glassfish 0.2.0-universal-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (72) hide show
  1. data/COPYRIGHT +18 -0
  2. data/LICENSE.txt +263 -0
  3. data/README +27 -0
  4. data/bin/asadmin +13 -0
  5. data/bin/asadmin.bat +9 -0
  6. data/bin/glassfish_rails +46 -0
  7. data/bin/startserv +11 -0
  8. data/bin/startserv.bat +9 -0
  9. data/bin/stopserv +13 -0
  10. data/bin/stopserv.bat +9 -0
  11. data/config/asadminenv.conf +6 -0
  12. data/config/asenv.bat +28 -0
  13. data/config/asenv.conf +27 -0
  14. data/config/glassfish.container +4 -0
  15. data/domains/domain1/config/admin-keyfile +1 -0
  16. data/domains/domain1/config/cacerts.jks +0 -0
  17. data/domains/domain1/config/default-web.xml +906 -0
  18. data/domains/domain1/config/domain-passwords +0 -0
  19. data/domains/domain1/config/domain.xml +210 -0
  20. data/domains/domain1/config/domain.xml_ORIG +207 -0
  21. data/domains/domain1/config/keyfile +6 -0
  22. data/domains/domain1/config/keystore.jks +0 -0
  23. data/domains/domain1/config/logging.properties +82 -0
  24. data/domains/domain1/config/login.conf +21 -0
  25. data/domains/domain1/config/server.policy +160 -0
  26. data/domains/domain1/config/sun-acc.xml +40 -0
  27. data/domains/domain1/config/wss-server-config-1.0.xml +86 -0
  28. data/domains/domain1/config/wss-server-config-2.0.xml +94 -0
  29. data/domains/domain1/docroot/favicon.gif +0 -0
  30. data/domains/domain1/docroot/index.html +46 -0
  31. data/domains/domain1/master-password +0 -0
  32. data/lib/appclient/appclientlogin.conf +10 -0
  33. data/lib/appclient/client.policy +79 -0
  34. data/lib/appclient/wss-client-config-1.0.xml +84 -0
  35. data/lib/appclient/wss-client-config-2.0.xml +96 -0
  36. data/lib/package-appclient.xml +185 -0
  37. data/lib/processLauncher.properties +25 -0
  38. data/lib/processLauncher.xml +189 -0
  39. data/lib/registration/servicetag-registry.xml +18 -0
  40. data/lib/templates/cacerts.jks +0 -0
  41. data/lib/templates/default-web.xml +932 -0
  42. data/lib/templates/domain.xml +210 -0
  43. data/lib/templates/domain.xml.xsl +100 -0
  44. data/lib/templates/keyfile +6 -0
  45. data/lib/templates/logging.properties +82 -0
  46. data/lib/templates/login.conf +21 -0
  47. data/lib/templates/profile.properties +37 -0
  48. data/lib/templates/server.policy +155 -0
  49. data/modules/admin-cli-10.0-tp-2-SNAPSHOT.jar +0 -0
  50. data/modules/auto-depends-0.2.1.jar +0 -0
  51. data/modules/cli-framework-10.0-tp-2-SNAPSHOT.jar +0 -0
  52. data/modules/common-util-10.0-tp-2-SNAPSHOT.jar +0 -0
  53. data/modules/config-0.2.1.jar +0 -0
  54. data/modules/config-api-10.0-tp-2-SNAPSHOT.jar +0 -0
  55. data/modules/gf-jruby-connector-10.0-tp-2-SNAPSHOT.jar +0 -0
  56. data/modules/glassfish-10.0-tp-2-SNAPSHOT.jar +0 -0
  57. data/modules/glassfish-api-10.0-tp-2-SNAPSHOT.jar +0 -0
  58. data/modules/glassfish.rb +10 -0
  59. data/modules/grizzly-jruby-module-10.0-tp-2-SNAPSHOT.jar +0 -0
  60. data/modules/grizzly-module-10.0-tp-2-SNAPSHOT.jar +0 -0
  61. data/modules/hk2-0.2.1.jar +0 -0
  62. data/modules/hk2-core-0.2.1.jar +0 -0
  63. data/modules/internal-api-10.0-tp-2-SNAPSHOT.jar +0 -0
  64. data/modules/junit-4.3.1.jar +0 -0
  65. data/modules/kernel-10.0-tp-2-SNAPSHOT.jar +0 -0
  66. data/modules/launcher-10.0-tp-2-SNAPSHOT.jar +0 -0
  67. data/modules/osgi-adapter-0.2.1.jar +0 -0
  68. data/modules/stax-api-1.0-2.jar +0 -0
  69. data/modules/tiger-types-osgi-0.2.1.jar +0 -0
  70. data/modules/universal-10.0-tp-2-SNAPSHOT.jar +0 -0
  71. data/modules/wstx-asl-3.2.3.jar +0 -0
  72. metadata +143 -0
@@ -0,0 +1,160 @@
1
+ //
2
+ // The contents of this file are subject to the terms
3
+ // of the Common Development and Distribution License
4
+ // (the "License"). You may not use this file except
5
+ // in compliance with the License.
