 0000000000..54beca0791 --- /dev/null +++ b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/ws/Axis2ConfigParamPolicyProcessor.java @@ -0,0 +1,154 @@ +/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.tuscany.sca.policy.security.ws;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamConstants;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.axiom.om.OMAbstractFactory;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+
+/**
+ * @author administrator
+ *
+ */
+public class Axis2ConfigParamPolicyProcessor implements StAXArtifactProcessor<Axis2ConfigParamPolicy> {
+ public static final QName AXIS2_CONFIG_PARAM_POLICY_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "wsConfigParam");
+ public static final String PARAMETER = "parameter";
+ public QName getArtifactType() {
+ return AXIS2_CONFIG_PARAM_POLICY_QNAME;
+ }
+
+ public Axis2ConfigParamPolicyProcessor(ModelFactoryExtensionPoint modelFactories) {
+ }
+
+ public Axis2ConfigParamPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+ Axis2ConfigParamPolicy policy = new Axis2ConfigParamPolicy();
+ int event = reader.getEventType();
+ QName name = null;
+ OMElement parameterElement = null;
+ String paramName = null;
+ while (reader.hasNext()) {
+ event = reader.getEventType();
+ switch (event) {
+ case START_ELEMENT : {
+ name = reader.getName();
+ if ( PARAMETER.equals(name.getLocalPart()) ) {
+ paramName = reader.getAttributeValue(null, Constants.NAME);
+ parameterElement = loadElement(reader);
+ policy.getParamElements().put(paramName, parameterElement);
+ }
+ break;
+ }
+ }
+
+ if ( event == END_ELEMENT ) {
+ if ( AXIS2_CONFIG_PARAM_POLICY_QNAME.equals(reader.getName()) ) {
+ break;
+ }
+ }
+
+ //Read the next element
+ if (reader.hasNext()) {
+ reader.next();
+ }
+ }
+
+ return policy;
+ }
+
+ public void write(Axis2ConfigParamPolicy arg0, XMLStreamWriter arg1) throws ContributionWriteException,
+ XMLStreamException {
+ }
+
+ public Class<Axis2ConfigParamPolicy> getModelType() {
+ return Axis2ConfigParamPolicy.class;
+ }
+
+ public void resolve(Axis2ConfigParamPolicy arg0, ModelResolver arg1) throws ContributionResolveException {
+
+ }
+
+ private OMElement loadElement(XMLStreamReader reader) throws XMLStreamException {
+ OMFactory fac = OMAbstractFactory.getOMFactory();
+ OMElement head = fac.createOMElement(reader.getName());
+ OMElement current = head;
+ while (true) {
+ switch (reader.next()) {
+ case XMLStreamConstants.START_ELEMENT:
+ //since the axis2 code checks against a no namespace we need to generate accordingly
+ QName name = new QName(reader.getName().getLocalPart());
+ OMElement child = fac.createOMElement(name, current);
+
+ int count = reader.getNamespaceCount();
+ for (int i = 0; i < count; i++) {
+ String prefix = reader.getNamespacePrefix(i);
+ String ns = reader.getNamespaceURI(i);
+ child.declareNamespace(ns, prefix);
+ }
+
+ if(!"".equals(name.getNamespaceURI())) {
+ child.declareNamespace(name.getNamespaceURI(), name.getPrefix());
+ }
+
+ // add the attributes for this element
+ count = reader.getAttributeCount();
+ for (int i = 0; i < count; i++) {
+ String ns = reader.getAttributeNamespace(i);
+ String prefix = reader.getAttributePrefix(i);
+ String qname = reader.getAttributeLocalName(i);
+ String value = reader.getAttributeValue(i);
+
+ child.addAttribute(qname, value, fac.createOMNamespace(ns, prefix));
+ if (ns != null) {
+ child.declareNamespace(ns, prefix);
+ }
+ }
+ current = child;
+ break;
+ case XMLStreamConstants.CDATA:
+ fac.createOMText(current, reader.getText());
+ break;
+ case XMLStreamConstants.CHARACTERS:
+ fac.createOMText(current, reader.getText());
+ break;
+ case XMLStreamConstants.END_ELEMENT:
+ if ( current == head ) {
+ return head;
+ } else {
+ current = (OMElement)current.getParent();
+ }
+ }
+ }
+ }
+}
diff --git a/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor new file mode 100644 index 0000000000..4f0ea30f6f --- /dev/null +++ b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor @@ -0,0 +1,19 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Implementation class for the artifact processor extension +org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#wsConfigParam,model=org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicy diff --git a/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml new file mode 100644 index 0000000000..8f7016b1d2 --- /dev/null +++ b/tags/java/sca/1.0-RC1b/modules/policy-security/src/main/resources/policy_definitions.xml @@ -0,0 +1,222 @@ +<?xml version="1.0" encoding="ASCII"?>
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+-->
+<definitions xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ targetNamespace="http://tuscany.apache.org/xmlns/sca/1.0/policy/ws"
+ xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0">
+
+<!-- Extension Types Metadata -->
+<implementationType type="sca:implementation.java" alwaysProvides="logging"
+ mayProvide="tracing"/>
+<bindingType type="sca:binding.ws" alwaysProvides="confidentiality"
+ mayProvide="integrity"/>
+
+ <!-- qualified intents -->
+ <intent name="wsAuthentication"
+ constrains="sca:binding.ws">
+ <description>
+ Communitcation thro this binding required Authentication.
