public static void main(String[] args) throws Throwable {
SecurityActions.setSystemProperty(
"java.util.logging.manager", "org.jboss.logmanager.LogManager");
String jbossHomeKey = "jboss.home";
String jbossHomeProp = System.getProperty(jbossHomeKey);
if (jbossHomeProp == null)
throw new IllegalStateException("Cannot find system property: " + jbossHomeKey);
File jbossHomeDir = new File(jbossHomeProp);
if (jbossHomeDir.isDirectory() == false)
throw new IllegalStateException("Invalid jboss home directory: " + jbossHomeDir);
StandaloneServer server = create(jbossHomeDir, System.getProperties(), System.getenv());
server.start();
}
@SuppressWarnings("rawtypes")
public JBWSTokenClient(STSClientConfig config, Map<String, ? super Object> options) {
super(config);
try {
this.dataTypefactory = DatatypeFactory.newInstance();
} catch (DatatypeConfigurationException dce) {
throw logger.wsTrustUnableToGetDataTypeFactory(dce);
}
requestType = (String) options.get(STSClientConfig.REQUEST_TYPE);
if (requestType == null) {
requestType = config.getRequestType();
}
String soapBinding = (String) options.get(STSClientConfig.SOAP_BINDING);
if (soapBinding != null) {
setSoapBinding(soapBinding);
}
// Get pre-constructed Dispatch from super
Dispatch<Source> dispatch = super.getDispatch();
String overrideDispatchStr = (String) options.get("overrideDispatch");
if (StringUtil.isNotNull(overrideDispatchStr)) {
boolean bool = Boolean.valueOf(overrideDispatchStr);
if (bool) {
dispatch = new PicketLinkDispatch(dispatch, (String) options.get("endpointAddress"));
String useWSSE = (String) options.get("useWSSE");
if (StringUtil.isNotNull(useWSSE) && useWSSE.equalsIgnoreCase("true")) {
((PicketLinkDispatch) dispatch).setUseWSSE(true);
}
}
}
Binding binding = dispatch.getBinding();
List<Handler> handlers = binding.getHandlerChain();
String handlerStr = (String) options.get("handlerChain");
if (StringUtil.isNotNull(handlerStr)) {
List<String> tokens = StringUtil.tokenize(handlerStr);
for (String token : tokens) {
if (token.equalsIgnoreCase("binary")) {
BinaryTokenHandler binaryTokenHandler = new BinaryTokenHandler();
handlers.add(binaryTokenHandler);
} else if (token.equalsIgnoreCase("saml2")) {
SAML2Handler samlHandler = new SAML2Handler();
handlers.add(samlHandler);
} else if (token.equalsIgnoreCase("map")) {
MapBasedTokenHandler mapBasedHandler = new MapBasedTokenHandler(options);
handlers.add(mapBasedHandler);
} else {
ClassLoader cl = SecurityActions.getClassLoader(getClass());
try {
handlers.add((Handler) cl.loadClass(token).newInstance());
} catch (Exception e) {
throw logger.authUnableToInstantiateHandler(token, e);
}
}
}
}
binding.setHandlerChain(handlers);
setDispatch(dispatch);
String securityDomainForFactory = (String) options.get("securityDomainForFactory");
if (StringUtil.isNotNull(securityDomainForFactory)) {
logger.trace("We got security domain for domain ssl factory = " + securityDomainForFactory);
logger.trace("Setting it on the system property org.jboss.security.ssl.domain.name");
String sslFactoryName = "org.jboss.security.ssl.JaasSecurityDomainSocketFactory";
SecurityActions.setSystemProperty(
"org.jboss.security.ssl.domain.name", securityDomainForFactory);
// StubExt.PROPERTY_SOCKET_FACTORY
dispatch.getRequestContext().put("org.jboss.ws.socketFactory", sslFactoryName);
// If we are using PL Dispatch. Then we need to set the SSL Socket Factory
if (dispatch instanceof PicketLinkDispatch) {
ClassLoader cl = SecurityActions.getClassLoader(getClass());
SSLSocketFactory socketFactory = null;
if (cl != null) {
try {
Class<?> clazz = cl.loadClass(sslFactoryName);
socketFactory = (SSLSocketFactory) clazz.newInstance();
} catch (Exception e) {
cl = SecurityActions.getContextClassLoader();
try {
Class<?> clazz = cl.loadClass(sslFactoryName);
socketFactory = (SSLSocketFactory) clazz.newInstance();
} catch (Exception e1) {
throw logger.jbossWSUnableToCreateSSLSocketFactory(e1);
}
} finally {
if (socketFactory != null) {
((PicketLinkDispatch) dispatch).setSSLSocketFactory(socketFactory);
} else throw logger.jbossWSUnableToFindSSLSocketFactory();
}
} else {
logger.trace(
"Classloader is null. Unable to set the SSLSocketFactory on PicketLinkDispatch");
}
}
}
}
@Override
protected void performBoottime(
OperationContext context,
ModelNode operation,
ModelNode model,
