perfsonar-dev - perfsonar: r4918 - in branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service: authn authn/component/wssec authn/tokens messages
Subject: perfsonar development work
List archive
perfsonar: r4918 - in branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service: authn authn/component/wssec authn/tokens messages
Chronological Thread
- From:
- To:
- Subject: perfsonar: r4918 - in branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service: authn authn/component/wssec authn/tokens messages
- Date: Thu, 29 Jan 2009 11:50:09 -0500
Author: rodriguez
Date: 2009-01-29 11:50:09 -0500 (Thu, 29 Jan 2009)
New Revision: 4918
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthNResponse.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthRResponse.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/tokens/SecTokenSOAPManager.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/messages/GenericMessageHandler.java
Log:
- AuthN & AuthR component is 100% functional with psBase 2
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
2009-01-29 15:32:52 UTC (rev 4917)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
2009-01-29 16:50:09 UTC (rev 4918)
@@ -24,13 +24,14 @@
import org.perfsonar.base2.service.authn.tokens.SecTokenSOAPManager;
import org.perfsonar.base2.service.authn.tokens.SecurityToken;
import org.perfsonar.base2.service.exceptions.PerfSONARException;
+import org.perfsonar.base2.service.requesthandler.ServiceMessage;
import org.perfsonar.base2.xml.AXIOMCreator;
+import org.perfsonar.base2.xml.Element;
import org.perfsonar.base2.xml.StaxParser;
import org.perfsonar.base2.xml.nmwg.Message;
import org.perfsonar.base2.xml.nmwg.Metadata;
import org.perfsonar.base2.xml.nmwg.Parameter;
import org.perfsonar.base2.xml.nmwg.Parameters;
-import org.perfsonar.base2.xml.nmwg.Subject;
import org.perfsonar.service.authService.auth.client.AttrEERequestGenerator;
import org.perfsonar.service.authService.auth.client.AuthNEERequestGenerator;
import org.perfsonar.service.authService.auth.client.AuthREERequestGenerator;
@@ -44,15 +45,6 @@
protected static final Logger logger =
Logger.getLogger(AADispatchSOAPProtocol.class.getName());
public AADispatchSOAPProtocol() throws PerfSONARException {
-/* try {
- asPoint=config.getProperty(AS_POINT_PARAM);
- saxParser=config.getProperty(SAX_PARSER_CONFIG);
- } catch (Exception e) {
- String m = "AADispatchSOAPProtocol: Can't obtain
required parameters ";
- logger.error(m);
- throw new PerfSONARException(m);
- } */
-
this.asPoint = "";
}
@@ -120,7 +112,8 @@
Iterator<?> it =
secHeader.getChildrenWithLocalName("BinarySecurityToken");
while (it.hasNext()) {
OMElement e = (OMElement)it.next();
- if (e.getAttributeValue(new
QName("ValueType")).equals("#SAMLBase64Binary")) {
+ if (e.getAttributeValue(new
QName("ValueType"))!=null&&
+ e.getAttributeValue(new
QName("ValueType")).equals("#SAMLBase64Binary")) {
parameter.setParameter("value",AADispatchSOAPProtocol.WSS_SAML);
}
}
@@ -128,8 +121,7 @@
return secHeader;
}
- private Message sendMessage(String point,Message requestMessage,
SecurityToken token) throws Exception {
-
+ private ServiceMessage sendMessage(String point,Message
requestMessage, SecurityToken token) throws Exception {
EndpointReference targetEPR = new EndpointReference(point);
Options options = new Options();
@@ -137,77 +129,23 @@
options.setTransportInProtocol(Constants.TRANSPORT_HTTP);
ServiceClient sender = new ServiceClient();
- sender.addHeader(updateSecurityTokenParameter(requestMessage,
token));
+ SOAPHeaderBlock shb =
updateSecurityTokenParameter(requestMessage, token);
