diff --git a/CASA-auth-token/server-java/Jaas/README b/CASA-auth-token/server-java/Jaas/README index 78127335..3a39d937 100644 --- a/CASA-auth-token/server-java/Jaas/README +++ b/CASA-auth-token/server-java/Jaas/README @@ -42,7 +42,7 @@ steps: - Set the org.xml.sax.driver property to point to an appropriate SAX Parser. The Xerces SAX Parser is a good option (org.apache.xerces.parsers.SAXParser). - Include the "/etc/CASA/authtoken/keys/client" path in the applications - CLASSPATH. This is the location of the crypto.properties file used by the + CLASSPATH. This is the location of the casa_crypto.properties file used by the module to access the keystore with the ATS's signing certificate. - Add the "/usr/share/java/CASA/authtoken/CasaJaasSupport.jar" and the "/usr/share/java/CASA/authtoken/CasaAuthToken.jar" paths to the applications diff --git a/CASA-auth-token/server-java/Jaas/linux/Makefile.am b/CASA-auth-token/server-java/Jaas/linux/Makefile.am index a7ac6ac8..5dcbf2db 100644 --- a/CASA-auth-token/server-java/Jaas/linux/Makefile.am +++ b/CASA-auth-token/server-java/Jaas/linux/Makefile.am @@ -28,7 +28,7 @@ CFILES = EXTRA_DIST = client_keystore_setup.sh \ client_keystore_setup.sh.zen \ - crypto.properties + casa_crypto.properties ROOT = ../.. diff --git a/CASA-auth-token/server-java/Jaas/linux/casa_crypto.properties b/CASA-auth-token/server-java/Jaas/linux/casa_crypto.properties new file mode 100644 index 00000000..7b301ae9 --- /dev/null +++ b/CASA-auth-token/server-java/Jaas/linux/casa_crypto.properties @@ -0,0 +1,5 @@ +com.novell.casa.authtoksvc.crypto.keystore.type=jks +com.novell.casa.authtoksvc.crypto.keystore.password=secret +com.novell.casa.authtoksvc.crypto.keystore.alias=signingCert +com.novell.casa.authtoksvc.crypto.alias.password=secret +com.novell.casa.authtoksvc.crypto.file=/etc/CASA/authtoken/keys/client/jks-store diff --git a/CASA-auth-token/server-java/Jaas/linux/crypto.properties b/CASA-auth-token/server-java/Jaas/linux/crypto.properties deleted file mode 100644 index a491feb3..00000000 --- a/CASA-auth-token/server-java/Jaas/linux/crypto.properties +++ /dev/null @@ -1,6 +0,0 @@ -org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin -org.apache.ws.security.crypto.merlin.keystore.type=jks -org.apache.ws.security.crypto.merlin.keystore.password=secret -org.apache.ws.security.crypto.merlin.keystore.alias=signingCert -org.apache.ws.security.crypto.merlin.alias.password=secret -org.apache.ws.security.crypto.merlin.file=/etc/CASA/authtoken/keys/client/jks-store diff --git a/CASA-auth-token/server-java/Jaas/windows/casa_crypto.properties b/CASA-auth-token/server-java/Jaas/windows/casa_crypto.properties new file mode 100644 index 00000000..7b301ae9 --- /dev/null +++ b/CASA-auth-token/server-java/Jaas/windows/casa_crypto.properties @@ -0,0 +1,5 @@ +com.novell.casa.authtoksvc.crypto.keystore.type=jks +com.novell.casa.authtoksvc.crypto.keystore.password=secret +com.novell.casa.authtoksvc.crypto.keystore.alias=signingCert +com.novell.casa.authtoksvc.crypto.alias.password=secret +com.novell.casa.authtoksvc.crypto.file=/etc/CASA/authtoken/keys/client/jks-store diff --git a/CASA-auth-token/server-java/Jaas/windows/crypto.properties b/CASA-auth-token/server-java/Jaas/windows/crypto.properties deleted file mode 100644 index a491feb3..00000000 --- a/CASA-auth-token/server-java/Jaas/windows/crypto.properties +++ /dev/null @@ -1,6 +0,0 @@ -org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin -org.apache.ws.security.crypto.merlin.keystore.type=jks -org.apache.ws.security.crypto.merlin.keystore.password=secret -org.apache.ws.security.crypto.merlin.keystore.alias=signingCert -org.apache.ws.security.crypto.merlin.alias.password=secret -org.apache.ws.security.crypto.merlin.file=/etc/CASA/authtoken/keys/client/jks-store diff --git a/CASA-auth-token/server-java/Svc/README b/CASA-auth-token/server-java/Svc/README index a0ccf150..d4acb2d1 100644 --- a/CASA-auth-token/server-java/Svc/README +++ b/CASA-auth-token/server-java/Svc/README @@ -137,10 +137,10 @@ Note the following about the sample svc.settings file: "secret". ATSs digitally sign tokens, for this purpose it is necessary that keys be generated and installed -in a keystore whose location and properties are configured in the crypto.properties file present in +in a keystore whose location and properties are configured in the casa_crypto.properties file present in the "classes" folder under the