svn commit: r1440274 - in /axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01: README.txt services.xml

[ruchithf]

Author: ruchithf
Date: Wed Jan 30 04:22:33 2013
New Revision: 1440274

URL: http://svn.apache.org/viewvc?rev=1440274&view=rev
Log:
- sample01 now runs with the axis2server as expected to demonstrate the use of 
a UsernameToken.
- Added some more documentation into README.txt including some that I found in 
[1] to make things clearer to the user.

1. 
http://svn.apache.org/repos/asf/axis/axis2/java/rampart/branches/1_5/modules/rampart-samples/policy/sample01/README.txt


Modified:

axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt

axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt?rev=1440274&r1=1440273&r2=1440274&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt
 Wed Jan 30 04:22:33 2013
@@ -3,6 +3,16 @@ UsernameToken Authentication
 The policy uses a TransportBinding and requires a SignedSupportingToken which 
 is a UsernameToken and the inclusion of a TimeStamp. 
 
-Note that Rampart does not enforce the use of HTTPS transport and that 
+Note that Rampart enforces the use of HTTPS transport and that 
 {http://ws.apache.org/rampart/policy}RampartConfig assertion provides
-additional information required to secure the message.
\ No newline at end of file
+additional information required to secure the message.
+
+The policy included in the services.xml file has the following comment :
+
+
+If you uncomment this and deploy the service you will see the following error 
message :
+org.apache.axis2.AxisFault: Expected transport is "https" but incoming 
transport found : "http"
+
+You can find a complete tutorial on transport level
+security here:
+http://wso2.org/library/3190
\ No newline at end of file

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml?rev=1440274&r1=1440273&r2=1440274&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml
 Wed Jan 30 04:22:33 2013
@@ -32,7 +32,8 @@
  

  
-   
+   
+   
  

svn commit: r1440286 - in /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart: RampartEngine.java RampartMessageData.java handler/RampartUsernameTokenValidator.java

[ruchithf]

Author: ruchithf
Date: Wed Jan 30 06:12:39 2013
New Revision: 1440286

URL: http://svn.apache.org/viewvc?rev=1440286&view=rev
Log:
Fixed the issue raised in this [1] discussion.
RampartUsernameTokenValidator overrides the verifyPlaintextPassword method of 
org.apache.ws.security.validate.UsernameTokenValidator
The default implementation expects the callback handler to supply the plain 
text password (when a username token with a plain text password is used), which 
should not be possible in practice.

1.http://marc.info/?t=13582802313&r=1&w=3


Added:

axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java
Modified:

axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java

axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1440286&r1=1440285&r2=1440286&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
 Wed Jan 30 06:12:39 2013
@@ -83,6 +83,9 @@ public class RampartEngine {
List results;
 
WSSecurityEngine engine = new WSSecurityEngine();
+   
+   //Set rampart's configuration of WSS4J
+   engine.setWssConfig(rmd.getConfig());
 
ValidatorData data = new ValidatorData(rmd);
 

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java?rev=1440286&r1=1440285&r2=1440286&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
 Wed Jan 30 06:12:39 2013
@@ -32,6 +32,7 @@ import org.apache.neethi.PolicyEngine;
 import org.apache.rahas.RahasConstants;
 import org.apache.rahas.SimpleTokenStore;
 import org.apache.rahas.TokenStorage;
+import org.apache.rampart.handler.RampartUsernameTokenValidator;
 import org.apache.rampart.handler.WSSHandlerConstants;
 import org.apache.rampart.policy.RampartPolicyBuilder;
 import org.apache.rampart.policy.RampartPolicyData;
@@ -46,6 +47,7 @@ import org.apache.ws.secpolicy.WSSPolicy
 import org.apache.ws.security.SOAPConstants;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.WSSecurityEngine;
 import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.conversation.ConversationConstants;
@@ -175,6 +177,9 @@ public class RampartMessageData {
 // Set the WSSConfig
 this.config = WSSConfig.getNewInstance();
 
+//Update the UsernameToken validator
+this.config.setValidator(WSSecurityEngine.USERNAME_TOKEN, 
RampartUsernameTokenValidator.class);
+
 // First obtain the axis service as we have to do a null check, 
there can be situations 
 // where Axis Service is null
 AxisService axisService = msgCtx.getAxisService();

Added: 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java?rev=1440286&view=auto
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java
 (added)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java
 Wed Jan 30 06:12:39 2013
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2004,2013 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writin

svn commit: r1440287 - /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java

[ruchithf]

Author: ruchithf
Date: Wed Jan 30 06:30:48 2013
New Revision: 1440287

URL: http://svn.apache.org/viewvc?rev=1440287&view=rev
Log:
The user exception here is simply used as a flag to indicate success or failure 
of authentication.
There's no need to associate any information that the user includes in the 
user's exception, in the exception generated by Rampart.


Modified:

axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java?rev=1440287&r1=1440286&r2=1440287&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartUsernameTokenValidator.java
 Wed Jan 30 06:30:48 2013
@@ -58,13 +58,13 @@ public class RampartUsernameTokenValidat
mlog.debug(e);
}
throw new WSSecurityException(
-   
WSSecurityException.FAILED_AUTHENTICATION, null, null, e);
+   
WSSecurityException.FAILED_AUTHENTICATION);
} catch (UnsupportedCallbackException e) {
if (mlog.isDebugEnabled()) {
mlog.debug(e);
}
throw new WSSecurityException(
-   
WSSecurityException.FAILED_AUTHENTICATION, null, null, e);
+   
WSSecurityException.FAILED_AUTHENTICATION);
}
 
}