+ sender.addHeader(shb);
sender.setOptions(options);
AXIOMCreator ac = new AXIOMCreator();
- StaxParser sp = new StaxParser();
OMElement request = ac.getElement(requestMessage);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
request.serialize(baos);
- logger.debug(request);
OMElement response = sender.sendReceive(request);
ByteArrayOutputStream baos2 = new ByteArrayOutputStream();
response.serialize(baos2);
- logger.debug(response);
- return null;
-
-/* Service service = new Service();
- Call call = (Call)service.createCall();
- call.setTargetEndpointAddress(new URL(point));
- call.setOperationName(new
QName("http://soapinterop.org/","submit";));
-
- // read the request into a org.w3c.DOM.Document
- DocumentBuilderFactory factory =
DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
-
- DocumentBuilder builder = factory.newDocumentBuilder();
- Document request = builder.newDocument();
-
- request = updateSecurityTokenParameter(request,
requestMessage, token);
-
- SOAPBodyElement requestSOAPMessage =
- new SOAPBodyElement(request.getDocumentElement());
- SOAPEnvelope envelope = new SOAPEnvelope();
- envelope.addBodyElement(requestSOAPMessage);
-
- javax.xml.soap.SOAPHeader
header=(javax.xml.soap.SOAPHeader)token.getSecToken();
- Iterator<?> it=header.examineAllHeaderElements();
- while (it.hasNext()) {
- SOAPHeaderElement he=(SOAPHeaderElement)it.next();
- envelope.getHeader().addChildElement(he);
- }
-
- StringWriter sw=new StringWriter();
-
XMLUtils.PrettyElementToWriter(requestSOAPMessage.getAsDOM(),sw);
- logger.debug("------- Sending message >>>>>>>");
- logger.debug(sw.toString());
- logger.debug("<<<<<<< Sending message -------");
-
- // call on the end point
- Object resultObject = call.invoke(envelope);
-
- SOAPEnvelope envelopeResult;
- SOAPBodyElement resultSBE;
- Document result = null;
-
- envelopeResult= (SOAPEnvelope)resultObject;
- resultSBE= envelopeResult.getFirstBody();
-
- // change it to document - here is where validity
- // can be checked..
- result = resultSBE.getAsDocument();
-
- logger.debug("------- Receiving message >>>>>>>");
- logger.debug(XMLUtils.PrettyDocumentToString(result));
- logger.debug("<<<<<<< Receiving message -------");
-
- Message responseNmwg =
org.perfsonar.base.util.XMLUtils.convertToMessage(
- result, saxParser);
-
- return responseNmwg; */
+ StaxParser sp = new StaxParser();
+ Element respElem = sp.parse(response.getXMLStreamReader());
+ ServiceMessage sm = new ServiceMessage(respElem);
+ return sm;
}
public AuthNResponse getAuthentication(AuthNRequest req) throws
PerfSONARException {
@@ -216,7 +154,8 @@
try {
Message authnRequest = new
AuthNEERequestGenerator().generateRequestMessage();
- Message response = sendMessage(asPoint, authnRequest,
req.getSecurityToken());
+ ServiceMessage responseMsg = sendMessage(asPoint,
authnRequest, req.getSecurityToken());
+ Element response = responseMsg.getElement();
resp=AuthNResponse.getAuthNResponse(response);
logger.debug("Authentication response:
("+resp.getResultCode()+","+resp.getStatus()+")");
@@ -257,12 +196,16 @@
sdr.setClient(getClient(req.getSecurityToken()));
}
String reqString=simpleRequest.getMessage();
- Subject authrElement=new Subject();
- // authrElement.setSubject(reqString);
- authrElement.setText(reqString);
-
authrRequest.getMetadata("authRmetadata").setSubject(authrElement);
+ reqString = reqString.replaceAll("\n", "");
+ reqString = reqString.replaceAll("\r", "");
+ reqString = reqString.replaceAll("\t", "");
+ reqString = reqString.replaceAll(" ", "");
+ Element authrElement = new Element("subject", "aa",
"http://ggf.org/ns/nmwg/tools/org/perfsonar/service/as/authr/1.0/";);