WEB-INF folder of the AuthTokenSvc application ($CATALINA_HOME/webapps/CasaAuthTokenSvc/WEB-INF/classes). Please note that you must edit the -crypto.properties file with the appropriate information once the AuthTokenSvc is deployed to +casa_crypto.properties file with the appropriate information once the AuthTokenSvc is deployed to a Tomcat server to deal with your configuration requirements. CONFIGURING SERVICES TO CONSUME CASA AUTHENTICATION TOKENS diff --git a/CASA-auth-token/server-java/Svc/external/Makefile.am b/CASA-auth-token/server-java/Svc/external/Makefile.am index d337f982..61894d66 100644 --- a/CASA-auth-token/server-java/Svc/external/Makefile.am +++ b/CASA-auth-token/server-java/Svc/external/Makefile.am @@ -26,22 +26,7 @@ DIST_SUBDIRS = xmlsec CFILES = -EXTRA_DIST = axis.jar \ - axis-ant.jar \ - commons-discovery-0.2.jar \ - commons-logging-1.0.4.jar \ - commons-logging-api.jar \ - jaxrpc.jar \ - log4j.properties \ - log4j-1.2.8.jar \ - README \ - saaj.jar \ - wsdl4j-1.5.1.jar \ - wss4j-1.5.0.jar \ - xalan.jar \ - xml-apis.jar \ - xercesImpl.jar \ - xmlsec-1.2.1.jar +EXTRA_DIST = README .PHONY: package package-clean package-install package-uninstall package package-clean package-install package-uninstall: diff --git a/CASA-auth-token/server-java/Svc/external/axis-ant.jar b/CASA-auth-token/server-java/Svc/external/axis-ant.jar deleted file mode 100644 index 17527ffd..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/axis-ant.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/axis.jar b/CASA-auth-token/server-java/Svc/external/axis.jar deleted file mode 100644 index 20b09a59..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/axis.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/commons-discovery-0.2.jar b/CASA-auth-token/server-java/Svc/external/commons-discovery-0.2.jar deleted file mode 100644 index b8855484..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/commons-discovery-0.2.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/commons-logging-1.0.4.jar b/CASA-auth-token/server-java/Svc/external/commons-logging-1.0.4.jar deleted file mode 100644 index b73a80fa..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/commons-logging-1.0.4.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/commons-logging-api.jar b/CASA-auth-token/server-java/Svc/external/commons-logging-api.jar deleted file mode 100644 index 209bcdfd..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/commons-logging-api.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/jaxrpc.jar b/CASA-auth-token/server-java/Svc/external/jaxrpc.jar deleted file mode 100644 index a2c13d9a..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/jaxrpc.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/log4j-1.2.8.jar b/CASA-auth-token/server-java/Svc/external/log4j-1.2.8.jar deleted file mode 100644 index 493a3ccc..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/log4j-1.2.8.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/log4j.properties b/CASA-auth-token/server-java/Svc/external/log4j.properties deleted file mode 100644 index 3ca86f40..00000000 --- a/CASA-auth-token/server-java/Svc/external/log4j.properties +++ /dev/null @@ -1,20 +0,0 @@ -# Set root category priority to INFO and its only appender to CONSOLE. -log4j.rootCategory=INFO, CONSOLE -#log4j.rootCategory=INFO, CONSOLE, LOGFILE - -# Set the enterprise logger category to FATAL and its only appender to CONSOLE. -log4j.logger.org.apache.axis.enterprise=FATAL, CONSOLE - -# CONSOLE is set to be a ConsoleAppender using a PatternLayout. -log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender -log4j.appender.CONSOLE.Threshold=INFO -log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout -log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n - -# LOGFILE is set to be a File appender using a PatternLayout. -log4j.appender.LOGFILE=org.apache.log4j.FileAppender -log4j.appender.LOGFILE.File=axis.log -log4j.appender.LOGFILE.Append=true -log4j.appender.LOGFILE.Threshold=INFO -log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout -log4j.appender.LOGFILE.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n diff --git a/CASA-auth-token/server-java/Svc/external/saaj.jar b/CASA-auth-token/server-java/Svc/external/saaj.jar deleted file mode 100644 index 4ea696e7..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/saaj.