Continuation of changes to remove Axis dependency.
This commit is contained in:
Juan Carlos Luciani
@@ -137,10 +137,10 @@ Note the following about the sample svc.settings file:
|
||||
"secret".
|
||||
|
||||
ATSs digitally sign tokens, for this purpose it is necessary that keys be generated and installed
|
||||
in a keystore whose location and properties are configured in the crypto.properties file present in
|
||||
in a keystore whose location and properties are configured in the casa_crypto.properties file present in
|
||||
the "classes" folder under the WEB-INF folder of the AuthTokenSvc application
|
||||
($CATALINA_HOME/webapps/CasaAuthTokenSvc/WEB-INF/classes). Please note that you must edit the
|
||||
crypto.properties file with the appropriate information once the AuthTokenSvc is deployed to
|
||||
casa_crypto.properties file with the appropriate information once the AuthTokenSvc is deployed to
|
||||
a Tomcat server to deal with your configuration requirements.
|
||||
|
||||
CONFIGURING SERVICES TO CONSUME CASA AUTHENTICATION TOKENS
|
||||
|
||||
@@ -26,22 +26,7 @@ DIST_SUBDIRS = xmlsec
|
||||
|
||||
CFILES =
|
||||
|
||||
EXTRA_DIST = axis.jar \
|
||||
axis-ant.jar \
|
||||
commons-discovery-0.2.jar \
|
||||
commons-logging-1.0.4.jar \
|
||||
commons-logging-api.jar \
|
||||
jaxrpc.jar \
|
||||
log4j.properties \
|
||||
log4j-1.2.8.jar \
|
||||
README \
|
||||
saaj.jar \
|
||||
wsdl4j-1.5.1.jar \
|
||||
wss4j-1.5.0.jar \
|
||||
xalan.jar \
|
||||
xml-apis.jar \
|
||||
xercesImpl.jar \
|
||||
xmlsec-1.2.1.jar
|
||||
EXTRA_DIST = README
|
||||
|
||||
.PHONY: package package-clean package-install package-uninstall
|
||||
package package-clean package-install package-uninstall:
|
||||
|
||||
Binary file not shown.
BIN
CASA-auth-token/server-java/Svc/external/axis.jar
vendored
BIN
CASA-auth-token/server-java/Svc/external/axis.jar
vendored
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
BIN
CASA-auth-token/server-java/Svc/external/jaxrpc.jar
vendored
BIN
CASA-auth-token/server-java/Svc/external/jaxrpc.jar
vendored
Binary file not shown.
Binary file not shown.
@@ -1,20 +0,0 @@
|
||||
# Set root category priority to INFO and its only appender to CONSOLE.
|
||||
log4j.rootCategory=INFO, CONSOLE
|
||||
#log4j.rootCategory=INFO, CONSOLE, LOGFILE
|
||||
|
||||
# Set the enterprise logger category to FATAL and its only appender to CONSOLE.
|
||||
log4j.logger.org.apache.axis.enterprise=FATAL, CONSOLE
|
||||
|
||||
# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
|
||||
log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
|
||||
log4j.appender.CONSOLE.Threshold=INFO
|
||||
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
|
||||
log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
|
||||
|
||||
# LOGFILE is set to be a File appender using a PatternLayout.
|
||||
log4j.appender.LOGFILE=org.apache.log4j.FileAppender
|
||||
log4j.appender.LOGFILE.File=axis.log
|
||||
log4j.appender.LOGFILE.Append=true
|
||||
log4j.appender.LOGFILE.Threshold=INFO
|
||||
log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
|
||||
log4j.appender.LOGFILE.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
|
||||
BIN
CASA-auth-token/server-java/Svc/external/saaj.jar
vendored
BIN
CASA-auth-token/server-java/Svc/external/saaj.jar
vendored
Binary file not shown.
Binary file not shown.
Binary file not shown.
