From e831c15c5d997add68df185de6b5b75e761f4e02 Mon Sep 17 00:00:00 2001 From: slaws Date: Fri, 12 Feb 2010 13:03:36 +0000 Subject: Start of basic auth binding specific policy implementation. Basically the function that used to be split between the binding configurator and the policy provider in policy-security. Model will stay in policy-security so multiple bindings can use it. git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@909390 13f79535-47bb-0310-9956-ffa450edef68 --- .../BasicAuthenticationPolicyProviderFactory.java | 57 ++++++++++ ...icAuthenticationReferencePolicyInterceptor.java | 123 +++++++++++++++++++++ ...BasicAuthenticationReferencePolicyProvider.java | 49 ++++++++ ...asicAuthenticationServicePolicyInterceptor.java | 120 ++++++++++++++++++++ .../BasicAuthenticationServicePolicyProvider.java | 49 ++++++++ 5 files changed, 398 insertions(+) create mode 100644 sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationPolicyProviderFactory.java create mode 100644 sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyInterceptor.java create mode 100644 sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyProvider.java create mode 100644 sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java create mode 100644 sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyProvider.java (limited to 'sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main') diff --git a/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationPolicyProviderFactory.java b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationPolicyProviderFactory.java new file mode 100644 index 0000000000..699846ead2 --- /dev/null +++ b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationPolicyProviderFactory.java @@ -0,0 +1,57 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic; + +import org.apache.tuscany.sca.assembly.Endpoint; +import org.apache.tuscany.sca.assembly.EndpointReference; +import org.apache.tuscany.sca.core.ExtensionPointRegistry; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.provider.PolicyProviderFactory; +import org.apache.tuscany.sca.runtime.RuntimeComponent; + +/** + * @version $Rev$ $Date$ + */ +public class BasicAuthenticationPolicyProviderFactory implements PolicyProviderFactory { + private ExtensionPointRegistry registry; + + public BasicAuthenticationPolicyProviderFactory(ExtensionPointRegistry registry) { + super(); + this.registry = registry; + } + + public PolicyProvider createImplementationPolicyProvider(RuntimeComponent component) { + return null; + } + + public PolicyProvider createReferencePolicyProvider(EndpointReference endpointReference) { + return new BasicAuthenticationReferencePolicyProvider(endpointReference); + } + + public PolicyProvider createServicePolicyProvider(Endpoint endpoint) { + return new BasicAuthenticationServicePolicyProvider(endpoint); + } + + public Class getModelType() { + return BasicAuthenticationPolicy.class; + } + +} diff --git a/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyInterceptor.java b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyInterceptor.java new file mode 100644 index 0000000000..bbbba81fb7 --- /dev/null +++ b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyInterceptor.java @@ -0,0 +1,123 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic; + +import java.util.ArrayList; +import java.util.List; + +import javax.security.auth.Subject; +import javax.xml.namespace.QName; + +import org.apache.axis2.client.OperationClient; +import org.apache.axis2.context.MessageContext; +import org.apache.axis2.transport.http.HTTPConstants; +import org.apache.axis2.transport.http.HttpTransportProperties; +import org.apache.axis2.transport.http.HttpTransportProperties.Authenticator; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Invoker; +import org.apache.tuscany.sca.invocation.Message; +import org.apache.tuscany.sca.invocation.Phase; +import org.apache.tuscany.sca.invocation.PhasedInterceptor; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPrincipal; +import org.apache.tuscany.sca.policy.security.SecurityUtil; +import org.oasisopen.sca.ServiceRuntimeException; + +/** + * + * @version $Rev$ $Date$ + */ +public class BasicAuthenticationReferencePolicyInterceptor implements PhasedInterceptor { + private static final String SCA10_TUSCANY_NS = "http://tuscany.apache.org/xmlns/sca/1.1"; + public static final QName policySetQName = new QName(SCA10_TUSCANY_NS, "wsBasicAuthentication"); + + private Invoker next; + private Operation operation; + private PolicySet policySet = null; + private String context; + private BasicAuthenticationPolicy policy; + + public BasicAuthenticationReferencePolicyInterceptor(String context, Operation operation, PolicySet policySet) { + super(); + this.operation = operation; + this.policySet = policySet; + this.context = context; + init(); + } + + private void init() { + if (policySet != null) { + for (Object policyObject : policySet.getPolicies()){ + if (policyObject instanceof BasicAuthenticationPolicy){ + policy = (BasicAuthenticationPolicy)policyObject; + break; + } + } + } + } + + public Message invoke(Message msg) { + + OperationClient operationClient = msg.getBindingContext(); + + String username = null; + String password = null; + + // get the security context + Subject subject = SecurityUtil.getSubject(msg); + BasicAuthenticationPrincipal principal = SecurityUtil.getPrincipal(subject, + BasicAuthenticationPrincipal.class); + + // could use the security principal to look up basic auth credentials + if ( principal != null ) { + username = ((BasicAuthenticationPrincipal)principal).getName(); + password = ((BasicAuthenticationPrincipal)principal).getPassword(); + } + + if (username == null || password == null ){ + throw new ServiceRuntimeException("Basic authentication username or password is null"); + } + + HttpTransportProperties.Authenticator authenticator = new HttpTransportProperties.Authenticator(); + List auth = new