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/wsdl4j-1.5.1.jar b/CASA-auth-token/server-java/Svc/external/wsdl4j-1.5.1.jar deleted file mode 100644 index c6254ee6..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/wsdl4j-1.5.1.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/wss4j-1.5.0.jar b/CASA-auth-token/server-java/Svc/external/wss4j-1.5.0.jar deleted file mode 100644 index 90ae8826..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/wss4j-1.5.0.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/xalan.jar b/CASA-auth-token/server-java/Svc/external/xalan.jar deleted file mode 100644 index 73cf175f..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/xalan.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/xercesImpl.jar b/CASA-auth-token/server-java/Svc/external/xercesImpl.jar deleted file mode 100644 index 14c3162c..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/xercesImpl.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/xml-apis.jar b/CASA-auth-token/server-java/Svc/external/xml-apis.jar deleted file mode 100644 index 2dd83771..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/xml-apis.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/external/xmlsec-1.2.1.jar b/CASA-auth-token/server-java/Svc/external/xmlsec-1.2.1.jar deleted file mode 100644 index 512f93fd..00000000 Binary files a/CASA-auth-token/server-java/Svc/external/xmlsec-1.2.1.jar and /dev/null differ diff --git a/CASA-auth-token/server-java/Svc/linux/Makefile.am b/CASA-auth-token/server-java/Svc/linux/Makefile.am index c6a001db..d9fcbbd8 100644 --- a/CASA-auth-token/server-java/Svc/linux/Makefile.am +++ b/CASA-auth-token/server-java/Svc/linux/Makefile.am @@ -30,7 +30,7 @@ EXTRA_DIST = CasaAuthtokenSvcD \ envvars \ envvars.zen \ server_keystore_setup.sh \ - crypto.properties \ + casa_crypto.properties \ CasaBasicATSSetup.sh \ CasaAuthPolicyEditor.sh \ CasaAuthTokenSettingsEditor.sh \ @@ -44,6 +44,7 @@ LIBDIR = $(ROOT)/$(LIB) IDENT_ABSTRACTION_DIR = /usr/share/java/identity-abstraction XMLSEC_JARS_DIR = ../external/xmlsec/xml-security-1_4_0/libs +XMLSEC_LICENSE = ../external/xmlsec/xml-security-1_4_0/LICENSE MANIFEST_DIR = ../manifest @@ -128,7 +129,7 @@ CLASSES = $(addprefix $(BUILDDIR)/, $(JAVAFILES:%.java=%.class)) XMLSEC_LIBS = $(XMLSEC_JARS_DIR)/xmlsec-1.4.0.jar -LIBS = /usr/share/java/servletapi5.jar:/usr/share/java/xerces-j2.jar:/usr/share/java/log4j.jar:/usr/share/java/commons-logging.jar:/usr/share/java/xalan-j2.jar +LIBS = /usr/share/java/servletapi5.jar:/usr/share/java/xerces-j2.jar:/usr/share/java/log4j.jar CLASSPATH = $(XMLSEC_LIBS):$(IDENT_ABSTRACTION_DIR)/identity-abstraction.jar:$(IDENT_ABSTRACTION_DIR)/bandit-util.jar:$(IDENT_ABSTRACTION_DIR)/castor-1.0.4.jar:$(LIBS) CUR_DIR := $(shell pwd) @@ -149,10 +150,12 @@ $(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES) cp ../templates/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings cp ../templates/authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings cp ../templates/identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings - cp ../linux/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties + cp ../linux/casa_crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/casa_crypto.properties cp ../src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings cp ../src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings - cp $(XMLSEC_JARS_DIR)/*.jar $(BUILDDIR)/webapp/WEB-INF/lib/ + cp $(XMLSEC_JARS_DIR)/commons-logging.jar $(BUILDDIR)/webapp/WEB-INF/lib/ + cp $(XMLSEC_JARS_DIR)/xmlsec-1.4.0.jar $(BUILDDIR)/webapp/WEB-INF/lib/ + cp $(XMLSEC_LICENSE) $(BUILDDIR)/webapp/WEB-INF/lib/ ls $(BUILDDIR)/webapp/WEB-INF/lib/ jar cvf $(BUILDDIR)/$(WEBAPP) -C $(BUILDDIR)/webapp . cp $(BUILDDIR)/$(WEBAPP) $(LIBDIR)/java/ diff --git a/CASA-auth-token/server-java/Svc/linux/casa_crypto.properties b/CASA-auth-token/server-java/Svc/linux/casa_crypto.properties new file mode 100644 index 00000000..64e5da12 --- /dev/null +++ b/CASA-auth-token/server-java/Svc/linux/casa_crypto.properties @@ -0,0 +1,5 @@ +com.novell.casa.authtoksvc.crypto.keystore.type=jks +com.novell.casa.authtoksvc.crypto.keystore.password=secret +com.novell.casa.authtoksvc.crypto.keystore.alias=signingKey +com.novell.casa.authtoksvc.crypto.alias.password=secret +com.novell.casa.authtoksvc.crypto.file=/etc/CASA/authtoken/keys/server/jks-store diff --git a/CASA-auth-token/server-java/Svc/linux/crypto.properties b/CASA-auth-token/server-java/Svc/linux/crypto.properties deleted file mode 100644 index 2f2e46ce..00000000 --- a/CASA-auth-token/server-java/Svc/linux/crypto.properties +++ /dev/null @@ -1,6 +0,0 @@ -org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin -org.apache.ws.security.crypto.merlin.keystore.type=jks -org.apache.ws.security.crypto.merlin.keystore.password=secret -org.apache.ws.security.crypto.merlin.keystore.alias=signingKey -org.apache.ws.security.crypto.merlin.alias.password=secret -org.apache.ws.security.crypto.merlin.file=/etc/CASA/authtoken/keys/server/jks-store diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthToken.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthToken.java index 6f6b451d..2b36ccb0 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthToken.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthToken.java @@ -132,7 +132,7 @@ public final class AuthToken idenTokenProviderElement.setTextContent(m_identityTokenType); idenTokenElement.appendChild(idenTokenProviderElement); Node idenTokenDataElement = tokenDoc.createElement("ident_token_data"); - idenTokenDataElement.setTextContent(m_identityTokenType); + idenTokenDataElement.setTextContent(m_identityToken); idenTokenElement.appendChild(idenTokenDataElement); // Secure the token @@ -350,7 +350,7 @@ public final class AuthToken try { // Instantiate secure token object to be utilized in server type operations - m_clientSecTokenUtil = new SecureTokenUtil(true); + m_clientSecTokenUtil = new SecureTokenUtil(false); } catch (Exception e) { diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SecureTokenUtil.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SecureTokenUtil.java index c6d5cf3a..8914bc9c 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SecureTokenUtil.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SecureTokenUtil.java @@ -29,7 +29,6 @@ package com.novell.casa.authtoksvc; import java.io.*; import org.apache.xml.security.c14n.Canonicalizer; -import org.apache.xml.security.utils.Constants; import org.apache.xml.security.signature.XMLSignature; import org.apache.xml.security.transforms.Transforms; import org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial; @@ -100,13 +99,13 @@ public final class SecureTokenUtil // Load our crypto properties Properties cryptoProperties = new Properties(); ClassLoader classLoader = SecureTokenUtil.class.getClassLoader(); - inStream = classLoader.getResourceAsStream("crypto.properties"); + inStream = classLoader.getResourceAsStream("casa_crypto.properties"); cryptoProperties.load(inStream); // Get necessary keystore info from the crypto properties - String keystoreType = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks"); - String keystoreFile = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.file"); - String keystorePass = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.password"); + String keystoreType = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.type", "jks"); + String keystoreFile = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.file"); + String keystorePass = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.password"); if (keystoreType == null || keystoreFile == null || keystorePass == null) @@ -123,9 +122,9 @@ public final class SecureTokenUtil // Get signing key and cert if in server mode if (serverMode) { - String privateKeyAlias = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias"); - String privateKeyPass = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.alias.password"); - String certificateAlias = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias"); + String privateKeyAlias = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.alias"); + String privateKeyPass = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.alias.password"); + String certificateAlias = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.alias"); if (privateKeyAlias == null || privateKeyPass == null || certificateAlias == null) @@ -615,8 +614,6 @@ public final class SecureTokenUtil InputStream inStream = null; try { - Constants.setSignatureSpecNSprefix(""); - // Get document from our template inStream = new ByteArrayInputStream(m_secureTokenTemplate.getBytes()); @@ -746,4 +743,10 @@ public final class SecureTokenUtil throw e; } } + + // Initialize xml security engine when class loads + static + { + org.apache.xml.security.Init.init(); + } } diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SessionToken.