BIN
CASA-auth-token/server-java/Svc/external/xalan.jar
vendored
BIN
CASA-auth-token/server-java/Svc/external/xalan.jar
vendored
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -30,7 +30,7 @@ EXTRA_DIST = CasaAuthtokenSvcD \
|
||||
envvars \
|
||||
envvars.zen \
|
||||
server_keystore_setup.sh \
|
||||
crypto.properties \
|
||||
casa_crypto.properties \
|
||||
CasaBasicATSSetup.sh \
|
||||
CasaAuthPolicyEditor.sh \
|
||||
CasaAuthTokenSettingsEditor.sh \
|
||||
@@ -44,6 +44,7 @@ LIBDIR = $(ROOT)/$(LIB)
|
||||
|
||||
IDENT_ABSTRACTION_DIR = /usr/share/java/identity-abstraction
|
||||
XMLSEC_JARS_DIR = ../external/xmlsec/xml-security-1_4_0/libs
|
||||
XMLSEC_LICENSE = ../external/xmlsec/xml-security-1_4_0/LICENSE
|
||||
|
||||
MANIFEST_DIR = ../manifest
|
||||
|
||||
@@ -128,7 +129,7 @@ CLASSES = $(addprefix $(BUILDDIR)/, $(JAVAFILES:%.java=%.class))
|
||||
|
||||
XMLSEC_LIBS = $(XMLSEC_JARS_DIR)/xmlsec-1.4.0.jar
|
||||
|
||||
LIBS = /usr/share/java/servletapi5.jar:/usr/share/java/xerces-j2.jar:/usr/share/java/log4j.jar:/usr/share/java/commons-logging.jar:/usr/share/java/xalan-j2.jar
|
||||
LIBS = /usr/share/java/servletapi5.jar:/usr/share/java/xerces-j2.jar:/usr/share/java/log4j.jar
|
||||
CLASSPATH = $(XMLSEC_LIBS):$(IDENT_ABSTRACTION_DIR)/identity-abstraction.jar:$(IDENT_ABSTRACTION_DIR)/bandit-util.jar:$(IDENT_ABSTRACTION_DIR)/castor-1.0.4.jar:$(LIBS)
|
||||
|
||||
CUR_DIR := $(shell pwd)
|
||||
@@ -149,10 +150,12 @@ $(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES)
|
||||
cp ../templates/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings
|
||||
cp ../templates/authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings
|
||||
cp ../templates/identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings
|
||||
cp ../linux/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties
|
||||
cp ../linux/casa_crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/casa_crypto.properties
|
||||
cp ../src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings
|
||||
cp ../src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings
|
||||
cp $(XMLSEC_JARS_DIR)/*.jar $(BUILDDIR)/webapp/WEB-INF/lib/
|
||||
cp $(XMLSEC_JARS_DIR)/commons-logging.jar $(BUILDDIR)/webapp/WEB-INF/lib/
|
||||
cp $(XMLSEC_JARS_DIR)/xmlsec-1.4.0.jar $(BUILDDIR)/webapp/WEB-INF/lib/
|
||||
cp $(XMLSEC_LICENSE) $(BUILDDIR)/webapp/WEB-INF/lib/
|
||||
ls $(BUILDDIR)/webapp/WEB-INF/lib/
|
||||
jar cvf $(BUILDDIR)/$(WEBAPP) -C $(BUILDDIR)/webapp .
|
||||
cp $(BUILDDIR)/$(WEBAPP) $(LIBDIR)/java/
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
com.novell.casa.authtoksvc.crypto.keystore.type=jks
|
||||
com.novell.casa.authtoksvc.crypto.keystore.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.keystore.alias=signingKey
|
||||
com.novell.casa.authtoksvc.crypto.alias.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.file=/etc/CASA/authtoken/keys/server/jks-store
|
||||
@@ -1,6 +0,0 @@
|
||||
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
|
||||
org.apache.ws.security.crypto.merlin.keystore.type=jks
|
||||
org.apache.ws.security.crypto.merlin.keystore.password=secret
|
||||
org.apache.ws.security.crypto.merlin.keystore.alias=signingKey
|
||||
org.apache.ws.security.crypto.merlin.alias.password=secret
|
||||
org.apache.ws.security.crypto.merlin.file=/etc/CASA/authtoken/keys/server/jks-store
|
||||
@@ -132,7 +132,7 @@ public final class AuthToken
|
||||
idenTokenProviderElement.setTextContent(m_identityTokenType);
|
||||
idenTokenElement.appendChild(idenTokenProviderElement);
|
||||
Node idenTokenDataElement = tokenDoc.createElement("ident_token_data");
|
||||
idenTokenDataElement.setTextContent(m_identityTokenType);
|
||||
idenTokenDataElement.setTextContent(m_identityToken);
|
||||
idenTokenElement.appendChild(idenTokenDataElement);
|
||||
|
||||
// Secure the token
|
||||
@@ -350,7 +350,7 @@ public final class AuthToken
|
||||
try
|
||||
{
|
||||
// Instantiate secure token object to be utilized in server type operations
|
||||
m_clientSecTokenUtil = new SecureTokenUtil(true);
|
||||
m_clientSecTokenUtil = new SecureTokenUtil(false);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
|
||||
@@ -29,7 +29,6 @@ package com.novell.casa.authtoksvc;
|
||||
import java.io.*;
|
||||
|
||||
import org.apache.xml.security.c14n.Canonicalizer;
|
||||
import org.apache.xml.security.utils.Constants;
|
||||
import org.apache.xml.security.signature.XMLSignature;
|
||||
import org.apache.xml.security.transforms.Transforms;
|
||||
import org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial;
|
||||
@@ -100,13 +99,13 @@ public final class SecureTokenUtil
|
||||
// Load our crypto properties
|
||||
Properties cryptoProperties = new Properties();
|
||||
ClassLoader classLoader = SecureTokenUtil.class.getClassLoader();
|
||||