+ </description>
+ </intent>
+
+ <!-- POLICY SETS -->
+ <policySet name="wsAuthenticationPolicy"
+ provides="wsAuthentication"
+ appliesTo="sca:binding.ws">
+ <tuscany:wsConfigParam>
+ <parameter name="InflowSecurity">
+ <action>
+ <items>UsernameToken</items>
+ <passwordCallbackClass>org.apache.tuscany.sca.policy.security.ws.PWCBHandler</passwordCallbackClass>
+ </action>
+ </parameter>
+ </tuscany:wsConfigParam>
+ </policySet>
+
+ <policySet name="wsClientAuthenticationPolicy"
+ provides="wsAuthentication"
+ appliesTo="sca:binding.ws">
+ <tuscany:wsConfigParam>
+ <parameter name="OutflowSecurity">
+ <action>
+ <items>UsernameToken</items>
+ <user>TuscanyWsUser</user>
+ <passwordCallbackClass>org.apache.tuscany.sca.policy.security.ws.PWCBHandler</passwordCallbackClass>" +
+ <passwordType>PasswordText</passwordType>
+ </action>
+ </parameter>
+ </tuscany:wsConfigParam>
+ </policySet>
+
+ <policySet name="SecureMessagingPolicies"
+ provides="confidentiality"
+ appliesTo="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <intentMap provides="confidentiality" default="transport">
+ <qualifier name="transport">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "transport" alternative -->
+ </wsp:PolicyAttachment>
+ <wsp:PolicyAttachment>...</wsp:PolicyAttachment>
+ </qualifier>
+ <qualifier name="message">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "message" alternative" -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+</policySet>
+
+<policySet name="SecurityPolicy" provides="confidentiality"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" >
+ <intentMap provides="confidentiality" default="message">
+ <qualifier name="message">
+ <intentMap provides="message" default="whole">
+ <qualifier name="body">
+ <wsp:PolicyAttachment>
+ <!-- policy attachment for body encryption -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ <qualifier name="whole">
+ <wsp:PolicyAttachment>
+ <!-- policy attachment for whole message encryption -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+ </qualifier>
+ <qualifier name="transport">
+ <wsp:PolicyAttachment>
+ <!-- policy attachment for transport encryption -->
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+</policySet>
+
+<policySet name="BasicAuthMsgProtSecurity"
+ provides="authentication confidentiality"
+ appliesTo="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0">
+ <policySetReference name="AuthenticationPolicies"/>
+ <policySetReference name="ConfidentialityPolicies"/>
+</policySet>
+
+<policySet name="AuthenticationPolicies"
+ provides="authentication"
+ appliesTo="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "basic
+ authentication" -->
+ </wsp:PolicyAttachment>
+</policySet>
+
+<policySet name="ConfidentialityPolicies"
+ provides="confidentiality"
+ bindings="binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <intentMap provides="confidentiality" default="transport">
+ <qualifier name="transport">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "transport"
+ alternative -->
+ </wsp:PolicyAttachment>
+ <wsp:PolicyAttachment>...</wsp:PolicyAttachment>
+ </qualifier>
+ <qualifier name="message">
+ <wsp:PolicyAttachment>
+ <!-- policy expression and policy subject for "message"
+ alternative" -->...