+ authrElement.setText(reqString);
+
authrRequest.getMetadata("authRmetadata").addChild(authrElement);
- Message response = sendMessage(asPoint, authrRequest,
req.getSecurityToken());
+ ServiceMessage responseMsg = sendMessage(asPoint,
authrRequest, req.getSecurityToken());
+ Element response = responseMsg.getElement();
AuthRResponse
respAuth=AuthRResponse.getAuthRResponse(response);
logger.debug("Authorization response:
("+respAuth.getResultCode()+","+respAuth.getStatus()+")");
@@ -289,7 +232,8 @@
Message attrRequest = new
AttrEERequestGenerator().generateRequestMessage();
- Message response = sendMessage(asPoint, attrRequest,
req.getSecurityToken());
+ ServiceMessage responseMsg = sendMessage(asPoint,
attrRequest, req.getSecurityToken());
+ Element response = responseMsg.getElement();
AttrResponse
respAuth=AttrResponse.getAttrResponse(response);
logger.debug("Attribte response:
("+respAuth.getResultCode()+","+respAuth.getStatus()+")");
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
2009-01-29 15:32:52 UTC (rev 4917)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
2009-01-29 16:50:09 UTC (rev 4918)
@@ -1,31 +1,24 @@
package org.perfsonar.base2.service.authn;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
+import org.perfsonar.base2.xml.Element;
-import org.perfsonar.base2.xml.nmwg.EventType;
-import org.perfsonar.base2.xml.nmwg.Message;
-import org.perfsonar.base2.xml.nmwg.Metadata;
-
public class AttrResponse extends AuthNResponse {
- public static AttrResponse getAttrResponse(Message message) {
+ public static AttrResponse getAttrResponse(Element message) {
AttrResponse res=new AttrResponse();
- Collection<Metadata>
metadatas=message.getMetadataCollection();
- Iterator<Metadata> it = metadatas.iterator();
- while (it.hasNext()) {
- Metadata meta = it.next();
- ArrayList<EventType> ets=meta.getEventTypes();
- for (EventType et: ets) {
- res.setResultCode(et.getEventType());
- if
(et.getEventType().equals("success.as.attr")) {
- }
- else {
- }
- }
- }
+ Element responseMetadata = null;
+ Element eventType = null;
+ if (message != null) {
+ responseMetadata =
message.getChildren("metadata").iterator().next();
+ if (responseMetadata != null) {
+ eventType =
responseMetadata.getChildren("eventType").iterator().next();
+ }
+ }
+ if (eventType != null) {
+ if (eventType.getText().trim().indexOf("success.as.attr") != -1)
{
+ }
+ }
return res;
}
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthNResponse.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthNResponse.java
2009-01-29 15:32:52 UTC (rev 4917)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthNResponse.java
2009-01-29 16:50:09 UTC (rev 4918)
@@ -1,13 +1,7 @@
package org.perfsonar.base2.service.authn;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
+import org.perfsonar.base2.xml.Element;
-import org.perfsonar.base2.xml.nmwg.EventType;
-import org.perfsonar.base2.xml.nmwg.Message;
-import org.perfsonar.base2.xml.nmwg.Metadata;
-
public class AuthNResponse {
public static final int AUTHENTICATED=0;
public static final int NOT_AUTHENTICATED=1;
@@ -36,24 +30,23 @@
this.resultCode = codeResult;
}
- public static AuthNResponse getAuthNResponse(Message message) {
+ public static AuthNResponse getAuthNResponse(Element message) {
AuthNResponse res=new AuthNResponse();
- Collection<Metadata>
metadatas=message.getMetadataCollection();
- Iterator<Metadata> it = metadatas.iterator();
- while (it.hasNext()) {
- Metadata meta = it.next();
- ArrayList<EventType> ets=meta.getEventTypes();
- for (EventType et: ets) {
- res.setResultCode(et.getEventType());
