From fa51018b6c24f598ae8174afa183b0b46436e69b Mon Sep 17 00:00:00 2001 From: slaws Date: Mon, 15 Sep 2008 08:07:58 +0000 Subject: More work exploring the policy extension model by implementing a token based authentication schema across binding.ws and binding.jm. No authentication is actually performed here. That is left for users to provide their own policy interceptors. However tokens are passed and security Subjects/Principals are created. This exercise has highlighted some awkwardness in the process of building policy implementations. I'll post about this on the mail list. git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@695374 13f79535-47bb-0310-9956-ffa450edef68 --- .../token/JMSTokenAuthenticationPolicy.java | 56 ++++++++++ .../JMSTokenAuthenticationPolicyProcessor.java | 112 ++++++++++++++++++++ ...MSTokenAuthenticationPolicyProviderFactory.java | 75 ++++++++++++++ ...enAuthenticationReferencePolicyInterceptor.java | 81 +++++++++++++++ ...TokenAuthenticationReferencePolicyProvider.java | 90 ++++++++++++++++ ...okenAuthenticationServicePolicyInterceptor.java | 93 +++++++++++++++++ ...MSTokenAuthenticationServicePolicyProvider.java | 88 ++++++++++++++++ .../binding/jms/policy/header/JMSHeaderPolicy.java | 56 ++++++++++ .../policy/header/JMSHeaderPolicyProcessor.java | 114 +++++++++++++++++++++ ...ca.contribution.processor.StAXArtifactProcessor | 20 ++++ ...ache.tuscany.sca.provider.PolicyProviderFactory | 19 ++++ .../axis2/policy/configuration/mock_policies.xml | 36 +++++++ 12 files changed, 840 insertions(+) create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicy.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProcessor.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProviderFactory.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyProvider.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyProvider.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicyProcessor.java create mode 100644 java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor create mode 100644 java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory create mode 100644 java/sca/modules/binding-jms-policy/src/test/resources/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/mock_policies.xml (limited to 'java/sca/modules/binding-jms-policy/src') diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicy.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicy.java new file mode 100644 index 0000000000..16ed2a53a4 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicy.java @@ -0,0 +1,56 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.jms.policy.authentication.token; + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.assembly.xml.Constants; +import org.apache.tuscany.sca.policy.Policy; + +/** + * Implementation for policies that could be injected as parameter + * into the axis2config. + * + * @version $Rev$ $Date$ + */ +public class JMSTokenAuthenticationPolicy implements Policy { + public static final QName JMS_TOKEN_AUTHENTICATION_POLICY_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "jmsTokenAuthentication"); + public static final String JMS_TOKEN_AUTHENTICATION_TOKEN_NAME = "tokenName"; + + private QName tokenName; + + public QName getTokenName() { + return tokenName; + } + + public void setTokenName(QName tokenName) { + this.tokenName = tokenName; + } + + public QName getSchemaName() { + return JMS_TOKEN_AUTHENTICATION_POLICY_QNAME; + } + + public boolean isUnresolved() { + return false; + } + + public void setUnresolved(boolean unresolved) { + } +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProcessor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProcessor.java new file mode 100644 index 0000000000..2d63fd5a16 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProcessor.java @@ -0,0 +1,112 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.jms.policy.authentication.token; + +import static javax.xml.stream.XMLStreamConstants.END_ELEMENT; +import static javax.xml.stream.XMLStreamConstants.START_ELEMENT; + +import javax.xml.namespace.QName; +import javax.xml.stream.XMLStreamException; +import javax.xml.stream.XMLStreamReader; +import javax.xml.stream.XMLStreamWriter; + +import org.apache.tuscany.sca.assembly.xml.Constants; +import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint; +import org.apache.tuscany.sca.contribution.processor.BaseStAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.resolver.ModelResolver; +import org.apache.tuscany.sca.contribution.service.ContributionReadException; +import org.apache.tuscany.sca.contribution.service.ContributionResolveException; +import org.apache.tuscany.sca.contribution.service.ContributionWriteException; +import org.apache.tuscany.sca.monitor.Monitor; + +/** + * + * @version $Rev$ $Date$ + */ +public class JMSTokenAuthenticationPolicyProcessor extends BaseStAXArtifactProcessor implements StAXArtifactProcessor { + + public