inStream = classLoader.getResourceAsStream("crypto.properties");
|
||||
inStream = classLoader.getResourceAsStream("casa_crypto.properties");
|
||||
cryptoProperties.load(inStream);
|
||||
|
||||
// Get necessary keystore info from the crypto properties
|
||||
String keystoreType = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
|
||||
String keystoreFile = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.file");
|
||||
String keystorePass = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.password");
|
||||
String keystoreType = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.type", "jks");
|
||||
String keystoreFile = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.file");
|
||||
String keystorePass = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.password");
|
||||
if (keystoreType == null
|
||||
|| keystoreFile == null
|
||||
|| keystorePass == null)
|
||||
@@ -123,9 +122,9 @@ public final class SecureTokenUtil
|
||||
// Get signing key and cert if in server mode
|
||||
if (serverMode)
|
||||
{
|
||||
String privateKeyAlias = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias");
|
||||
String privateKeyPass = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.alias.password");
|
||||
String certificateAlias = cryptoProperties.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias");
|
||||
String privateKeyAlias = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.alias");
|
||||
String privateKeyPass = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.alias.password");
|
||||
String certificateAlias = cryptoProperties.getProperty("com.novell.casa.authtoksvc.crypto.keystore.alias");
|
||||
if (privateKeyAlias == null
|
||||
|| privateKeyPass == null
|
||||
|| certificateAlias == null)
|
||||
@@ -615,8 +614,6 @@ public final class SecureTokenUtil
|
||||
InputStream inStream = null;
|
||||
try
|
||||
{
|
||||
Constants.setSignatureSpecNSprefix("");
|
||||
|
||||
// Get document from our template
|
||||
inStream = new ByteArrayInputStream(m_secureTokenTemplate.getBytes());
|
||||
|
||||
@@ -746,4 +743,10 @@ public final class SecureTokenUtil
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
|
||||
// Initialize xml security engine when class loads
|
||||
static
|
||||
{
|
||||
org.apache.xml.security.Init.init();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -97,10 +97,10 @@ public final class SessionToken
|
||||
soapBodyElement.appendChild(sessionTokenElement);
|
||||
Node realmElement = tokenDoc.createElement("realm");
|
||||
realmElement.setTextContent(m_realm);
|
||||
sessionTokenElement.appendChild(realmElement);
|
||||
Node idenIdElement = tokenDoc.createElement("ident_id");
|
||||
idenIdElement.setTextContent(m_id);
|
||||
realmElement.appendChild(idenIdElement);
|
||||
sessionTokenElement.appendChild(idenIdElement);
|
||||
sessionTokenElement.insertBefore(realmElement, idenIdElement);
|
||||
|
||||
// Secure the token
|
||||
secTokenUtil.secure(tokenDoc, Integer.valueOf(lifetime).intValue());
|
||||
|
||||
@@ -26,7 +26,7 @@ DIST_SUBDIRS =
|
||||
|
||||
CFILES =
|
||||
|
||||
EXTRA_DIST = crypto.properties
|
||||
EXTRA_DIST = casa_crypto.properties
|
||||
|
||||
ROOT = ../..
|
||||
|
||||
@@ -144,7 +144,7 @@ $(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES)
|
||||
cp ../templates/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings
|
||||
cp ../templates/authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings
|
||||
cp ../templates/identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings
|
||||
cp ../windows/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties
|
||||
cp ../windows/casa_crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/casa_crypto.properties
|
||||
cp ../src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings
|
||||
cp ../src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings
|
||||
cp $(AXIS_JARS_DIR)/*.jar $(BUILDDIR)/webapp/WEB-INF/lib/
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
com.novell.casa.authtoksvc.crypto.keystore.type=jks
|
||||
com.novell.casa.authtoksvc.crypto.keystore.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.keystore.alias=signingKey
|
||||
com.novell.casa.authtoksvc.crypto.alias.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.file=ATS_INSTALL_DIRats\etc\keys\server\jks-store
|
||||
@@ -1,6 +0,0 @@
|
||||
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
|
||||
org.apache.ws.security.crypto.merlin.keystore.type=jks
|
||||
org.apache.ws.security.crypto.merlin.keystore.password=secret
|
||||
org.apache.ws.security.crypto.merlin.keystore.alias=signingKey
|
||||
org.apache.ws.security.crypto.merlin.alias.password=secret
|
||||
org.apache.ws.security.crypto.merlin.file=ATS_INSTALL_DIRats\etc\keys\server\jks-store
|
||||
Reference in New Issue
Block a user