- if
(et.getEventType().equals("success.as.authn")) {
-
res.setStatus(AuthNResponse.AUTHENTICATED);
- }
- else {
-
res.setStatus(AuthNResponse.NOT_AUTHENTICATED);
- }
- }
- }
+ res.setStatus(AuthNResponse.NOT_AUTHENTICATED);
+ Element responseMetadata = null;
+ Element eventType = null;
+ if (message != null) {
+ responseMetadata =
message.getChildren("metadata").iterator().next();
+ if (responseMetadata != null) {
+ eventType =
responseMetadata.getChildren("eventType").iterator().next();
+ }
+ }
+ if (eventType != null) {
+ if (eventType.getText().trim().indexOf("success.as.authn") !=
-1) {
+ res.setStatus(AuthNResponse.AUTHENTICATED);
+ }
+ }
return res;
}
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthRResponse.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthRResponse.java
2009-01-29 15:32:52 UTC (rev 4917)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AuthRResponse.java
2009-01-29 16:50:09 UTC (rev 4918)
@@ -1,35 +1,28 @@
package org.perfsonar.base2.service.authn;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
+import org.perfsonar.base2.xml.Element;
-import org.perfsonar.base2.xml.nmwg.EventType;
-import org.perfsonar.base2.xml.nmwg.Message;
-import org.perfsonar.base2.xml.nmwg.Metadata;
-
public class AuthRResponse extends AuthNResponse {
public static final int AUTHORIZED=0;
public static final int NOT_AUTHORIZED=1;
- public static AuthRResponse getAuthRResponse(Message message) {
+ public static AuthRResponse getAuthRResponse(Element message) {
AuthRResponse res=new AuthRResponse();
+ res.setStatus(AuthRResponse.NOT_AUTHORIZED);
- Collection<Metadata>
metadatas=message.getMetadataCollection();
- Iterator<Metadata> it = metadatas.iterator();
- while (it.hasNext()) {
- Metadata meta = it.next();
- ArrayList<EventType> ets=meta.getEventTypes();
- for (EventType et: ets) {
- res.setResultCode(et.getEventType());
- if
(et.getEventType().equals("success.as.authr")) {
-
res.setStatus(AuthRResponse.AUTHORIZED);
- }
- else {
-
res.setStatus(AuthRResponse.NOT_AUTHORIZED);
- }
- }
- }
+ Element responseMetadata = null;
+ Element eventType = null;
+ if (message != null) {
+ responseMetadata =
message.getChildren("metadata").iterator().next();
+ if (responseMetadata != null) {
+ eventType =
responseMetadata.getChildren("eventType").iterator().next();
+ }
+ }
+ if (eventType != null) {
+ if (eventType.getText().trim().indexOf("success.as.authr") !=
-1) {
+ res.setStatus(AuthRResponse.AUTHENTICATED);
+ }
+ }
return res;
}
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
2009-01-29 15:32:52 UTC (rev 4917)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
2009-01-29 16:50:09 UTC (rev 4918)
@@ -13,6 +13,8 @@
import org.perfsonar.base2.service.authn.tokens.SecTokenManagerFactory;
import org.perfsonar.base2.service.authn.tokens.SecTokenSOAPManager;
import org.perfsonar.base2.service.authn.tokens.SecurityToken;
+import org.perfsonar.base2.service.configuration.Configuration;
+import org.perfsonar.base2.service.configuration.ConfigurationManager;
import org.perfsonar.base2.service.exceptions.PerfSONARException;
public class WSSecAuthNComponent extends AuthNComponent {
@@ -21,10 +23,12 @@
@Override
public void destroy() throws PerfSONARException {
+ logger.debug("WSSecAuthNComponent: destroy");
}
@Override
public void init() throws PerfSONARException {
+ logger.debug("WSSecAuthNComponent: init");
}
public void requestAuthN(String messageType) throws
PerfSONARException {
@@ -36,6 +40,7 @@
st.setSecTokenFromRequest();
AuthNRequest authnReq=new AuthNRequest(st);
AADispatchProtocol aadp =
AADispatchProtocolFactory.getDefaultAADispatchProtocol();