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SessionToken.java index 3decfe0e..028c2f59 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SessionToken.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SessionToken.java @@ -97,10 +97,10 @@ public final class SessionToken soapBodyElement.appendChild(sessionTokenElement); Node realmElement = tokenDoc.createElement("realm"); realmElement.setTextContent(m_realm); - sessionTokenElement.appendChild(realmElement); Node idenIdElement = tokenDoc.createElement("ident_id"); idenIdElement.setTextContent(m_id); - realmElement.appendChild(idenIdElement); + sessionTokenElement.appendChild(idenIdElement); + sessionTokenElement.insertBefore(realmElement, idenIdElement); // Secure the token secTokenUtil.secure(tokenDoc, Integer.valueOf(lifetime).intValue()); diff --git a/CASA-auth-token/server-java/Svc/windows/Makefile.am b/CASA-auth-token/server-java/Svc/windows/Makefile.am index cf8170ce..b068991f 100644 --- a/CASA-auth-token/server-java/Svc/windows/Makefile.am +++ b/CASA-auth-token/server-java/Svc/windows/Makefile.am @@ -26,7 +26,7 @@ DIST_SUBDIRS = CFILES = -EXTRA_DIST = crypto.properties +EXTRA_DIST = casa_crypto.properties ROOT = ../.. @@ -144,7 +144,7 @@ $(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES) cp ../templates/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings cp ../templates/authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings cp ../templates/identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings - cp ../windows/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties + cp ../windows/casa_crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/casa_crypto.properties cp ../src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings cp ../src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings cp $(AXIS_JARS_DIR)/*.jar $(BUILDDIR)/webapp/WEB-INF/lib/ diff --git a/CASA-auth-token/server-java/Svc/windows/casa_crypto.properties b/CASA-auth-token/server-java/Svc/windows/casa_crypto.properties new file mode 100644 index 00000000..1bb27fb3 --- /dev/null +++ b/CASA-auth-token/server-java/Svc/windows/casa_crypto.properties @@ -0,0 +1,5 @@ +com.novell.casa.authtoksvc.crypto.keystore.type=jks +com.novell.casa.authtoksvc.crypto.keystore.password=secret +com.novell.casa.authtoksvc.crypto.keystore.alias=signingKey +com.novell.casa.authtoksvc.crypto.alias.password=secret +com.novell.casa.authtoksvc.crypto.file=ATS_INSTALL_DIRats\etc\keys\server\jks-store diff --git a/CASA-auth-token/server-java/Svc/windows/crypto.properties b/CASA-auth-token/server-java/Svc/windows/crypto.properties deleted file mode 100644 index 52442646..00000000 --- a/CASA-auth-token/server-java/Svc/windows/crypto.properties +++ /dev/null @@ -1,6 +0,0 @@ -org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin -org.apache.ws.security.crypto.merlin.keystore.type=jks -org.apache.ws.security.crypto.merlin.keystore.password=secret -org.apache.ws.security.crypto.merlin.keystore.alias=signingKey -org.apache.ws.security.crypto.merlin.alias.password=secret -org.apache.ws.security.crypto.merlin.file=ATS_INSTALL_DIRats\etc\keys\server\jks-store diff --git a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in index fccb2ace..199f609b 100644 --- a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in +++ b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in @@ -18,7 +18,7 @@ Name: @PACKAGE@ URL: http://www.novell.com/products BuildRequires: gcc-c++ glib2-devel identity-abstraction insserv libstdc++ libstdc++-devel mono-devel pkgconfig servletapi5 sysvinit xerces-j2 xml-commons-apis -BuildRequires: java-sdk-1.5.0 update-alternatives log4j xalan-j2 jakarta-commons-logging +BuildRequires: java-sdk-1.5.0 update-alternatives log4j jakarta-commons-logging %define prefix /usr License: LGPL Group: Applications/System @@ -30,7 +30,7 @@ Summary: Novell CASA Authentication Token Service Source: %{name}-%{version}.tar.bz2 BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: jre >= 1.5.0 -Requires: servletapi5 tomcat5 sysvinit insserv identity-abstraction sed log4j xalan-j2 jakarta-commons-logging +Requires: servletapi5 tomcat5 sysvinit insserv identity-abstraction sed log4j xerces-j2 PreReq: %fillup_prereq %insserv_prereq PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent @@ -56,7 +56,7 @@ services that are CASA authentication enabled. Summary: Novell CASA Authentication Token JAAS Support Components Group: Applications/System Requires: jre >= 1.5.0 -Requires: log4j xalan-j2 jakarta-commons-logging +Requires: log4j jakarta-commons-logging xerces-j2 %description -n CASA_auth_token_jaas_support CASA_auth_token is an authentication token infrastructure with support for @@ -188,7 +188,8 @@ install -m 600 Svc/tomcat5/conf/web.xml %{buildroot}/srv/www/casaats/conf/web.xm install -m 755 %{_lib}/java/CasaJaasSupport.