1 /* 2 * Copyright 2006 the original author or authors. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.springframework.ws.soap.security.wss4j.support; 18 19 import java.io.File; 20 import java.io.IOException; 21 import java.util.Properties; 22 23 import org.apache.ws.security.components.crypto.Crypto; 24 import org.apache.ws.security.components.crypto.CryptoFactory; 25 import org.apache.ws.security.components.crypto.Merlin; 26 27 import org.springframework.beans.factory.BeanClassLoaderAware; 28 import org.springframework.beans.factory.FactoryBean; 29 import org.springframework.beans.factory.InitializingBean; 30 import org.springframework.core.io.Resource; 31 import org.springframework.util.Assert; 32 33 /** 34 * Spring factory bean for a WSS4J {@link Crypto}. Allows for strong-typed property configuration, or configuration 35 * through {@link Properties}. 36 * <p/> 37 * Requires either individual properties, or the {@link #setConfiguration(java.util.Properties) configuration} property 38 * to be set. 39 * 40 * @author Tareq Abed Rabbo 41 * @author Arjen Poutsma 42 * @see org.apache.ws.security.components.crypto.Crypto 43 * @since 1.5.0 44 */ 45 public class CryptoFactoryBean implements FactoryBean, BeanClassLoaderAware, InitializingBean { 46 47 private Properties configuration = new Properties(); 48 49 private ClassLoader classLoader; 50 51 private Crypto crypto; 52 53 private static final String CRYPTO_PROVIDER_PROPERTY = "org.apache.ws.security.crypto.provider"; 54 55 /** 56 * Sets the configuration of the Crypto. Setting this property overrides all previously set configuration, through 57 * the type-safe properties 58 * 59 * @see org.apache.ws.security.components.crypto.CryptoFactory#getInstance(java.util.Properties) 60 */ 61 public void setConfiguration(Properties properties) { 62 Assert.notNull(properties, "'properties' must not be null"); 63 this.configuration.putAll(properties); 64 } 65 66 /** 67 * Sets the {@link org.apache.ws.security.components.crypto.Crypto} provider name. Defaults to {@link 68 * org.apache.ws.security.components.crypto.Merlin}. 69 * <p/> 70 * This property maps to the WSS4J <code>org.apache.ws.security.crypto.provider</code> property. 71 * 72 * @param cryptoProviderClass the crypto provider class 73 */ 74 public void setCryptoProvider(Class cryptoProviderClass) { 75 this.configuration.setProperty(CRYPTO_PROVIDER_PROPERTY, cryptoProviderClass.getName()); 76 } 77 78 /** 79 * Sets the location of the key store to be loaded in the {@link org.apache.ws.security.components.crypto.Crypto} 80 * instance. 81 * <p/> 82 * This property maps to the WSS4J <code>org.apache.ws.security.crypto.merlin.file</code> property. 83 * 84 * @param location the key store location 85 * @throws java.io.IOException when the resource cannot be opened 86 */ 87 public void setKeyStoreLocation(Resource location) throws IOException { 88 File keyStoreFile = location.getFile(); 89 this.configuration.setProperty("org.apache.ws.security.crypto.merlin.file", keyStoreFile.getAbsolutePath()); 90 } 91 92 /** 93 * Sets the key store provider. 94 * <p/> 95 * This property maps to the WSS4J <code>org.apache.ws.security.crypto.merlin.keystore.provider</code> property. 96 * 97 * @param provider the key store provider 98 */ 99 public void setKeyStoreProvider(String provider) { 100 this.configuration.setProperty("org.apache.ws.security.crypto.merlin.keystore.provider", provider); 101 } 102 103 /** 104 * Sets the key store password. Defaults to <code>security</code>. 105 * <p/> 106 * This property maps to the WSS4J <code>org.apache.ws.security.crypto.merlin.keystore.password</code> property. 107 * 108 * @param password the key store password 109 */ 110 public void setKeyStorePassword(String password) { 111 this.configuration.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", password); 112 } 113 114 /** 115 * Sets the key store type. Defaults to {@link java.security.KeyStore#getDefaultType()}. 116 * <p/> 117 * This property maps to the WSS4J <code>org.apache.ws.security.crypto.merlin.keystore.type</code> property. 118 * 119 * @param type the key store type 120 */ 121 public void setKeyStoreType(String type) { 122 this.configuration.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", type); 123 } 124 125 /** 126 * Sets the trust store password. Defaults to <code>changeit</code>. 127 * <p/> 128 * WSS4J crypto uses the standard J2SE trust store, i.e. <code>$JAVA_HOME/lib/security/cacerts</code>. 129 * <p/> 130 * <p/> 131 * This property maps to the WSS4J <code>org.apache.ws.security.crypto.merlin.cacerts.password</code> property. 132 * 133 * @param password the trust store password 134 */ 135 public void setTrustStorePassword(String password) { 136 this.configuration.setProperty("org.apache.ws.security.crypto.merlin.cacerts.password", password); 137 } 138 139 /** 140 * Sets the alias name of the default certificate which has been specified as a property. This should be the 141 * certificate that is used for signature and encryption. This alias corresponds to the certificate that should be 142 * used whenever KeyInfo is not present in a signed or an encrypted message. 143 * <p/> 144 * This property maps to the WSS4J <code>org.apache.ws.security.crypto.merlin.keystore.alias</code> property. 145 * 146 * @param defaultX509Alias alias name of the default X509 certificate 147 */ 148 public void setDefaultX509Alias(String defaultX509Alias) { 149 this.configuration.setProperty("org.apache.ws.security.crypto.merlin.keystore.alias", defaultX509Alias); 150 } 151 152 public void setBeanClassLoader(ClassLoader classLoader) { 153 this.classLoader = classLoader; 154 } 155 156 public void afterPropertiesSet() throws Exception { 157 if (!configuration.containsKey(CRYPTO_PROVIDER_PROPERTY)) { 158 configuration.setProperty(CRYPTO_PROVIDER_PROPERTY, Merlin.class.getName()); 159 } 160 this.crypto = CryptoFactory.getInstance(configuration, classLoader); 161 } 162 163 public Class getObjectType() { 164 return Crypto.class; 165 } 166 167 public boolean isSingleton() { 168 return true; 169 } 170 171 public Object getObject() throws Exception { 172 return crypto; 173 } 174 175 }