+ </wsp:PolicyAttachment>
+ </qualifier>
+ </intentMap>
+</policySet>
+
+<policySet name="SecureWSPolicy"
+ provides="confidentiality"
+ appliesTo="sca:binding.ws"
+ xmlns="http://www.osoa.org/xmlns/sca/1.0"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2002/12/secext"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:Policy>
+ <sp:Timestamp />
+ </wsp:Policy>
+ </policySet>
+
+<!-- profile intent -->
+ <intent name="reliableMessageProtection"
+ constrains="sca:binding"
+ requires="messageProtection">
+ <description>
+ Protect messages from unauthorized reading or modification
+ </description>
+ </intent>
+
+ <intent name="messageProtection"
+ constrains="sca:binding"
+ requires="confidentiality integrity">
+ <description>
+ Protect messages from unauthorized reading or modification
+ </description>
+ </intent>
+
+<!-- simple intent -->
+ <intent name="confidentiality"
+ constrains="sca:binding">
+ <description>
+ Communitcation thro this binding must prevent
+ unauthorized users from reading the messages.
+ </description>
+ </intent>
+
+ <intent name="integrity"
+ constrains="sca:binding">
+ <description>
+ Communitcation thro this binding must prevent
+ unauthorized modification of the messages.
+ </description>
+ </intent>
+
+ <intent name="authentication"
+ constrains="sca:binding">
+ <description>
+ Communitcation thro this binding required
+ Authentication.
+ </description>
+ </intent>
+
+ <intent name="logging"
+ constrains="sca:implementation">
+ <description>
+ All messages to and from this implementation must be logged
+ </description>
+ </intent>
+
+ <intent name="tracing"
+ constrains="sca:implementation.java">
+ <description>
+ Need to figure out some description for this
+ </description>
+ </intent>
+
+</definitions>
\ No newline at end of file diff --git a/tags/java/sca/1.0-RC1b/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/ws/PolicyReadTestCase.java b/tags/java/sca/1.0-RC1b/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/ws/PolicyReadTestCase.java new file mode 100644 index 0000000000..4c8b066c7f --- /dev/null +++ b/tags/java/sca/1.0-RC1b/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/ws/PolicyReadTestCase.java @@ -0,0 +1,40 @@ +package org.apache.tuscany.sca.policy.security.ws;
+
+
+import java.io.InputStream;
+import java.net.URL;
+
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamReader;
+
+import junit.framework.TestCase;
+
+/**
+ *
+ * Test the reading of ws config params policy.
+ */
+public class PolicyReadTestCase extends TestCase {
+
+ @Override
+ public void setUp() throws Exception {
+ }
+
+ @Override
+ public void tearDown() throws Exception {
+ }
+
+ public void testPolicyReading() throws Exception {
+ Axis2ConfigParamPolicyProcessor processor = new Axis2ConfigParamPolicyProcessor(null);
+
+ URL url = getClass().getResource("mock_policies.xml");
+ XMLInputFactory inputFactory = XMLInputFactory.newInstance();
+
+ InputStream urlStream = url.openStream();
+ XMLStreamReader reader = inputFactory.createXMLStreamReader(urlStream);
+
+
+ Axis2ConfigParamPolicy policy = processor.read(reader);
+ assertEquals(policy.getParamElements().size(), 2);
+ }
+
+}
diff --git a/tags/java/sca/1.0-RC1b/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/ws/mock_policies.xml b/tags/java/sca/1.0-RC1b/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/ws/mock_policies.xml new file mode 100644 index 0000000000..8fc1a7b669 --- /dev/null +++ b/tags/java/sca/1.0-RC1b/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/ws/mock_policies.xml @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="ASCII"?>
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+-->
+<tuscany:wsConfigParam xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0">
+ <parameter name="InflowSecurity">
+ <action>
+ <items>Timestamp Signature</items>
+ <signaturePropFile>org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties</signaturePropFile>
+ </action>
+ </parameter>
+ <parameter name="OutflowSecurity">
+ <action>
+ <items>Timestamp Signature</items>
+ <user>TuscanyWsUser</user>
+ <signaturePropFile>org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties</signaturePropFile>
+ <passwordCallbackClass>org.apache.tuscany.sca.binding.ws.axis2.itests.policy.IntegrityPWCBHandler</passwordCallbackClass>" +
+ <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
+ </action>
+ </parameter>
+</tuscany:wsConfigParam>
\ No newline at end of file |