6
+ //
7
+ // You can obtain a copy of the license at
8
+ // glassfish/bootstrap/legal/CDDLv1.0.txt or
9
+ // https://glassfish.dev.java.net/public/CDDLv1.0.html.
10
+ // See the License for the specific language governing
11
+ // permissions and limitations under the License.
12
+ //
13
+ // When distributing Covered Code, include this CDDL
14
+ // HEADER in each file and include the License file at
15
+ // glassfish/bootstrap/legal/CDDLv1.0.txt. If applicable,
16
+ // add the following below this CDDL HEADER, with the
17
+ // fields enclosed by brackets "[]" replaced with your
18
+ // own identifying information: Portions Copyright [yyyy]
19
+ // [name of copyright owner]
20
+ //
21
+
22
+ /* Copyright 2004 Sun Microsystems, Inc. All rights reserved. */
23
+ /* SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */
24
+
25
+ // Core server classes get all permissions by default
26
+ grant codeBase "file:${com.sun.aas.installRoot}/lib/-" {
27
+ permission java.security.AllPermission;
28
+ };
29
+
30
+ // jdmk classes get all permissions by default
31
+ grant codeBase "file:${com.sun.aas.jdmkHome}/lib/-" {
32
+ permission java.security.AllPermission;
33
+ };
34
+
35
+ // mfwk_instrum_tk.jar get all permissions by default
36
+ grant codeBase "file:${com.sun.aas.mfwkHome}/lib/mfwk_instrum_tk.jar" {
37
+ permission java.security.AllPermission;
38
+ };
39
+
40
+ // lockhart classes get all permissions by default
41
+ grant codeBase "file:${com.sun.aas.webconsoleLib}/cc.jar" {
42
+ permission java.security.AllPermission;
43
+ };
44
+
45
+ // jato classes get all permissions by default
46
+ grant codeBase "file:${com.sun.aas.jatoRoot}/jato.jar" {
47
+ permission java.security.AllPermission;
48
+ };
49
+
50
+ // JBI get all permissions by default
51
+ grant codeBase "file:${com.sun.aas.installRoot}/jbi/-" {
52
+ permission java.security.AllPermission;
53
+ };
54
+
55
+ // JBI instances get all permissions by default
56
+ grant codeBase "file:${com.sun.aas.instanceRoot}/jbi/-" {
57
+ permission java.security.AllPermission;
58
+ };
59
+
60
+ // Composite applications get all permissions by default
61
+ grant codeBase "file:${com.sun.aas.instanceRoot}/applications/composite-applications/-" {
62
+ permission java.security.AllPermission;
63
+ };
64
+
65
+ // iMQ classes get all permissions by default
66
+ grant codeBase "file:${com.sun.aas.imqLib}/-" {
67
+ permission java.security.AllPermission;
68
+ };
69
+
70
+ // ANT classes get all permissions by default
71
+ grant codeBase "file:${com.sun.aas.antLib}/-" {
72
+ permission java.security.AllPermission;
73
+ };
74
+
75
+ // Derby driver classes get all permissions by default
76
+ grant codeBase "file:${com.sun.aas.derbyRoot}/lib/-" {
77
+ permission java.security.AllPermission;
78
+ };
79
+
80
+ // Pointbase embedded server classes get all permissions by default
81
+ grant codeBase "file:${com.sun.aas.pointbaseRoot}/lib/-" {
82
+ permission java.security.AllPermission;
83
+ };
84
+
85
+ // Web Services classes get all permissions by default
86
+ grant codeBase "file:${com.sun.aas.webServicesLib}/-" {
87
+ permission java.security.AllPermission;
88
+ };
89
+
90
+ // permissions for avkit classes
91
+ grant codeBase "file:${j2ee.appverification.home}/lib/-" {
92
+ permission java.security.AllPermission;
93
+ };
94
+
95
+ // permissions for HADB jar file(s)
96
+ grant codeBase "file:${com.sun.aas.hadbRoot}/lib/-" {
97
+ permission java.security.AllPermission;
98
+ };
99
+
100
+ // permission for JDK's tools.jar to enable webservice annotation processing
101
+ // at runtime by wsgen tool:
102
+ // permission java.lang.RuntimePermission "createClassLoader";
103
+ //
104
+ // permission for JDK's tools.jar to sign JARs at runtime for
105
+ // Java Web Start support:
106
+ // permissions java.security.AllPermission;
107
+ // on the advice of the JDK tools folks. Should be refined later.