QName getArtifactType() { + return JMSTokenAuthenticationPolicy.JMS_TOKEN_AUTHENTICATION_POLICY_QNAME; + } + + public JMSTokenAuthenticationPolicyProcessor(ModelFactoryExtensionPoint modelFactories, Monitor monitor) { + } + + + public JMSTokenAuthenticationPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException { + JMSTokenAuthenticationPolicy policy = new JMSTokenAuthenticationPolicy(); + int event = reader.getEventType(); + QName name = null; + + while (reader.hasNext()) { + event = reader.getEventType(); + switch (event) { + case START_ELEMENT : { + name = reader.getName(); + if ( name.equals(getArtifactType()) ) { + policy.setTokenName(getQName(reader, JMSTokenAuthenticationPolicy.JMS_TOKEN_AUTHENTICATION_TOKEN_NAME)); + } + break; + } + } + + if ( event == END_ELEMENT ) { + if ( getArtifactType().equals(reader.getName()) ) { + break; + } + } + + //Read the next element + if (reader.hasNext()) { + reader.next(); + } + } + + return policy; + } + + public void write(JMSTokenAuthenticationPolicy policy, XMLStreamWriter writer) + throws ContributionWriteException, XMLStreamException { + String prefix = "tuscany"; + writer.writeStartElement(prefix, + getArtifactType().getLocalPart(), + getArtifactType().getNamespaceURI()); + writer.writeNamespace("tuscany", Constants.SCA10_TUSCANY_NS); + + if ( policy.getTokenName() != null ) { + writer.writeStartElement(prefix, + JMSTokenAuthenticationPolicy.JMS_TOKEN_AUTHENTICATION_TOKEN_NAME, + getArtifactType().getNamespaceURI()); + writer.writeCharacters(policy.getTokenName().toString()); + writer.writeEndElement(); + } + + writer.writeEndElement(); + } + + public Class getModelType() { + return JMSTokenAuthenticationPolicy.class; + } + + public void resolve(JMSTokenAuthenticationPolicy arg0, ModelResolver arg1) throws ContributionResolveException { + + } + +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProviderFactory.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProviderFactory.java new file mode 100644 index 0000000000..fd77e57418 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationPolicyProviderFactory.java @@ -0,0 +1,75 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.binding.jms.policy.authentication.token; + +import org.apache.tuscany.sca.assembly.Binding; +import org.apache.tuscany.sca.assembly.Implementation; +import org.apache.tuscany.sca.core.ExtensionPointRegistry; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.provider.PolicyProviderFactory; +import org.apache.tuscany.sca.runtime.RuntimeComponent; +import org.apache.tuscany.sca.runtime.RuntimeComponentReference; +import org.apache.tuscany.sca.runtime.RuntimeComponentService; + +/** + * @version $Rev$ $Date$ + */ +public class JMSTokenAuthenticationPolicyProviderFactory implements PolicyProviderFactory { + private ExtensionPointRegistry registry; + + public JMSTokenAuthenticationPolicyProviderFactory(ExtensionPointRegistry registry) { + super(); + this.registry = registry; + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createImplementationPolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.assembly.Implementation) + */ + public PolicyProvider createImplementationPolicyProvider(RuntimeComponent component, Implementation implementation) { + return null;//new TokenAuthenticationImplementationPolicyProvider(component, implementation); + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createReferencePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentReference, org.apache.tuscany.sca.assembly.Binding) + */ + public PolicyProvider createReferencePolicyProvider(RuntimeComponent component, + RuntimeComponentReference reference, + Binding binding) { + return new JMSTokenAuthenticationReferencePolicyProvider(component, reference, binding); + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createServicePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentService, org.apache.tuscany.sca.assembly.Binding) + */ + public PolicyProvider createServicePolicyProvider(RuntimeComponent component, + RuntimeComponentService service, + Binding binding) { + return new JMSTokenAuthenticationServicePolicyProvider(component, service, binding); + } + + /** + * @see org.apache.tuscany.sca.provider.ProviderFactory#getModelType() + */ + public Class getModelType() { + // TODO Auto-generated method stub + return null; + } + +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java new file mode 100644 index 0000000000..98a164c612 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyInterceptor.java @@ -0,0 +1,81 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.jms.policy.authentication.token; + + +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Interceptor; +import org.apache.tuscany.sca.invocation.Invoker; +import org.apache.tuscany.sca.invocation.Message; +import org.apache.tuscany.sca.policy.PolicySet; + +/** + * Policy handler to handle PolicySet related to Logging with