+ aadp.setAuthService(getOption("as_endpoint").getValue());
aadp.setAuthService(getOption(AS_POINT).getValue());
AADispatchManager aadm=new AADispatchManager(aadp);
AuthNResponse authnRes=aadm.getAuthentication(authnReq);
@@ -70,11 +75,13 @@
try {
authrReq.setSubject(SecTokenSOAPManager.getSubject(st));
} catch (Exception e) {
+ e.printStackTrace();
logger.error("WSSecAuthNComponent: Cannot get authR
data from the Security Token");
throw new PerfSONARException("authn_not_sectoken");
}
AADispatchProtocol
prot=AADispatchProtocolFactory.getDefaultAADispatchProtocol();
+ prot.setAuthService(getOption("as_endpoint").getValue());
AADispatchManager aadm=new AADispatchManager(prot);
AuthRResponse authrRes=aadm.getAuthorization(authrReq);
if (authrRes.getStatus()!=AuthNResponse.AUTHENTICATED) {
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/tokens/SecTokenSOAPManager.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/tokens/SecTokenSOAPManager.java
2009-01-29 15:32:52 UTC (rev 4917)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/tokens/SecTokenSOAPManager.java
2009-01-29 16:50:09 UTC (rev 4918)
@@ -13,7 +13,6 @@
import javax.xml.namespace.NamespaceContext;
import javax.xml.namespace.QName;
-import javax.xml.soap.SOAPHeaderElement;
import javax.xml.transform.TransformerException;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
@@ -22,6 +21,7 @@
import net.geant.edugain.base.BaseDefinitions;
+import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.dom.TextImpl;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPHeader;
@@ -45,10 +45,10 @@
import org.w3c.dom.NodeList;
public class SecTokenSOAPManager implements SecTokenManager {
- private final String
WSSECHEADER_NS="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";;
- private final String WSSECHEADER="Security";
- protected final String
SOAPENV_NS="http://schemas.xmlsoap.org/soap/envelope/";;
- protected final String WSSECHEADER_ACTOR="actor";
+ private static final String
WSSECHEADER_NS="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";;
+ private static final String WSSECHEADER="Security";
+ protected static final String
SOAPENV_NS="http://schemas.xmlsoap.org/soap/envelope/";;
+ protected static final String WSSECHEADER_ACTOR="actor";
private static final String URN_USER_FED = ":user:";
protected static final Logger logger =
Logger.getLogger(SecTokenSOAPManager.class.getName());
@@ -68,138 +68,86 @@
MessageContext mc=MessageContext.getCurrentMessageContext();
SOAPEnvelope se = mc.getEnvelope();
SOAPHeader sh = se.getHeader();
- Iterator it = sh.examineAllHeaderBlocks();
- while (it.hasNext()) {
- SOAPHeaderBlock shb = (SOAPHeaderBlock)it.next();
- if (shb.getLocalName().equals(WSSECHEADER)&&
-
shb.getNamespace().getNamespaceURI().equals(WSSECHEADER_NS)) {
- return true;
+ if (sh!=null) {
+ Iterator it = sh.examineAllHeaderBlocks();
+ while (it.hasNext()) {
+ SOAPHeaderBlock shb =
(SOAPHeaderBlock)it.next();
+ if (shb.getLocalName().equals(WSSECHEADER)&&
+
shb.getNamespace().getNamespaceURI().equals(WSSECHEADER_NS)) {
+ return true;
+ }
}
}
return false;
}
public Object getSTValue() throws PerfSONARException {
- logger.debug("SecTokenSOAPManager (a)");
if (!hasSTInRequest()) {
- logger.debug("SecTokenSOAPManager (b)");
return null;
}
- logger.debug("SecTokenSOAPManager (c)");
Object res=null;
- logger.debug("SecTokenSOAPManager (d)");
- SOAPHeader sh = (SOAPHeader)getSTFromRequest();
- ArrayList<?> list = sh.getHeaderBlocksWithNSURI(WSSECHEADER_NS);
- SOAPHeaderBlock shb = (SOAPHeaderBlock) list.get(0);
- logger.debug("SecTokenSOAPManager (e)");
