public static void main(String[] args) throws Throwable { SecurityActions.setSystemProperty( "java.util.logging.manager", "org.jboss.logmanager.LogManager"); String jbossHomeKey = "jboss.home"; String jbossHomeProp = System.getProperty(jbossHomeKey); if (jbossHomeProp == null) throw new IllegalStateException("Cannot find system property: " + jbossHomeKey); File jbossHomeDir = new File(jbossHomeProp); if (jbossHomeDir.isDirectory() == false) throw new IllegalStateException("Invalid jboss home directory: " + jbossHomeDir); StandaloneServer server = create(jbossHomeDir, System.getProperties(), System.getenv()); server.start(); }
@SuppressWarnings("rawtypes") public JBWSTokenClient(STSClientConfig config, Map<String, ? super Object> options) { super(config); try { this.dataTypefactory = DatatypeFactory.newInstance(); } catch (DatatypeConfigurationException dce) { throw logger.wsTrustUnableToGetDataTypeFactory(dce); } requestType = (String) options.get(STSClientConfig.REQUEST_TYPE); if (requestType == null) { requestType = config.getRequestType(); } String soapBinding = (String) options.get(STSClientConfig.SOAP_BINDING); if (soapBinding != null) { setSoapBinding(soapBinding); } // Get pre-constructed Dispatch from super Dispatch<Source> dispatch = super.getDispatch(); String overrideDispatchStr = (String) options.get("overrideDispatch"); if (StringUtil.isNotNull(overrideDispatchStr)) { boolean bool = Boolean.valueOf(overrideDispatchStr); if (bool) { dispatch = new PicketLinkDispatch(dispatch, (String) options.get("endpointAddress")); String useWSSE = (String) options.get("useWSSE"); if (StringUtil.isNotNull(useWSSE) && useWSSE.equalsIgnoreCase("true")) { ((PicketLinkDispatch) dispatch).setUseWSSE(true); } } } Binding binding = dispatch.getBinding(); List<Handler> handlers = binding.getHandlerChain(); String handlerStr = (String) options.get("handlerChain"); if (StringUtil.isNotNull(handlerStr)) { List<String> tokens = StringUtil.tokenize(handlerStr); for (String token : tokens) { if (token.equalsIgnoreCase("binary")) { BinaryTokenHandler binaryTokenHandler = new BinaryTokenHandler(); handlers.add(binaryTokenHandler); } else if (token.equalsIgnoreCase("saml2")) { SAML2Handler samlHandler = new SAML2Handler(); handlers.add(samlHandler); } else if (token.equalsIgnoreCase("map")) { MapBasedTokenHandler mapBasedHandler = new MapBasedTokenHandler(options); handlers.add(mapBasedHandler); } else { ClassLoader cl = SecurityActions.getClassLoader(getClass()); try { handlers.add((Handler) cl.loadClass(token).newInstance()); } catch (Exception e) { throw logger.authUnableToInstantiateHandler(token, e); } } } } binding.setHandlerChain(handlers); setDispatch(dispatch); String securityDomainForFactory = (String) options.get("securityDomainForFactory"); if (StringUtil.isNotNull(securityDomainForFactory)) { logger.trace("We got security domain for domain ssl factory = " + securityDomainForFactory); logger.trace("Setting it on the system property org.jboss.security.ssl.domain.name"); String sslFactoryName = "org.jboss.security.ssl.JaasSecurityDomainSocketFactory"; SecurityActions.setSystemProperty( "org.jboss.security.ssl.domain.name", securityDomainForFactory); // StubExt.PROPERTY_SOCKET_FACTORY dispatch.getRequestContext().put("org.jboss.ws.socketFactory", sslFactoryName); // If we are using PL Dispatch. Then we need to set the SSL Socket Factory if (dispatch instanceof PicketLinkDispatch) { ClassLoader cl = SecurityActions.getClassLoader(getClass()); SSLSocketFactory socketFactory = null; if (cl != null) { try { Class<?> clazz = cl.loadClass(sslFactoryName); socketFactory = (SSLSocketFactory) clazz.newInstance(); } catch (Exception e) { cl = SecurityActions.getContextClassLoader(); try { Class<?> clazz = cl.loadClass(sslFactoryName); socketFactory = (SSLSocketFactory) clazz.newInstance(); } catch (Exception e1) { throw logger.jbossWSUnableToCreateSSLSocketFactory(e1); } } finally { if (socketFactory != null) { ((PicketLinkDispatch) dispatch).setSSLSocketFactory(socketFactory); } else throw logger.jbossWSUnableToFindSSLSocketFactory(); } } else { logger.trace( "Classloader is null. Unable to set the SSLSocketFactory on PicketLinkDispatch"); } } } }