the QName + * {http://tuscany.apache.org/xmlns/sca/1.0/impl/java}LoggingPolicy + * + * @version $Rev$ $Date$ + */ +public class JMSTokenAuthenticationReferencePolicyInterceptor implements Interceptor { + + private Invoker next; + private Operation operation; + private PolicySet policySet = null; + private String context; + private JMSTokenAuthenticationPolicy policy; + + public JMSTokenAuthenticationReferencePolicyInterceptor(String context, Operation operation, PolicySet policySet) { + super(); + this.operation = operation; + this.policySet = policySet; + this.context = context; + init(); + } + + private void init() { + if (policySet != null) { + for (Object policyObject : policySet.getPolicies()){ + if (policyObject instanceof JMSTokenAuthenticationPolicy){ + policy = (JMSTokenAuthenticationPolicy)policyObject; + break; + } + } + } + } + + public Message invoke(Message msg) { + // could call out here to some 3rd party system to get credentials + + if ( policy.getTokenName() != null){ + + // add header to Tuscany message + msg.getHeaders().put(policy.getTokenName().toString(), + "SomeJMSAuthorizationToken"); + } + + return getNext().invoke(msg); + } + + public Invoker getNext() { + return next; + } + + public void setNext(Invoker next) { + this.next = next; + } +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyProvider.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyProvider.java new file mode 100644 index 0000000000..610bf758d1 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationReferencePolicyProvider.java @@ -0,0 +1,90 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.binding.jms.policy.authentication.token; + +import java.util.List; + +import org.apache.tuscany.sca.assembly.Binding; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Interceptor; +import org.apache.tuscany.sca.invocation.Phase; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.PolicySetAttachPoint; +import org.apache.tuscany.sca.policy.util.PolicyHandler; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.runtime.RuntimeComponent; +import org.apache.tuscany.sca.runtime.RuntimeComponentReference; + +/** + * @version $Rev$ $Date$ + */ +public class JMSTokenAuthenticationReferencePolicyProvider implements PolicyProvider { + private RuntimeComponent component; + private RuntimeComponentReference reference; + private Binding binding; + + public JMSTokenAuthenticationReferencePolicyProvider(RuntimeComponent component, + RuntimeComponentReference reference, + Binding binding) { + super(); + this.component = component; + this.reference = reference; + this.binding = binding; + } + + private PolicySet findPolicySet() { + if (binding instanceof PolicySetAttachPoint) { + List policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets(); + for (PolicySet ps : policySets) { + for (Object p : ps.getPolicies()) { + if (JMSTokenAuthenticationPolicy.class.isInstance(p)) { + return ps; + } + } + } + } + return null; + } + + private String getContext() { + return "component.reference: " + component.getURI() + + "#" + + reference.getName() + + "(" + + binding.getClass().getName() + + ")"; + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProvider#createInterceptor(org.apache.tuscany.sca.interfacedef.Operation) + */ + public Interceptor createInterceptor(Operation operation) { + PolicySet ps = findPolicySet(); + return ps == null ? null : new JMSTokenAuthenticationReferencePolicyInterceptor(getContext(), operation, ps); + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProvider#getPhase() + */ + public String getPhase() { + return Phase.REFERENCE_POLICY; + } + +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java new file mode 100644 index 0000000000..1280abc3e0 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyInterceptor.java @@ -0,0 +1,93 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.jms.policy.authentication.token; + + +import java.security.Principal; + +import javax.security.auth.Subject; +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.assembly.xml.Constants; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Interceptor; +import org.apache.tuscany.sca.invocation.Invoker; +import org.apache.tuscany.sca.invocation.Message; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.SecurityUtil; +import org.apache.tuscany.sca.policy.authentication.token.TokenPrincipal; + +/** + * Policy handler to handle PolicySet related to Logging with the QName + * {http://tuscany.apache.org/xmlns/sca/1.0/impl/java}LoggingPolicy + * + * @version $Rev$ $Date$ + */ +public class JMSTokenAuthenticationServicePolicyInterceptor implements Interceptor { + private Invoker next; + private Operation operation; + private PolicySet policySet = null; + private String context; + private JMSTokenAuthenticationPolicy policy; + + public JMSTokenAuthenticationServicePolicyInterceptor(String context, Operation operation, PolicySet