This project has retired. For details please refer to its Attic page.
UddiDigitalSignatureBusiness xref
View Javadoc
1   /*
2    * Copyright 2001-2013 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   */
17  package org.apache.juddi.samples;
18  
19  import java.util.concurrent.atomic.AtomicReference;
20  
21  import org.apache.juddi.v3.client.config.UDDIClient;
22  import org.apache.juddi.v3.client.config.UDDIClientContainer;
23  import org.apache.juddi.v3.client.cryptor.DigSigUtil;
24  import org.apache.juddi.v3.client.transport.Transport;
25  import org.uddi.api_v3.*;
26  import org.uddi.v3_service.UDDIInquiryPortType;
27  import org.uddi.v3_service.UDDIPublicationPortType;
28  import org.uddi.v3_service.UDDISecurityPortType;
29  
30  /**
31   * This class shows you how to digital sign a business
32   *
33   * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a>
34   */
35  public class UddiDigitalSignatureBusiness {
36  
37          private UDDISecurityPortType security = null;
38          private UDDIInquiryPortType inquiry = null;
39          private UDDIPublicationPortType publish = null;
40          private UDDIClient clerkManager = null;
41  
42          /**
43           * This sets up the ws proxies using uddi.xml in META-INF
44           */
45          public UddiDigitalSignatureBusiness() {
46                  try {
47                          // create a manager and read the config in the archive; 
48                          // you can use your config file name
49                          clerkManager = new UDDIClient("META-INF/simple-publish-uddi.xml");
50                          Transport transport = clerkManager.getTransport();
51                          // Now you create a reference to the UDDI API
52                          security = transport.getUDDISecurityService();
53                          inquiry = transport.getUDDIInquiryService();
54                          publish = transport.getUDDIPublishService();
55                  } catch (Exception e) {
56                          e.printStackTrace();
57                  }
58          }
59  
60          public UddiDigitalSignatureBusiness(Transport transport) {
61                  try {
62  
63                          // Now you create a reference to the UDDI API
64                          security = transport.getUDDISecurityService();
65                          inquiry = transport.getUDDIInquiryService();
66                          publish = transport.getUDDIPublishService();
67                  } catch (Exception e) {
68                          e.printStackTrace();
69                  }
70          }
71  
72          /**
73           * Main entry point
74           *
75           * @param args
76           */
77          public static void main(String args[]) {
78  
79                  UddiDigitalSignatureBusiness sp = new UddiDigitalSignatureBusiness();
80                  sp.fire(null, null);
81          }
82  
83          public void fire(String token, String key) {
84                  try {
85  
86                          DigSigUtil ds = null;
87  
88                          //option 1), set everything manually
89                          ds = new DigSigUtil();
90                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILE, "keystore.jks");
91                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILETYPE, "JKS");
92                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILE_PASSWORD, "Test");
93                          ds.put(DigSigUtil.SIGNATURE_KEYSTORE_KEY_ALIAS, "Test");
94                          ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_BASE64, "true");
95  
96                          ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_SERIAL, "true");
97                          ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_SUBJECTDN, "true");
98                          ds.put(DigSigUtil.TRUSTSTORE_FILE, "truststore.jks");
99                          ds.put(DigSigUtil.TRUSTSTORE_FILETYPE, "JKS");
100                         ds.put(DigSigUtil.TRUSTSTORE_FILE_PASSWORD, "Test");
101 
102                         //option 2), load it from the juddi config file
103                         //ds = new DigSigUtil(clerkManager.getClientConfig().getDigitalSignatureConfiguration());
104                         //login
105                         if (token == null) //option, load from juddi config
106                         {
107                                 token = GetAuthKey(clerkManager.getClerk("default").getPublisher(),
108                                         clerkManager.getClerk("default").getPassword());
109                         }
110 
111                         if (key == null) {
112                                 //make a new business
113                                 SaveBusiness sb = new SaveBusiness();
114                                 sb.setAuthInfo(token);
115                                 BusinessEntity ob = new BusinessEntity();
116                                 Name name = new Name();
117                                 name.setValue("My Signed Business");
118                                 ob.getName().add(name);
119                                 sb.getBusinessEntity().add(ob);
120                                 //save it
121                                 BusinessDetail saveBusiness = publish.saveBusiness(sb);
122 
123                                 System.out.println("business created with key " + saveBusiness.getBusinessEntity().get(0).getBusinessKey());
124 
125                                 BusinessEntity be = saveBusiness.getBusinessEntity().get(0);
126                                 key = be.getBusinessKey();
127                         }
128                         BusinessEntity be = clerkManager.getClerk("default").getBusinessDetail(key);
129                         //sign the copy returned from the UDDI node (it may have made changes)
130                         DigSigUtil.JAXB_ToStdOut(be);
131                         if (!be.getSignature().isEmpty()) {
132                                 System.out.println("WARN, the entity with the key " + key + " is already signed! aborting");
133                                 return;
134                         }
135 
136                         //if it's already signed, remove all existing signatures
137                         System.out.println("signing");
138                         BusinessEntity signUDDI_JAXBObject = ds.signUddiEntity(be);
139                         DigSigUtil.JAXB_ToStdOut(signUDDI_JAXBObject);
140                         System.out.println("signed, saving");
141 
142                         SaveBusiness sb = new SaveBusiness();
143                         sb.setAuthInfo(token);
144                         sb.getBusinessEntity().add(signUDDI_JAXBObject);
145                         publish.saveBusiness(sb);
146                         System.out.println("saved, fetching");
147 
148                         //validate it again from the server, confirming that it was transformed correctly
149                         GetBusinessDetail gb = new GetBusinessDetail();
150                         gb.setAuthInfo(token);
151                         gb.getBusinessKey().add(be.getBusinessKey());
152                         be = inquiry.getBusinessDetail(gb).getBusinessEntity().get(0);
153                         DigSigUtil.JAXB_ToStdOut(be);
154                         System.out.println("verifing");
155                         AtomicReference<String> msg = new AtomicReference<String>();
156                         boolean verifySigned_UDDI_JAXB_Object = ds.verifySignedUddiEntity(be, msg);
157                         if (verifySigned_UDDI_JAXB_Object) {
158                                 System.out.println("signature validation passed (expected)");
159                         } else {
160                                 System.out.println("signature validation failed (not expected)");
161                         }
162                         System.out.println(msg.get());
163 
164                 } catch (Exception e) {
165                         e.printStackTrace();
166                 }
167         }
168 
169         /**
170          * Gets a UDDI style auth token, otherwise, appends credentials to the
171          * ws proxies (not yet implemented)
172          *
173          * @param username
174          * @param password
175          * @param style
176          * @return
177          */
178         private String GetAuthKey(String username, String password) {
179                 try {
180 
181                         GetAuthToken getAuthTokenRoot = new GetAuthToken();
182                         getAuthTokenRoot.setUserID(username);
183                         getAuthTokenRoot.setCred(password);
184 
185                         // Making API call that retrieves the authentication token for the 'root' user.
186                         AuthToken rootAuthToken = security.getAuthToken(getAuthTokenRoot);
187                         System.out.println("root AUTHTOKEN = " + "don't log auth tokens!");
188                         return rootAuthToken.getAuthInfo();
189                 } catch (Exception ex) {
190                         System.out.println("Could not authenticate with the provided credentials " + ex.getMessage());
191                 }
192                 return null;
193         }
194 }