ServiceVerificationHandler verificationHandler,
List<ServiceController<?>> newControllers)
throws OperationFailedException {
SecurityLogger.ROOT_LOGGER.activatingSecuritySubsystem();
if (context.getProcessType() != ProcessType.APPLICATION_CLIENT) {
// remove once AS7-4687 is resolved
SecurityActions.setSystemProperty(
SecurityContextAssociation.SECURITYCONTEXT_THREADLOCAL, "true");
}
final ServiceTarget target = context.getServiceTarget();
final SecurityBootstrapService bootstrapService = new SecurityBootstrapService();
newControllers.add(
target
.addService(SecurityBootstrapService.SERVICE_NAME, bootstrapService)
.addDependency(
Services.JBOSS_SERVICE_MODULE_LOADER,
ServiceModuleLoader.class,
bootstrapService.getServiceModuleLoaderInjectedValue())
.addListener(verificationHandler)
.setInitialMode(ServiceController.Mode.ACTIVE)
.install());
context.addStep(
new AbstractDeploymentChainStep() {
protected void execute(DeploymentProcessorTarget processorTarget) {}
},
OperationContext.Stage.RUNTIME);
// add service to bind SecurityDomainJndiInjectable to JNDI
final SecurityDomainJndiInjectable securityDomainJndiInjectable =
new SecurityDomainJndiInjectable();
final BinderService binderService = new BinderService("jaas");
newControllers.add(
target
.addService(ContextNames.JBOSS_CONTEXT_SERVICE_NAME.append("jaas"), binderService)
.addInjection(binderService.getManagedObjectInjector(), securityDomainJndiInjectable)
.addDependency(
ContextNames.JBOSS_CONTEXT_SERVICE_NAME,
ServiceBasedNamingStore.class,
binderService.getNamingStoreInjector())
.addDependency(
SecurityManagementService.SERVICE_NAME,
ISecurityManagement.class,
securityDomainJndiInjectable.getSecurityManagementInjector())
.addListener(verificationHandler)
.setInitialMode(ServiceController.Mode.ACTIVE)
.install());
// add security management service
ModelNode modelNode =
SecuritySubsystemRootResourceDefinition.DEEP_COPY_SUBJECT_MODE.resolveModelAttribute(
context, model);
final SecurityManagementService securityManagementService =
new SecurityManagementService(
AUTHENTICATION_MANAGER,
modelNode.isDefined() && modelNode.asBoolean(),
CALLBACK_HANDLER,
AUTHORIZATION_MANAGER,
AUDIT_MANAGER,
IDENTITY_TRUST_MANAGER,
MAPPING_MANAGER);
newControllers.add(
target
.addService(SecurityManagementService.SERVICE_NAME, securityManagementService)
.addDependency(
Services.JBOSS_SERVICE_MODULE_LOADER,
ServiceModuleLoader.class,
securityManagementService.getServiceModuleLoaderInjectedValue())
.addListener(verificationHandler)
.setInitialMode(ServiceController.Mode.ACTIVE)
.install());
// add subject factory service
final SubjectFactoryService subjectFactoryService =
new SubjectFactoryService(SUBJECT_FACTORY);
newControllers.add(
target
.addService(SubjectFactoryService.SERVICE_NAME, subjectFactoryService)
.addDependency(
SecurityManagementService.SERVICE_NAME,
ISecurityManagement.class,
subjectFactoryService.getSecurityManagementInjector())
.addListener(verificationHandler)
.setInitialMode(ServiceController.Mode.ACTIVE)
.install());
// add jaas configuration service
Configuration loginConfig = XMLLoginConfigImpl.getInstance();
final JaasConfigurationService jaasConfigurationService =
new JaasConfigurationService(loginConfig);
newControllers.add(
target
.addService(JaasConfigurationService.SERVICE_NAME, jaasConfigurationService)
.addListener(verificationHandler)
.setInitialMode(ServiceController.Mode.ACTIVE)
.install());
// add Simple Security Manager Service
final SimpleSecurityManagerService simpleSecurityManagerService =
new SimpleSecurityManagerService();
newControllers.add(
target
.addService(SimpleSecurityManagerService.SERVICE_NAME, simpleSecurityManagerService)
.addDependency(
SecurityManagementService.SERVICE_NAME,
ISecurityManagement.class,
simpleSecurityManagerService.getSecurityManagementInjector())
.addListener(verificationHandler)
.install());
context.addStep(
new AbstractDeploymentChainStep() {
protected void execute(DeploymentProcessorTarget processorTarget) {
processorTarget.addDeploymentProcessor(
SecurityExtension.SUBSYSTEM_NAME,
Phase.INSTALL,
Phase.INSTALL_JACC_POLICY,
new JaccEarDeploymentProcessor());
processorTarget.addDeploymentProcessor(
SecurityExtension.SUBSYSTEM_NAME,
Phase.DEPENDENCIES,
Phase.DEPENDENCIES_SECURITY,
new SecurityDependencyProcessor());
}
},
OperationContext.Stage.RUNTIME);
}