108
+ grant codeBase "file:${com.sun.aas.javaRoot}/lib/tools.jar" {
109
+ permission java.security.AllPermission;
110
+ };
111
+
112
+ //Loading MBeans from anywhere, to take care of side effects of 6235678.
113
+ grant {
114
+ permission javax.management.MBeanTrustPermission "register" ;
115
+ };
116
+ //Loading MBeans from anywhere, to take care of side effects of 6235678.
117
+
118
+
119
+ // Basic set of required permissions granted to all remaining code
120
+ grant {
121
+ //Workaround for bugs #6484935, 6513799
122
+ permission java.lang.RuntimePermission "getProtectionDomain";
123
+ permission com.sun.corba.ee.impl.presentation.rmi.DynamicAccessPermission "access";
124
+ permission java.util.PropertyPermission "*", "read,write";
125
+
126
+ permission java.lang.RuntimePermission "loadLibrary.*";
127
+ permission java.lang.RuntimePermission "queuePrintJob";
128
+ permission java.net.SocketPermission "*", "connect";
129
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write";
130
+
131
+ // work-around for pointbase bug 4864405
132
+ permission java.io.FilePermission "${com.sun.aas.instanceRoot}${/}lib${/}databases${/}-", "delete";
133
+ permission java.io.FilePermission "${java.io.tmpdir}${/}-", "delete";
134
+
135
+ permission java.util.PropertyPermission "*", "read";
136
+
137
+ permission java.lang.RuntimePermission "modifyThreadGroup";
138
+ permission java.lang.RuntimePermission "getClassLoader";
139
+ permission java.lang.RuntimePermission "setContextClassLoader";
140
+ permission javax.management.MBeanPermission "[com.sun.messaging.jms.*:*]", "*";
141
+ };
142
+
143
+
144
+ // Following grant block is only required by Connectors. If Connectors
145
+ // are not in use the recommendation is to remove this grant.
146
+ grant {
147
+ permission javax.security.auth.PrivateCredentialPermission "javax.resource.spi.security.PasswordCredential * \"*\"","read";
148
+ };
149
+
150
+ // Following grant block is only required for Reflection. If Reflection
151
+ // is not in use the recommendation is to remove this section.
152
+ grant {
153
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
154
+ };
155
+
156
+ // Permissions to invoke CORBA objects in server
157
+ grant {
158
+ permission com.sun.enterprise.security.CORBAObjectPermission "*", "*";
159
+ };
160
+
@@ -0,0 +1,40 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+
3
+ <!--
4
+ Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved.
5
+ Use is subject to license terms.
6
+ -->
7
+
8
+ <!--
9
+ Please remember to customize this file for your environment. The defaults for
10
+ following fields may not be appropriate.