policySet) { + super(); + this.operation = operation; + this.policySet = policySet; + this.context = context; + init(); + } + + private void init() { + if (policySet != null) { + for (Object policyObject : policySet.getPolicies()){ + if (policyObject instanceof JMSTokenAuthenticationPolicy){ + policy = (JMSTokenAuthenticationPolicy)policyObject; + break; + } + } + } + } + + public Message invoke(Message msg) { + + String token = (String)msg.getHeaders().get(policy.getTokenName().toString()); + + if (token != null) { + System.out.println("Token: " + token); + + // call out here to some 3rd party system to do whatever you + // need to turn header credentials into an authenticated principal + + Subject subject = SecurityUtil.getSubject(msg); + Principal principal = new TokenPrincipal(token); + subject.getPrincipals().add(principal); + } + + return getNext().invoke(msg); + } + + public Invoker getNext() { + return next; + } + + public void setNext(Invoker next) { + this.next = next; + } +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyProvider.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyProvider.java new file mode 100644 index 0000000000..4278c1e595 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/authentication/token/JMSTokenAuthenticationServicePolicyProvider.java @@ -0,0 +1,88 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.binding.jms.policy.authentication.token; + +import java.util.List; + +import org.apache.tuscany.sca.assembly.Binding; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Interceptor; +import org.apache.tuscany.sca.invocation.Phase; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.PolicySetAttachPoint; +import org.apache.tuscany.sca.policy.util.PolicyHandler; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.runtime.RuntimeComponent; +import org.apache.tuscany.sca.runtime.RuntimeComponentService; + +/** + * @version $Rev$ $Date$ + */ +public class JMSTokenAuthenticationServicePolicyProvider implements PolicyProvider { + private RuntimeComponent component; + private RuntimeComponentService service; + private Binding binding; + + public JMSTokenAuthenticationServicePolicyProvider(RuntimeComponent component, RuntimeComponentService service, Binding binding) { + super(); + this.component = component; + this.service = service; + this.binding = binding; + } + + private PolicySet findPolicySet() { + if (binding instanceof PolicySetAttachPoint) { + List policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets(); + for (PolicySet ps : policySets) { + for (Object p : ps.getPolicies()) { + if (JMSTokenAuthenticationPolicy.class.isInstance(p)) { + return ps; + } + } + } + } + return null; + } + + private String getContext() { + return "component.service: " + component.getURI() + + "#" + + service.getName() + + "(" + + binding.getClass().getName() + + ")"; + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProvider#createInterceptor(org.apache.tuscany.sca.interfacedef.Operation) + */ + public Interceptor createInterceptor(Operation operation) { + PolicySet ps = findPolicySet(); + return ps == null ? null : new JMSTokenAuthenticationServicePolicyInterceptor(getContext(), operation, ps); + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProvider#getPhase() + */ + public String getPhase() { + return Phase.SERVICE_POLICY; + } + +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java new file mode 100644 index 0000000000..c51e33fb53 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicy.java @@ -0,0 +1,56 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.jms.policy.header; + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.assembly.xml.Constants; +import org.apache.tuscany.sca.policy.Policy; + +/** + * Implementation for policies that could be injected as parameter + * into the axis2config. + * + * @version $Rev$ $Date$ + */ +public class JMSHeaderPolicy implements Policy { + public static final QName AXIS2_HEADER_POLICY_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "axis2Header"); + public static final String AXIS2_HEADER_NAME = "headerName"; + + private QName headerName; + + public QName getHeaderName() { + return headerName; + } + + public void setHeaderName(QName headerName) { + this.headerName = headerName; + } + + public QName getSchemaName() { + return AXIS2_HEADER_POLICY_QNAME; + } + + public boolean isUnresolved() { + return false; + } + + public void setUnresolved(boolean unresolved) { + } +} diff --git a/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicyProcessor.java b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicyProcessor.java new file mode 100644 index 0000000000..f8186470c8 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/java/org/apache/tuscany/sca/binding/jms/policy/header/JMSHeaderPolicyProcessor.java @@ -0,0 +1,114 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.jms.policy.header; + +import static javax.xml.stream.XMLStreamConstants.END_ELEMENT; +import