-/* Iterator it=sh.examineAllHeaderElements();
- while (it.hasNext()) {
- SOAPHeaderElement he=(SOAPHeaderElement)it.next();
- Node assertion=he.getFirstChild();
- if (assertion.getNodeName().equals("saml:Assertion"))
{
- try {
- Element e=(Element)assertion;
- SAMLAssertion samlAs=new
SAMLAssertion(e);
- res=samlAs;
- } catch (Throwable t) {
- t.printStackTrace();
- String m = "SecTokenSOAPManager:
"+t.getMessage();
- logger.info(m);
- throw new
PerfSONARException("error.authn.getting_sec_token",m);
- }
- }
- }
- if (res==null) { */
+ if (getSTFromRequest()!=null) {
+ SOAPHeader sh = (SOAPHeader)getSTFromRequest();
+ ArrayList<?> list =
sh.getHeaderBlocksWithNSURI(WSSECHEADER_NS);
+ SOAPHeaderBlock shb = (SOAPHeaderBlock) list.get(0);
try {
- logger.debug("SecTokenSOAPManager (1)");
MessageContext
mc=MessageContext.getCurrentMessageContext();
- logger.debug("SecTokenSOAPManager (2)");
SOAPEnvelope se = mc.getEnvelope();
- logger.debug("SecTokenSOAPManager (3)");
Document
doc=Axis2Util.getDocumentFromSOAPEnvelope(se, true);
- logger.debug("SecTokenSOAPManager (4)");
Crypto crypto = new DynamicCrypto();
- logger.debug("SecTokenSOAPManager (5)");
WSSecurityEngine secEngine = new
WSSecurityEngine();
- logger.debug("SecTokenSOAPManager (6)");
String actor=shb.getAttribute(new
QName(SOAPENV_NS, WSSECHEADER_ACTOR)).getAttributeValue();
- logger.debug("SecTokenSOAPManager (7)");
Vector resultSignature =
secEngine.processSecurityHeader(doc, actor, null, crypto);
- logger.debug("SecTokenSOAPManager (8)");
if (resultSignature==null) {
- logger.debug("SecTokenSOAPManager
(8-)");
throw new
PerfSONARException("error.authn.wssec","Null response checking the
signature");
}
- logger.debug("SecTokenSOAPManager (9)");
XPathFactory factory =
XPathFactory.newInstance();
- logger.debug("SecTokenSOAPManager (10)");
XPath xpath = factory.newXPath();
- logger.debug("SecTokenSOAPManager (11)");
xpath.setNamespaceContext(new
WSSENamespaceContext());
- logger.debug("SecTokenSOAPManager (12)");
XPathExpression expr =
xpath.compile("//wsse:BinarySecurityToken");
- logger.debug("SecTokenSOAPManager (13)");
Object result = expr.evaluate(doc,
XPathConstants.NODESET);
- logger.debug("SecTokenSOAPManager (14)");
NodeList nodes = (NodeList) result;
- logger.debug("SecTokenSOAPManager (15)");
for (int i = 0; i < nodes.getLength(); i++) {
- logger.debug("SecTokenSOAPManager
(16): "+i);
Element e=(Element)nodes.item(i);
- logger.debug("SecTokenSOAPManager
(17)");
if
(e.getAttribute("ValueType").equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";))
{
-
logger.debug("SecTokenSOAPManager (17 a)");
NodeList listNodes =
e.getChildNodes();
-
logger.debug("SecTokenSOAPManager (17 b)");
Node n1 = listNodes.item(0);
-
logger.debug("SecTokenSOAPManager (17 c)");
TextImpl ti = (TextImpl) n1;
-
logger.debug("SecTokenSOAPManager (18): "+ti.getData());
byte[]
bytes=Base64.decode(ti.getData());
-
logger.debug("SecTokenSOAPManager (19)");
ByteArrayInputStream bais=new
ByteArrayInputStream(bytes);
-
logger.debug("SecTokenSOAPManager (20)");
X509Certificate
cert=crypto.loadCertificate(bais);
-
logger.debug("SecTokenSOAPManager (21)");
res=cert;
-
logger.debug("SecTokenSOAPManager (22)");
}
else if
(e.getAttribute("ValueType").equals("#SAMLBase64Binary")) {
-
logger.debug("SecTokenSOAPManager (23)");
- byte[]
bytes=Base64.decode(e.getTextContent());
-
logger.debug("SecTokenSOAPManager (24)");
+ NodeList listNodes =
e.getChildNodes();
+ Node n1 = listNodes.item(0);
+ TextImpl ti = (TextImpl) n1;
+ byte[]
bytes=Base64.decode(ti.getData());
ByteArrayInputStream bais=new
ByteArrayInputStream(bytes);
-