11
+ - target-server name, address and port
12
+ - Property security.config in message-security-config
13
+ -->
14
+
15
+ <!DOCTYPE client-container PUBLIC "-//Sun Microsystems Inc.//DTD Application Server 8.0 Application Client Container//EN" "http://www.sun.com/software/appserver/dtds/sun-application-client-container_1_2.dtd">
16
+
17
+ <client-container>
18
+ <target-server name="laturbie.sfbay.sun.com" address="laturbie.sfbay.sun.com" port="3700"/>
19
+ <log-service file="" level="WARNING"/>
20
+ <message-security-config auth-layer="SOAP">
21
+ <!-- turned off by default -->
22
+ <provider-config class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-id="XWS_ClientProvider" provider-type="client">
23
+ <request-policy auth-source="content"/>
24
+ <response-policy auth-source="content"/>
25
+ <property name="encryption.key.alias" value="s1as"/>
26
+ <property name="signature.key.alias" value="s1as"/>
27
+ <property name="dynamic.username.password" value="false"/>
28
+ <property name="debug" value="false"/>
29
+ </provider-config>
30
+ <provider-config class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-id="ClientProvider" provider-type="client">
31
+ <request-policy auth-source="content"/>
32
+ <response-policy auth-source="content"/>
33
+ <property name="encryption.key.alias" value="s1as"/>
34
+ <property name="signature.key.alias" value="s1as"/>
35
+ <property name="dynamic.username.password" value="false"/>
36
+ <property name="debug" value="false"/>
37
+ <property name="security.config" value="/Users/dochez/java/cvs/v3/publish/lib/appclient/wss-client-config-1.0.xml"/>
38
+ </provider-config>
39
+ </message-security-config>
40
+ </client-container>
@@ -0,0 +1,86 @@
1
+ <!--
2
+ Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3
+ SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
4
+ -->
5
+ <!--
6
+ This server side config file pairs with wss-client-config-1.0.xml on the client
7
+ and supports the following UseCases:
8
+ Usecase 1: Authentication using Protected UsernameToken
9
+ Usecase 3: Encrypted UsernameToken and MessageBody
10
+ Usecase 4: Response Encryption Key Learnt from Incoming Message
11
+
12
+ Certificate Alias Information :
13
+ 1. A certificateAlias under the <xwss:Encrypt> element signifies the certificate
14
+ of the recipient of the message.
15
+ 2. A certificateAlias under the <xwss:Sign> element signifies the certificate of the
16
+ sender.
17
+
18
+ NOTE:
19
+
20
+ 1. the certificateAlias has the above meaning for all the Sign and Encrypt elements below
21
+ 2. there are several Sign and Encrypt elements below and similarly several RequireSignature and
22
+ RequireEncryption elements. Which of them would be actually used at runtime will depend on
23
+ the AuthPolicy passed to the module.
24
+
25
+ For Example : if Auth-Source=Sender then only the <xwss:UsernameToken> elements will be used
26
+ and none of the <xwss:Sign> elements will be used.
27
+ If Auth-Source=Content then the <xwss:Sign> element will be used
28
+
29
+ 3. The different variations of <xwss:Encrypt> elements in this configuration file are to accomodate
30
+ default encryption of the UsernameToken.
31
+
32
+ 4. The actual certificate alias to be used for any Signature operation can be modified during AuthModule
33
+ initialization by setting the alias as the value of "signature.key.alias" property in the Module Options Map.
34
+ 5. The actual certificate alias to be used for any Encrypt operation can be modified during AuthModule
35
+ initialization by setting the alias as the value of "encryption.key.alias" property in the Module Options Map.
36
+
37
+ 6. Debug Dumping of Messages can be enabled by setting the "debug" property in the Module Options Map to "true" during
38
+ AuthModule initialization.
39
+ 7. The Actual configuration file to be used by an Authmodule can be changed by setting the property "security.config" in
40
+ the Module Options Map to point to the configuration file location.
41
+ 8. When the "security.config" property is not set during module initialization then a client auth module will use wss-client-config-2.0.xml
42
+ by default.
43
+ 9. When the "security.config" property is not set during module initialization then a server auth module will use wss-server-config-2.0.xml
44
+ by default.