static javax.xml.stream.XMLStreamConstants.START_ELEMENT; + +import java.util.logging.Level; + +import javax.xml.namespace.QName; +import javax.xml.stream.XMLStreamException; +import javax.xml.stream.XMLStreamReader; +import javax.xml.stream.XMLStreamWriter; + +import org.apache.tuscany.sca.assembly.xml.Constants; +import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint; +import org.apache.tuscany.sca.contribution.processor.BaseStAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.resolver.ModelResolver; +import org.apache.tuscany.sca.contribution.service.ContributionReadException; +import org.apache.tuscany.sca.contribution.service.ContributionResolveException; +import org.apache.tuscany.sca.contribution.service.ContributionWriteException; +import org.apache.tuscany.sca.monitor.Monitor; + +/** + * + * @version $Rev$ $Date$ + */ +public class JMSHeaderPolicyProcessor extends BaseStAXArtifactProcessor implements StAXArtifactProcessor { + + public QName getArtifactType() { + return JMSHeaderPolicy.AXIS2_HEADER_POLICY_QNAME; + } + + public JMSHeaderPolicyProcessor(ModelFactoryExtensionPoint modelFactories, Monitor monitor) { + } + + + public JMSHeaderPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException { + JMSHeaderPolicy policy = new JMSHeaderPolicy(); + int event = reader.getEventType(); + QName name = null; + + while (reader.hasNext()) { + event = reader.getEventType(); + switch (event) { + case START_ELEMENT : { + name = reader.getName(); + if ( name.equals(getArtifactType()) ) { + policy.setHeaderName(getQName(reader, JMSHeaderPolicy.AXIS2_HEADER_NAME)); + } + break; + } + } + + if ( event == END_ELEMENT ) { + if ( getArtifactType().equals(reader.getName()) ) { + break; + } + } + + //Read the next element + if (reader.hasNext()) { + reader.next(); + } + } + + return policy; + } + + public void write(JMSHeaderPolicy policy, XMLStreamWriter writer) + throws ContributionWriteException, XMLStreamException { + String prefix = "tuscany"; + writer.writeStartElement(prefix, + getArtifactType().getLocalPart(), + getArtifactType().getNamespaceURI()); + writer.writeNamespace("tuscany", Constants.SCA10_TUSCANY_NS); + + if ( policy.getHeaderName() != null ) { + writer.writeStartElement(prefix, + JMSHeaderPolicy.AXIS2_HEADER_NAME, + getArtifactType().getNamespaceURI()); + writer.writeCharacters(policy.getHeaderName().toString()); + writer.writeEndElement(); + } + + writer.writeEndElement(); + } + + public Class getModelType() { + return JMSHeaderPolicy.class; + } + + public void resolve(JMSHeaderPolicy arg0, ModelResolver arg1) throws ContributionResolveException { + + } + +} diff --git a/java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor b/java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor new file mode 100644 index 0000000000..e6f22e327c --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor @@ -0,0 +1,20 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Implementation class for the artifact processor extension +org.apache.tuscany.sca.binding.jms.policy.authentication.token.JMSTokenAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jmsTokenAuthentication,model=org.apache.tuscany.sca.binding.jms.policy.authentication.token.JMSTokenAuthenticationPolicy +org.apache.tuscany.sca.binding.jms.policy.header.JMSHeaderPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jmsHeader,model=org.apache.tuscany.sca.binding.jms.policy.header.JMSHeaderPolicy \ No newline at end of file diff --git a/java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory b/java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory new file mode 100644 index 0000000000..b04c71d8e3 --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory @@ -0,0 +1,19 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Implementation class for the policy extension +org.apache.tuscany.sca.binding.jms.policy.authentication.token.JMSTokenAuthenticationPolicyProviderFactory;model=org.apache.tuscany.sca.binding.jms.policy.authentication.token.JMSTokenAuthenticationPolicy \ No newline at end of file diff --git a/java/sca/modules/binding-jms-policy/src/test/resources/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/mock_policies.xml b/java/sca/modules/binding-jms-policy/src/test/resources/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/mock_policies.xml new file mode 100644 index 0000000000..77f750cd0d --- /dev/null +++ b/java/sca/modules/binding-jms-policy/src/test/resources/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/mock_policies.xml @@ -0,0 +1,36 @@ + + + + + + Timestamp Signature + org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties + + + + + Timestamp Signature + TuscanyWsUser + org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties + org.apache.tuscany.sca.binding.ws.axis2.itests.policy.IntegrityPWCBHandler" + + DirectReference + + + \ No newline at end of file -- cgit v1.2.3