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport-%{bldno}.jar install -m 755 %{_lib}/java/CasaAuthToken.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthToken-%{bldno}.jar install -m 755 Svc/external/xmlsec/xml-security-1_4_0/libs/xmlsec-1.4.0.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/xmlsec-1.4.0.jar -install -m 644 Jaas/linux/crypto.properties %{buildroot}/etc/CASA/authtoken/keys/client/crypto.properties +install -m 644 Svc/external/xmlsec/xml-security-1_4_0/LICENSE %{buildroot}%{prefix}/share/java/CASA/authtoken/external/LICENSE +install -m 644 Jaas/linux/casa_crypto.properties %{buildroot}/etc/CASA/authtoken/keys/client/casa_crypto.properties # Symbolic Links ln -sf CasaJaasSupport-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport.jar @@ -339,7 +340,8 @@ rm -f /srv/www/casaats/conf/server.xml %{prefix}/share/java/CASA/authtoken/CasaAuthToken.jar %{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh %{prefix}/share/java/CASA/authtoken/external/xmlsec-1.4.0.jar -%config /etc/CASA/authtoken/keys/client/crypto.properties +%{prefix}/share/java/CASA/authtoken/external/LICENSE +%config /etc/CASA/authtoken/keys/client/casa_crypto.properties %changelog -n CASA_auth_token_svc diff --git a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in index ab0e1c02..7d7cf4ac 100644 --- a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in +++ b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in @@ -17,8 +17,8 @@ Name: @PACKAGE@ URL: http://www.novell.com/products -BuildRequires: gcc-c++ glib2-devel identity-abstraction insserv libstdc++ libstdc++-devel mono-devel pkgconfig servletapi5 sysvinit xerces-j2 jdk novell-zenworks-java-links -BuildRequires: java-sdk-1.5.0 update-alternatives log4j +BuildRequires: gcc-c++ glib2-devel identity-abstraction insserv libstdc++ libstdc++-devel mono-devel pkgconfig servletapi5 sysvinit xerces-j2 jdk novell-zenworks-java-links xml-commons-apis +BuildRequires: java-sdk-1.5.0 update-alternatives log4j jakarta-commons-logging %define prefix /usr License: LGPL Group: Applications/System @@ -30,7 +30,7 @@ Summary: Novell CASA Authentication Token Service Source: %{name}-%{version}.tar.bz2 BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: jre >= 1.5.0 -Requires: novell-zenworks-tomcat sysvinit insserv identity-abstraction sed jdk novell-zenworks-java-links log4j +Requires: novell-zenworks-tomcat sysvinit insserv identity-abstraction sed jdk novell-zenworks-java-links log4j xerces-j2 PreReq: %fillup_prereq %insserv_prereq PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent @@ -56,6 +56,7 @@ services that are CASA authentication enabled. Summary: Novell CASA Authentication Token JAAS Support Components Group: Applications/System Requires: jre >= 1.5.0 CASA_auth_token_svc jdk novell-zenworks-java-links log4j +Requires: log4j jakarta-commons-logging xerces-j2 %description -n CASA_auth_token_jaas_support CASA_auth_token is an authentication token infrastructure with support for @@ -186,22 +187,9 @@ install -m 600 Svc/tomcat5/conf/web.xml %{buildroot}/srv/www/casaats/conf/web.xm # Libs install -m 755 %{_lib}/java/CasaJaasSupport.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport-%{bldno}.jar install -m 755 %{_lib}/java/CasaAuthToken.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthToken-%{bldno}.jar -install -m 755 Svc/external/axis.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/axis.jar -install -m 755 Svc/external/axis-ant.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/axis-ant.jar -install -m 755 Svc/external/commons-discovery-0.2.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/commons-discovery-0.2.jar -install -m 755 Svc/external/commons-logging-1.0.4.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar -install -m 755 Svc/external/commons-logging-api.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/commons-logging-api.jar -install -m 755 Svc/external/jaxrpc.