45
+
46
+ -->
47
+
48
+ <xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config"
49
+ dumpMessages="false">
50
+ <xwss:Timestamp/>
51
+ <xwss:RequireEncryption>
52
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
53
+ </xwss:RequireEncryption>
54
+ <xwss:RequireEncryption>
55
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
56
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
57
+ </xwss:RequireEncryption>
58
+ <xwss:RequireEncryption>
59
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
60
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
61
+ </xwss:RequireEncryption>
62
+ <xwss:RequireSignature>
63
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
64
+ </xwss:RequireSignature>
65
+ <xwss:RequireUsernameToken nonceRequired="false" passwordDigestRequired="false"/>
66
+ <xwss:Encrypt>
67
+ <xwss:X509Token certificateAlias="s1as"/>
68
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
69
+ </xwss:Encrypt>
70
+ <xwss:Encrypt>
71
+ <xwss:X509Token certificateAlias="s1as"/>
72
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
73
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
74
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
75
+ </xwss:Encrypt>
76
+ <xwss:Encrypt>
77
+ <xwss:X509Token certificateAlias="s1as"/>
78
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
79
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
80
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
81
+ </xwss:Encrypt>
82
+ <xwss:Sign>
83
+ <xwss:X509Token certificateAlias="s1as"/>
84
+ </xwss:Sign>
85
+ <xwss:UsernameToken digestPassword="false" useNonce="false"/>
86
+ </xwss:SecurityConfiguration>
@@ -0,0 +1,94 @@
1
+ <!--
2
+ Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3
+ SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
4
+ -->
5
+ <!--
6
+ This server side config file pairs with wss-client-config-2.0.xml on the client
7
+ and supports the following UseCases:
8
+ Usecase 2: Encrypted UsernameToken
9
+ Usecase 3: Encrypted UsernameToken and MessageBody
10
+ Usecase 4: Response Encryption Key Learnt from Incoming Message
11
+
12
+ Certificate Alias Information :
13
+ 1. A certificateAlias under the <xwss:Encrypt> element signifies the certificate
14
+ of the recipient of the message.
15
+ 2. A certificateAlias under the <xwss:Sign> element signifies the certificate of the
16
+ sender.
17
+
18
+ NOTE:
19
+
20
+ 1. the certificateAlias has the above meaning for all the Sign and Encrypt elements below
21
+ 2. there are several Sign and Encrypt elements below and similarly several RequireSignature and
22
+ RequireEncryption elements. Which of them would be actually used at runtime will depend on
23
+ the AuthPolicy passed to the module.
24
+
25
+ For Example : if Auth-Source=Sender then only the <xwss:UsernameToken> elements will be used
26
+ and none of the <xwss:Sign> elements will be used.
27
+ If Auth-Source=Content then the <xwss:Sign> element will be used
28
+
29
+ 3. The different variations of <xwss:Encrypt> elements in this configuration file are to accomodate
30
+ default encryption of the UsernameToken.
31
+
32
+ 4. The actual certificate alias to be used for any Signature operation can be modified during AuthModule
33
+ initialization by setting the alias as the value of "signature.key.alias" property in the Module Options Map.
34
+ 5. The actual certificate alias to be used for any Encrypt operation can be modified during AuthModule
35
+ initialization by setting the alias as the value of "encryption.key.alias" property in the Module Options Map.
36
+
37
+ 6. Debug Dumping of Messages can be enabled by setting the "debug" property in the Module Options Map to "true" during
38
+ AuthModule initialization.
39
+ 7. The Actual configuration file to be used by an Authmodule can be changed by setting the property "security.config" in
40
+ the Module Options Map to point to the configuration file location.
41
+ 8. When the "security.config" property is not set during module initialization then a client auth module will use wss-client-config-2.0.xml
42
+ by default.
43
+ 9. When the "security.config" property is not set during module initialization then a server auth module will use wss-server-config-2.0.xml
44
+ by default.