ArrayList(); + auth.add(Authenticator.BASIC); + authenticator.setAuthSchemes(auth); + authenticator.setPreemptiveAuthentication(true); + authenticator.setUsername(username); + authenticator.setPassword(password); + + operationClient.getOptions().setProperty(HTTPConstants.AUTHENTICATE, + authenticator); + + return getNext().invoke(msg); + } + + public Invoker getNext() { + return next; + } + + public void setNext(Invoker next) { + this.next = next; + } + + public String getPhase() { + return Phase.REFERENCE_POLICY; + } +} diff --git a/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyProvider.java b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyProvider.java new file mode 100644 index 0000000000..d51f2b5562 --- /dev/null +++ b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationReferencePolicyProvider.java @@ -0,0 +1,49 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic; + +import org.apache.tuscany.sca.assembly.EndpointReference; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.PhasedInterceptor; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy; +import org.apache.tuscany.sca.provider.BasePolicyProvider; + +/** + * @version $Rev$ $Date$ + */ +public class BasicAuthenticationReferencePolicyProvider extends BasePolicyProvider { + + public BasicAuthenticationReferencePolicyProvider(EndpointReference endpointReference) { + super(BasicAuthenticationPolicy.class, endpointReference); + } + + public PhasedInterceptor createInterceptor(Operation operation) { + PolicySet ps = findPolicySet(); + return ps == null ? null : new BasicAuthenticationReferencePolicyInterceptor(getContext(), operation, ps); + } + + public void start() { + } + + public void stop() { + } + +} diff --git a/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java new file mode 100644 index 0000000000..6cfe8e1a84 --- /dev/null +++ b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java @@ -0,0 +1,120 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic; + + +import java.util.Map; + +import javax.security.auth.Subject; +import javax.xml.namespace.QName; + +import org.apache.axis2.context.MessageContext; +import org.apache.axis2.util.Base64; +import org.apache.tuscany.sca.invocation.Invoker; +import org.apache.tuscany.sca.invocation.Message; +import org.apache.tuscany.sca.invocation.Phase; +import org.apache.tuscany.sca.invocation.PhasedInterceptor; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPrincipal; +import org.apache.tuscany.sca.policy.security.SecurityUtil; + + +/** + * Policy handler to handle PolicySet related to Logging with the QName + * {http://tuscany.apache.org/xmlns/sca/1.1/impl/java}LoggingPolicy + * + * @version $Rev$ $Date$ + */ +public class BasicAuthenticationServicePolicyInterceptor implements PhasedInterceptor { + private static final String SCA10_TUSCANY_NS = "http://tuscany.apache.org/xmlns/sca/1.1"; + public static final QName policySetQName = new QName(SCA10_TUSCANY_NS, "wsBasicAuthentication"); + + private Invoker next; + private PolicySet policySet = null; + private String context; + private BasicAuthenticationPolicy policy; + + public BasicAuthenticationServicePolicyInterceptor(String context, PolicySet policySet) { + super(); + this.policySet = policySet; + this.context = context; + init(); + } + + private void init() { + if (policySet != null) { + for (Object policyObject : policySet.getPolicies()){ + if (policyObject instanceof BasicAuthenticationPolicy){ + policy = (BasicAuthenticationPolicy)policyObject; + break; + } + } + } + } + + public Message invoke(Message msg) { + + MessageContext messageContext = msg.getBindingContext(); + Map httpHeaderProperties = (Map)messageContext.getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS); + + String basicAuthString = (String)httpHeaderProperties.get("Authorization"); + String decodedBasicAuthString = null; + String username = null; + String password = null; + + if (basicAuthString != null) { + basicAuthString = basicAuthString.trim(); + + if (basicAuthString.startsWith("Basic ")) { + decodedBasicAuthString = new String(Base64.decode(basicAuthString.substring(6))); + } + + int collonIndex = decodedBasicAuthString.indexOf(':'); + + if (collonIndex == -1){ + username = decodedBasicAuthString; + } else { + username = decodedBasicAuthString.substring(0, collonIndex); + password = decodedBasicAuthString.substring(collonIndex + 1); + } + } + + // get the security context + Subject subject = SecurityUtil.getSubject(msg); + BasicAuthenticationPrincipal principal = new BasicAuthenticationPrincipal(username, + password); + subject.getPrincipals().add(principal); + + return getNext().invoke(msg); + } + + public Invoker getNext() { + return next; + } + + public void setNext(Invoker next) { + this.next = next; + } + + public String getPhase() { + return Phase.SERVICE_POLICY; + } + +} diff --git a/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyProvider.java b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyProvider.java new file mode 100644 index 0000000000..ec4536c309 --- /dev/null +++ b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/BasicAuthenticationServicePolicyProvider.java @@ -0,0 +1,49 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic; + + +import org.apache.tuscany.sca.assembly.Endpoint; +import org.apache.tuscany.sca.invocation.PhasedInterceptor; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy; +import org.apache.tuscany.sca.provider.BasePolicyProvider; + +/** + * @version $Rev$ $Date$ + */ +public class BasicAuthenticationServicePolicyProvider extends BasePolicyProvider { + + public BasicAuthenticationServicePolicyProvider(Endpoint endpoint) { + super(BasicAuthenticationPolicy.class, endpoint); + } + + public PhasedInterceptor createBindingInterceptor() { + PolicySet ps = findPolicySet(); + return ps == null ? null : new BasicAuthenticationServicePolicyInterceptor(getContext(), ps); + } + + public void start() { + } + + public void stop() { + } + +} -- cgit v1.2.3