logger.debug("SecTokenSOAPManager (25)");
SAMLAssertion as=new
SAMLAssertion(bais);
-
logger.debug("SecTokenSOAPManager (26)");
res=as;
-
logger.debug("SecTokenSOAPManager (27)");
}
- logger.debug("SecTokenSOAPManager
(28)");
}
- logger.debug("SecTokenSOAPManager (29)");
} catch (Throwable t) {
- logger.error("SecTokenSOAPManager:
"+t.getMessage());
throw new
PerfSONARException("authn_getting_sec_token");
}
-// }
+ }
return res;
}
public static boolean isDelegated(SecurityToken token) throws
TransformerException {
boolean isDelegated=false;
- javax.xml.soap.SOAPHeader
header=(javax.xml.soap.SOAPHeader)token.getSecToken();
- Iterator<?> it=header.examineAllHeaderElements();
+ SOAPHeader header=(SOAPHeader)token.getSecToken();
+ ArrayList<?> list = header.getHeaderBlocksWithNSURI(WSSECHEADER_NS);
+ SOAPHeaderBlock shb = (SOAPHeaderBlock) list.get(0);
+ Iterator<?> it =
shb.getChildrenWithLocalName("BinarySecurityToken");
while (it.hasNext()) {
- SOAPHeaderElement he=(SOAPHeaderElement)it.next();
- NodeList nodelist2 =
org.apache.xpath.XPathAPI.selectNodeList(he, "//wsse:BinarySecurityToken");
- for (int i = 0; i < nodelist2.getLength(); i++) {
- Element e=(Element)nodelist2.item(i);
- if
(e.getAttribute("ValueType").equals("#SAMLBase64Binary")) {
- isDelegated = true;
- }
+ OMElement e = (OMElement)it.next();
+ if (e.getAttributeValue(new
QName("ValueType"))!=null&&
+ e.getAttributeValue(new
QName("ValueType")).equals("#SAMLBase64Binary")) {
+ isDelegated = true;
}
}
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/messages/GenericMessageHandler.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/messages/GenericMessageHandler.java
2009-01-29 15:32:52 UTC (rev 4917)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/messages/GenericMessageHandler.java
2009-01-29 16:50:09 UTC (rev 4918)
@@ -10,6 +10,7 @@
import java.util.HashMap;
import java.util.Map;
+import org.perfsonar.base2.service.authn.component.AuthNComponent;
import org.perfsonar.base2.service.configuration.Configuration;
import org.perfsonar.base2.service.configuration.ConfigurationManager;
import org.perfsonar.base2.service.exceptions.PerfSONARException;
@@ -51,6 +52,28 @@
return se;
}
+ protected void checkAuth(Configuration c, String messageType) throws
PerfSONARException {
+ String authR = "no";
+ String authN = "no";
+ try {
+ authR =
c.getMessageHandler(messageType).getOption("authR").getValue();
+ } catch (PerfSONARException e) {
+ }
+ try {
+ authN =
c.getMessageHandler(messageType).getOption("authN").getValue();
+ } catch (PerfSONARException e) {
+ }
+ logger.debug("Checking authorization: "+authR);
+ logger.debug("Checking authentication: "+authN);
+ if (authR.equals("yes")) {
+ AuthNComponent authComponent =
(AuthNComponent)c.getAuxiliaryComponent("auth");
+ authComponent.requestAuthR(messageType, null);
+ }
+ else if (authN.equals("yes")) {
+ AuthNComponent authComponent =
(AuthNComponent)c.getAuxiliaryComponent("auth");
+ authComponent.requestAuthN(messageType);
+ }
+ }
public void execute(ServiceMessage request, ServiceMessage response)
throws PerfSONARException {
@@ -67,6 +90,7 @@
messageType = reqMessage.getType();
Configuration c =
ConfigurationManager.getInstance().getConfiguration();
+ checkAuth(c, messageType);
serviceEngineClassName = c.getServiceEngineOption(messageType);
serviceEngine = getServiceEngine(serviceEngineClassName);
if (serviceEngine == null) throw new NullPointerException(
- perfsonar: r4918 - in branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service: authn authn/component/wssec authn/tokens messages, svnlog, 01/29/2009
Archive powered by MHonArc 2.6.16.