@Override protected void performBoottime( OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException { SecurityLogger.ROOT_LOGGER.activatingSecuritySubsystem(); if (context.getProcessType() != ProcessType.APPLICATION_CLIENT) { // remove once AS7-4687 is resolved SecurityActions.setSystemProperty( SecurityContextAssociation.SECURITYCONTEXT_THREADLOCAL, "true"); } final ServiceTarget target = context.getServiceTarget(); final SecurityBootstrapService bootstrapService = new SecurityBootstrapService(); newControllers.add( target .addService(SecurityBootstrapService.SERVICE_NAME, bootstrapService) .addDependency( Services.JBOSS_SERVICE_MODULE_LOADER, ServiceModuleLoader.class, bootstrapService.getServiceModuleLoaderInjectedValue()) .addListener(verificationHandler) .setInitialMode(ServiceController.Mode.ACTIVE) .install()); context.addStep( new AbstractDeploymentChainStep() { protected void execute(DeploymentProcessorTarget processorTarget) {} }, OperationContext.Stage.RUNTIME); // add service to bind SecurityDomainJndiInjectable to JNDI final SecurityDomainJndiInjectable securityDomainJndiInjectable = new SecurityDomainJndiInjectable(); final BinderService binderService = new BinderService("jaas"); newControllers.add( target .addService(ContextNames.JBOSS_CONTEXT_SERVICE_NAME.append("jaas"), binderService) .addInjection(binderService.getManagedObjectInjector(), securityDomainJndiInjectable) .addDependency( ContextNames.JBOSS_CONTEXT_SERVICE_NAME, ServiceBasedNamingStore.class, binderService.getNamingStoreInjector()) .addDependency( SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, securityDomainJndiInjectable.getSecurityManagementInjector()) .addListener(verificationHandler) .setInitialMode(ServiceController.Mode.ACTIVE) .install()); // add security management service ModelNode modelNode = SecuritySubsystemRootResourceDefinition.DEEP_COPY_SUBJECT_MODE.resolveModelAttribute( context, model); final SecurityManagementService securityManagementService = new SecurityManagementService( AUTHENTICATION_MANAGER, modelNode.isDefined() && modelNode.asBoolean(), CALLBACK_HANDLER, AUTHORIZATION_MANAGER, AUDIT_MANAGER, IDENTITY_TRUST_MANAGER, MAPPING_MANAGER); newControllers.add( target .addService(SecurityManagementService.SERVICE_NAME, securityManagementService) .addDependency( Services.JBOSS_SERVICE_MODULE_LOADER, ServiceModuleLoader.class, securityManagementService.getServiceModuleLoaderInjectedValue()) .addListener(verificationHandler) .setInitialMode(ServiceController.Mode.ACTIVE) .install()); // add subject factory service final SubjectFactoryService subjectFactoryService = new SubjectFactoryService(SUBJECT_FACTORY); newControllers.add( target .addService(SubjectFactoryService.SERVICE_NAME, subjectFactoryService) .addDependency( SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, subjectFactoryService.getSecurityManagementInjector()) .addListener(verificationHandler) .setInitialMode(ServiceController.Mode.ACTIVE) .install()); // add jaas configuration service Configuration loginConfig = XMLLoginConfigImpl.getInstance(); final JaasConfigurationService jaasConfigurationService = new JaasConfigurationService(loginConfig); newControllers.add( target .addService(JaasConfigurationService.SERVICE_NAME, jaasConfigurationService) .addListener(verificationHandler) .setInitialMode(ServiceController.Mode.ACTIVE) .install()); // add Simple Security Manager Service final SimpleSecurityManagerService simpleSecurityManagerService = new SimpleSecurityManagerService(); newControllers.add( target .addService(SimpleSecurityManagerService.SERVICE_NAME, simpleSecurityManagerService) .addDependency( SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, simpleSecurityManagerService.getSecurityManagementInjector()) .addListener(verificationHandler) .install()); context.addStep( new AbstractDeploymentChainStep() { protected void execute(DeploymentProcessorTarget processorTarget) { processorTarget.addDeploymentProcessor( SecurityExtension.SUBSYSTEM_NAME, Phase.INSTALL, Phase.INSTALL_JACC_POLICY, new JaccEarDeploymentProcessor()); processorTarget.addDeploymentProcessor( SecurityExtension.SUBSYSTEM_NAME, Phase.DEPENDENCIES, Phase.DEPENDENCIES_SECURITY, new SecurityDependencyProcessor()); } }, OperationContext.Stage.RUNTIME); }