perfsonar-dev - perfsonar: r3016 - in branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar: client/base/authn/saslca client/testHarness service/base/web
Subject: perfsonar development work
List archive
perfsonar: r3016 - in branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar: client/base/authn/saslca client/testHarness service/base/web
Chronological Thread
- From:
- To:
- Subject: perfsonar: r3016 - in branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar: client/base/authn/saslca client/testHarness service/base/web
- Date: Wed, 7 Nov 2007 04:15:55 -0500
Author: rodriguez
Date: 2007-11-07 04:15:55 -0500 (Wed, 07 Nov 2007)
New Revision: 3016
Modified:
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/saslca/SASLCAClient.java
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/testHarness/SOAPX509Client.java
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/web/RequestHandler.java
Log:
Fixing some bugs:
- Not well initializated the authentication component in the RequestHandler
class.
- SOAPX509Client doesn't use the authN requester class.
- SASLCAClient writes an unnecessary file (/tmp/foo)
Modified:
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/saslca/SASLCAClient.java
===================================================================
---
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/saslca/SASLCAClient.java
2007-11-06 12:26:44 UTC (rev 3015)
+++
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/saslca/SASLCAClient.java
2007-11-07 09:15:55 UTC (rev 3016)
@@ -3,6 +3,7 @@
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
+import java.text.DateFormat;
import java.util.Map;
import javax.security.auth.Subject;
@@ -66,6 +67,7 @@
certMap = (Map<CertificationRequest,
X509Certificate[]>) Subject
.doAs(subj, clientProtocolHandler);
} catch (Exception e) {
+ e.printStackTrace();
String m = "SASLCAClient: Error getting the signed
CSR: "+e.getMessage();
throw new PerfSONARException(m);
}
@@ -73,7 +75,15 @@
X509Certificate[] certChain = certMap.get(edugainCSR);
boolean valid = Util.verifyCertChain(certChain);
if (!valid) {
- String m = "SASLCAClient: Error verifying the signed
CSR";
+ String m = "SASLCAClient: Error verifying the signed
CSR. Received certs ("+certChain.length+")";
+/* for (int i=0; i<certChain.length; i++) {
+ if (certChain[i]!=null) {
+ m+="* Subject
DN("+certChain[i].getSubjectDN().toString()+") Issuer DN
("+certChain[i].getIssuerDN().toString()+") From
("+DateFormat.getInstance().format(certChain[i].getNotBefore())+") Until
("+DateFormat.getInstance().format(certChain[i].getNotAfter())+")\n";
+ }
+ else {
+ m+="* Cert #"+i+" is null\n";
+ }
+ } */
throw new PerfSONARException(m);
}
Modified:
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/testHarness/SOAPX509Client.java
===================================================================
---
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/testHarness/SOAPX509Client.java
2007-11-06 12:26:44 UTC (rev 3015)
+++
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/client/testHarness/SOAPX509Client.java
2007-11-07 09:15:55 UTC (rev 3016)
@@ -44,6 +44,8 @@
import org.perfsonar.base.auxiliary.components.authn.DynamicCrypto;
import org.perfsonar.base.auxiliary.components.authn.SOAPUtil;
+import org.perfsonar.client.base.authn.AuthNData;
+import org.perfsonar.client.base.authn.AuthNDataFactory;
import
org.perfsonar.client.base.requests.authService.AuthNEERequestGenerator;
/**
@@ -90,74 +92,21 @@
call.setOperationName(new
QName("http://soapinterop.org/","submit";));
// read the request into a org.w3c.DOM.Document
+ Document request = null;
DocumentBuilderFactory factory =
DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
- AuthNEERequestGenerator rg=new AuthNEERequestGenerator();
- Message rm=rg.generateRequestMessage();
DocumentBuilder builder = factory.newDocumentBuilder();
- Document request = builder.newDocument();
- request = rm.getDOM(request);
+ request = builder.parse(new File(inputFile));
// build a SOAPBodyElement from the document
- SOAPBodyElement requestMessage =
+ SOAPBodyElement requestMessage =
new SOAPBodyElement(request.getDocumentElement());
- SOAPEnvelope envelope = new SOAPEnvelope();
- envelope.addBodyElement(requestMessage);
- // add the security provider
- BouncyCastleProvider bcp = new BouncyCastleProvider();
- java.security.Security.addProvider((Provider)bcp);
+ AuthNData authnData=AuthNDataFactory.getDefaultAuthNData();
+ Object reqRaw=authnData.addX509STInMessage(requestMessage,
keyFile, certFile);
+ SOAPEnvelope envelope=(SOAPEnvelope)reqRaw;
- // add the private and public keys
- Crypto crypto = new DynamicCrypto();
- KeyStore ks=crypto.getKeyStore();
-
- BufferedReader in = new BufferedReader(new FileReader(keyFile));
- String str;
- String previousStr="";
- String data="";
- in.readLine();
- while ((str = in.readLine()) != null) {
- data+=previousStr;
- previousStr=str+"\n";
- }
- in.close();
-
- byte[] bytes=Base64.decode(data);
- PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(bytes);
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
- X509Certificate cert=crypto.loadCertificate(isCert);
- ks.setKeyEntry("xmlsec", (Key)privateKey,
"security".toCharArray(), new Certificate[]{(Certificate)cert});
-
- WSSecSignature sec509 = new WSSecSignature();
- sec509.setUserInfo("xmlsec", "security");
- SOAPConstants soapConstants =
WSSecurityUtil.getSOAPConstants(envelope.getAsDOM());
- Vector<WSEncryptionPart> parts = new
Vector<WSEncryptionPart>(1,1);
-
- // Set up to use STRTransorm to sign the signature token
- WSEncryptionPart encP =
- new WSEncryptionPart(
- "STRTransform",
- soapConstants.getEnvelopeURI(),
- "Content");
- parts.add(encP);
-
- sec509.setParts(parts);
- sec509.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
-
- Document doc = envelope.getAsDocument();
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.setActor("test");
- secHeader.insertSecurityHeader(doc);
-
- // Signing the message
- Document signedDoc = sec509.build(doc, crypto, secHeader);
-
- org.apache.axis.Message signedMsg = (org.apache.axis.Message)
SOAPUtil.toSOAPMessage(signedDoc);
- envelope = signedMsg.getSOAPEnvelope();
-
// Saving SOAP message
saveSOAPMessage(envelope.getAsDocument(), inputFile);
Modified:
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/web/RequestHandler.java
===================================================================
---
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/web/RequestHandler.java
2007-11-06 12:26:44 UTC (rev 3015)
+++
branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/web/RequestHandler.java
2007-11-07 09:15:55 UTC (rev 3016)
@@ -8,7 +8,6 @@
package org.perfsonar.service.base.web;
import java.io.File;
-import java.net.URL;
import org.ggf.ns.nmwg.base.v2_0.Message;
import org.perfsonar.base.auxiliary.AuxiliaryComponentManager;
@@ -172,9 +171,9 @@
logger.debug(
"RequestHandler: " +
"Authenticating the message");
- if (authnComponent == null) throw new
PerfSONARException(
- "error.common.no_authn",
- "Cannot find authn component");
+ if (authnComponent == null) {
+ authnComponent =
(AuthNComponent)componentManager.getComponent(ComponentNames.AUTHN);
+ }
authnComponent.requestAuthN(requestMessage.getType());
}
else {
- perfsonar: r3016 - in branches/new-structure/trunk/perfsonar_base/src/main/java/org/perfsonar: client/base/authn/saslca client/testHarness service/base/web, svnlog, 11/07/2007
Archive powered by MHonArc 2.6.16.