Added support for the Validate AuthToken Service.

Made necessary spec file changes to support our configuration.

CASA-auth-token/java/server/Jaas/src/com/novell/casa/jaas/CasaLoginModule.java

@@ -190,7 +190,7 @@ public class CasaLoginModule implements LoginModule
          // Instantiate the AuthToken, this validates the token itself.
          try
          {
-            AuthToken authToken = new AuthToken(new String(authTokenChars));
+            AuthToken authToken = new AuthToken(new String(authTokenChars), true);
             
             // Instantiate the appropriate IdentityToken based on the IdentityTokenProvider type
             // tbd - For now use the CasaIdentityToken

CASA-auth-token/java/server/Svc/Makefile.am

@@ -28,7 +28,8 @@ EXTRA_DIST = authtoken.settings \
 		svc.settings \
 		TODO \
 		web.xml \
-		crypto.properties
+		crypto.properties \
+		jaas.conf
 
 ROOT = ../..
 

CASA-auth-token/java/server/Svc/crypto.properties

@@ -0,0 +1,6 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=foobar
+org.apache.ws.security.crypto.merlin.keystore.alias=privkey
+org.apache.ws.security.crypto.merlin.alias.password=foobar
+org.apache.ws.security.crypto.merlin.file=/etc/CASA/authtoken.d/java-keys/privkeystore

CASA-auth-token/java/server/Svc/jaas.conf

@@ -0,0 +1,11 @@
+other {
+com.sun.security.auth.module.Krb5LoginModule required
+	useTicketCache=true
+	ticketCache="/var/lib/CASA/authtoken/svc/ticket.cache"
+	useKeyTab=true
+	principal="host/jcserver2.provo.novell.com"
+	doNotPrompt=true
+	storeKey=true
+	keyTab="/etc/krb5.keytab"
+	debug=true;
+};

CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthToken.java

@@ -135,14 +135,27 @@ public class AuthToken
     * Constructor given an authentication token string. The constructor
     * validates the token as part of its processing.
     */
-   public AuthToken(String token) throws Exception
+   public AuthToken(String token,
+                    boolean encodedToken) throws Exception
    {
-      // Decode the token string
-      m_token = Base64Coder.decode(token);
+      // Decode the token string if necessary
+      if (encodedToken)
+         m_token = Base64Coder.decode(token);
+      else
+         m_token = token;
 
       // Now instantiate a SOAP message with the string
       InputStream inStream = new ByteArrayInputStream(m_token.getBytes());
-      Message message = new Message(inStream);
+      org.apache.axis.Message message;
+      try
+      {
+         message = new Message(inStream);
+
+      } catch (Exception e)
+      {
+         System.err.println("AuthToken()- Exception caught creating message, msg: " + e.getMessage());
+         throw new Exception("Invalid Authentication Token");
+      }
 
       // Get access to the SOAP Envelope
       SOAPEnvelope envelope = message.getSOAPEnvelope();
@@ -284,16 +297,20 @@ public class AuthToken
     * Validates an authentication token. If successful it
     * returns a string containing the identity token associated
     * with the authentication token; otherwise it returns NULL;
+    *
+    * Note, the routine assumes that the token is not encoded.
     */
    public static String validate(String authTokenString)
    {
+      System.err.println("AuthToken.validate()- Start");
       // Instantiate the AuthToken, this validates the token itself.
       try
       {
-         AuthToken authToken = new AuthToken(authTokenString);
+         AuthToken authToken = new AuthToken(authTokenString, false);
 
          // If we are here is because the token validation succeeded,
          // return the identity token string.
+         System.err.println("AuthToken.validate()- Returning identity token");
          return authToken.getIdentityToken();
 
       }