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/jaxrpc.jar -install -m 755 Svc/external/log4j.properties %{buildroot}%{prefix}/share/java/CASA/authtoken/external/log4j.properties -install -m 755 Svc/external/log4j-1.2.8.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/log4j-1.2.8.jar -install -m 755 Svc/external/saaj.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/saaj.jar -install -m 755 Svc/external/wsdl4j-1.5.1.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar -install -m 755 Svc/external/wss4j-1.5.0.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/wss4j-1.5.0.jar -install -m 755 Svc/external/xalan.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/xalan.jar -install -m 755 Svc/external/xercesImpl.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/xercesImpl.jar -install -m 755 Svc/external/xml-apis.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/xml-apis.jar -install -m 755 Svc/external/xmlsec-1.2.1.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar -install -m 644 Jaas/linux/crypto.properties %{buildroot}/etc/CASA/authtoken/keys/client/crypto.properties +install -m 755 Svc/external/xmlsec/xml-security-1_4_0/libs/xmlsec-1.4.0.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/xmlsec-1.4.0.jar +install -m 644 Svc/external/xmlsec/xml-security-1_4_0/LICENSE %{buildroot}%{prefix}/share/java/CASA/authtoken/external/LICENSE +install -m 644 Jaas/linux/casa_crypto.properties %{buildroot}/etc/CASA/authtoken/keys/client/casa_crypto.properties # Symbolic Links ln -sf CasaJaasSupport-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport.jar @@ -351,22 +339,9 @@ rm -f /srv/www/casaats/conf/server.xml %{prefix}/share/java/CASA/authtoken/CasaAuthToken-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/CasaAuthToken.jar %{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh -%{prefix}/share/java/CASA/authtoken/external/axis.jar -%{prefix}/share/java/CASA/authtoken/external/axis-ant.jar -%{prefix}/share/java/CASA/authtoken/external/commons-discovery-0.2.jar -%{prefix}/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar -%{prefix}/share/java/CASA/authtoken/external/commons-logging-api.jar -%{prefix}/share/java/CASA/authtoken/external/jaxrpc.jar -%{prefix}/share/java/CASA/authtoken/external/log4j.properties -%{prefix}/share/java/CASA/authtoken/external/log4j-1.2.8.jar -%{prefix}/share/java/CASA/authtoken/external/saaj.jar -%{prefix}/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar -%{prefix}/share/java/CASA/authtoken/external/wss4j-1.5.0.jar -%{prefix}/share/java/CASA/authtoken/external/xalan.jar -%{prefix}/share/java/CASA/authtoken/external/xercesImpl.jar -%{prefix}/share/java/CASA/authtoken/external/xml-apis.jar -%{prefix}/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar -%config /etc/CASA/authtoken/keys/client/crypto.properties +%{prefix}/share/java/CASA/authtoken/external/xmlsec-1.4.0.jar +%{prefix}/share/java/CASA/authtoken/external/LICENSE +%config /etc/CASA/authtoken/keys/client/casa_crypto.properties %changelog -n CASA_auth_token_svc diff --git a/CASA-auth-token/server-java/package/windows/UpdateWarFile/UpdateWarFile.java b/CASA-auth-token/server-java/package/windows/UpdateWarFile/UpdateWarFile.java index 5a2f5623..c095cda7 100644 --- a/CASA-auth-token/server-java/package/windows/UpdateWarFile/UpdateWarFile.java +++ b/CASA-auth-token/server-java/package/windows/UpdateWarFile/UpdateWarFile.java @@ -254,9 +254,9 @@ public class UpdateWarFile { int i; String [] rgsFilesToAdd = new String[1]; - rgsFilesToAdd[0] = sInstallDir + "ats\\etc\\svc\\templates\\crypto.properties"; + rgsFilesToAdd[0] = sInstallDir + "ats\\etc\\svc\\templates\\casa_crypto.properties"; String [] rgsNames = new String[1]; - rgsNames[0] = "WEB-INF/classes/crypto.properties"; + rgsNames[0] = "WEB-INF/classes/casa_crypto.properties"; for (i = 0; i < rgsFilesToAdd.length; i++) { log("Adding file: " + rgsFilesToAdd[i] + " with name " + rgsNames[i]); @@ -324,9 +324,9 @@ public class UpdateWarFile jeLoop = (ZipEntry)entries.nextElement(); // Skip WEB-INF/classes/cypto.properties - if (jeLoop.getName().equalsIgnoreCase("WEB-INF/classes/crypto.properties")) + if (jeLoop.getName().equalsIgnoreCase("WEB-INF/classes/casa_crypto.properties")) { - log("skipping: " + "WEB-INF/classes/crypto.properties"); + log("skipping: " + "WEB-INF/classes/casa_crypto.properties"); continue; } diff --git a/CASA-auth-token/server-java/package/windows/server-java_msi/server-java_msi.vdproj b/CASA-auth-token/server-java/package/windows/server-java_msi/server-java_msi.vdproj index ad4da80b..728a3978 100644 --- a/CASA-auth-token/server-java/package/windows/server-java_msi/server-java_msi.vdproj +++ b/CASA-auth-token/server-java/package/windows/server-java_msi/server-java_msi.vdproj @@ -510,12 +510,12 @@ } "{4AA51A2D-7D85-4A59-BA75-B0809FC8B380}:_4A2EA62CF7E74BCF99C43F5A0C68CE7F" { - "Name" = "8:CommandLauncher.exe (DeleteFile - crypto.properties) Must occur after UpdateWarFile" + "Name" = "8:CommandLauncher.exe (DeleteFile - casa_crypto.properties) Must occur after UpdateWarFile" "Condition" = "8:" "Object" = "8:_32E2D317FBCD4B25904D5402E547B8A8" "FileType" = "3:2" "InstallAction" = "3:1" - "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin DeleteFile file=[TARGETDIR]ats\\etc\\svc\\templates\\crypto.properties" + "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin DeleteFile file=[TARGETDIR]ats\\etc\\svc\\templates\\casa_crypto.properties" "EntryPoint" = "8:" "Sequence" = "3:7" "Identifier" = "8:_41435F8A_10DA_454F_AE4E_55B6EDC859B1" @@ -524,12 +524,12 @@ } "{4AA51A2D-7D85-4A59-BA75-B0809FC8B380}:_4AB953C8E8AA4E44B7A3D2DDD163C040" { - "Name" = "8:CommandLauncher.exe (MungeCryptoPropertiesFilePath) Must occur after InitConfigFile for crypto.properties and prior to UpdateWarFile" + "Name" = "8:CommandLauncher.exe (MungeCryptoPropertiesFilePath) Must occur after InitConfigFile for casa_crypto.properties and prior to UpdateWarFile" "Condition" = "8:" "Object" = "8:_32E2D317FBCD4B25904D5402E547B8A8" "FileType" = "3:2" "InstallAction" = "3:1" - "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin MungeCryptoPropertiesFilePath input=[TARGETDIR]ats\\etc\\svc\\templates\\crypto.properties.munge output=[TARGETDIR]ats\\etc\\svc\\templates\\crypto.properties" + "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin MungeCryptoPropertiesFilePath input=[TARGETDIR]ats\\etc\\svc\\templates\\casa_crypto.properties.munge output=[TARGETDIR]ats\\etc\\svc\\templates\\casa_crypto.properties" "EntryPoint" = "8:" "Sequence" = "3:5" "Identifier" = "8:_489F695D_617D_408B_A286_9096FF4C6030" @@ -720,12 +720,12 @@ } "{4AA51A2D-7D85-4A59-BA75-B0809FC8B380}:_CBD36E7C65454FAEAFAFBB089F552379" { - "Name" = "8:CommandLauncher.exe (InitConfigFile - crypto.properties) Must occur prior to MungeCryptoPropertiesFilePath" + "Name" = "8:CommandLauncher.exe (InitConfigFile - casa_crypto.properties) Must occur prior to MungeCryptoPropertiesFilePath" "Condition" = "8:" "Object" = "8:_32E2D317FBCD4B25904D5402E547B8A8" "FileType" = "3:2" "InstallAction" = "3:1" - "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin InitConfigFile ATS_INSTALL_DIR=[TARGETDIR] template=[TARGETDIR]ats\\etc\\svc\\templates\\crypto.properties.template output=[TARGETDIR]ats\\etc\\svc\\templates\\crypto.properties.munge" + "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin InitConfigFile ATS_INSTALL_DIR=[TARGETDIR] template=[TARGETDIR]ats\\etc\\svc\\templates\\casa_crypto.properties.template output=[TARGETDIR]ats\\etc\\svc\\templates\\casa_crypto.properties.munge" "EntryPoint" = "8:" "Sequence" = "3:4" "Identifier" = "8:_52B37947_0117_4E54_A3CE_CE1092EF5AFF" @@ -762,12 +762,12 @@ } "{4AA51A2D-7D85-4A59-BA75-B0809FC8B380}:_E40220C987784FAD9A06EE2D5DE2EE04" { - "Name" = "8:CommandLauncher.exe (DeleteFile - crypto.properties.munge) Must occur after MungeCryptoPropertiesFilePath" + "Name" = "8:CommandLauncher.exe (DeleteFile - casa_crypto.properties.munge) Must occur after MungeCryptoPropertiesFilePath" "Condition" = "8:" "Object" = "8:_32E2D317FBCD4B25904D5402E547B8A8" "FileType" = "3:2" "InstallAction" = "3:1" - "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin DeleteFile file=[TARGETDIR]ats\\etc\\svc\\templates\\crypto.properties.munge" + "Arguments" = "8:[ATS_JAVA_EXE] -cp [TARGETDIR]ats\\bin DeleteFile file=[TARGETDIR]ats\\etc\\svc\\templates\\casa_crypto.properties.munge" "EntryPoint" = "8:" "Sequence" = "3:8" "Identifier" = "8:_9B4A731D_B624_4E26_9350_EEEEA32D8892" @@ -1761,8 +1761,8 @@ } "{1FB2D0AE-D3B9-43D4-B9DD-F88EC61E35DE}:_D945234C1C494DDCAB2C8537CE4D1C1C" { - "SourcePath" = "8:..\\..\\..\\Svc\\windows\\crypto.properties" - "TargetName" = "8:crypto.properties.template" + "SourcePath" = "8:..\\..\\..\\Svc\\windows\\casa_crypto.properties" + "TargetName" = "8:casa_crypto.properties.template" "Tag" = "8:" "Folder" = "8:_DB2EB303AA7A4FA0874CCF7DE23125AB" "Condition" = "8:"