45
+
46
+ -->
47
+ <xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config"
48
+ dumpMessages="false">
49
+ <xwss:Timestamp/>
50
+ <xwss:Encrypt>
51
+ <xwss:X509Token certificateAlias="s1as"/>
52
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
53
+ </xwss:Encrypt>
54
+ <xwss:Encrypt>
55
+ <xwss:X509Token certificateAlias="s1as"/>
56
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
57
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
58
+ </xwss:Encrypt>
59
+ <xwss:Encrypt>
60
+ <xwss:X509Token certificateAlias="s1as"/>
61
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
62
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
63
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
64
+ </xwss:Encrypt>
65
+ <xwss:Encrypt>
66
+ <xwss:X509Token certificateAlias="s1as"/>
67
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
68
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
69
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
70
+ </xwss:Encrypt>
71
+ <xwss:Sign>
72
+ <xwss:X509Token certificateAlias="s1as"/>
73
+ </xwss:Sign>
74
+ <xwss:UsernameToken digestPassword="false" useNonce="true"/>
75
+
76
+ <xwss:RequireUsernameToken nonceRequired="true" passwordDigestRequired="false"/>
77
+ <xwss:RequireEncryption>
78
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
79
+ </xwss:RequireEncryption>
80
+ <xwss:RequireEncryption>
81
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
82
+ </xwss:RequireEncryption>
83
+ <xwss:RequireEncryption>
84
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
85
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
86
+ </xwss:RequireEncryption>
87
+ <xwss:RequireEncryption>
88
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
89
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
90
+ </xwss:RequireEncryption>
91
+ <xwss:RequireSignature>
92
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
93
+ </xwss:RequireSignature>
94
+ </xwss:SecurityConfiguration>
Binary file
@@ -0,0 +1,46 @@
1
+ <!--Arbortext, Inc., 1988-2007, v.4002-->
2
+ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
3
+ <html lang="en">
4
+ <!--
5
+ DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
6
+
7
+ Copyright 2008 Sun Microsystems, Inc. All rights reserved.
8
+
9
+ Use is subject to License Terms
10
+ -->
11
+ <head>
12
+ <style type="text/css"> body{margin-top:0} body,td,p,div,span,a,ul,ul li, ol, ol li, ol li b, dl,h1,h2,h3,h4,h5,h6,li { font-family:geneva,helvetica,arial,"lucida sans",sans-serif; font-size:10pt } h1 {font-size:18pt} h2 {font-size:14pt} h3 {font-size:12pt} code,kbd,tt,pre { font-family:monaco,courier,"courier new"; font-size:10pt; } li {padding-bottom: 8px} p.copy, p.copy a { font-family:geneva,helvetica,arial,"lucida sans",sans-serif; font-size:8pt } p.copy {text-align: center} table.grey1,tr.grey1,td.grey1{background:#f1f1f1} th { color:#ffffff; font-family:geneva,helvetica,arial,"lucida sans",sans-serif; font-size:12pt } td.insidehead { font-weight:bold; background:white; text-align: left; } a {text-decoration:none; color:#3E6B8A} a:visited{color:#917E9C} a:hover {text-decoration:underline}
13
+ </style>
14
+ <title>GlassFish v3 Application Server - Server Running</title>
15
+ </head>
16
+ <body bgcolor="#ffffff" text="#000000" link="#594fbf" vlink="#1005fb" alink="#333366"><br> <table width="100%" border="0" cellspacing="0" cellpadding="3">
17
+ <tbody>
18
+ <tr>
19
+ <td align="right" valign="top"> <a href="http://www.sun.com">sun.com</a> </td>
20
+ </tr>
21
+ <tr>
22
+ <td align="left" valign="top" bgcolor="#587993"> <font color="#ffffff">&nbsp;&nbsp;<b>GlassFish v3 Technology Preview 2</b></font> </td>
23
+ </tr>
24
+ </tbody>
25
+ </table> <h1>Your Application Server is now running</h1> <p>To replace this page, overwrite the file <code>index.html</code> in the default document root folder of this server. The default document root folder is located at <var>as-install</var><code>/domains/domain1/docroot</code>,
26
+ where <var>as-install</var> is the Application Server installation directory.</p>
27
+ <p>To manage the server, click <a href="/admin">here</a>.</p>
28
+ <h2>Register the Application Server with Sun Connection now</h2><p>Use the Admin Console to register the Application Server with <a href="http://www.sun.com/service/sunconnection/index.jsp" target=" blank">Sun Connection
29
+ </a> now. Registration is optional, but as a registered user you receive benefits such as:</p><ul>
30
+ <li>Patch information and bug updates</li>
31
+ <li>Screencasts and tutorials</li>
32
+ <li>News and events</li>
33
+ <li>Support and training offerings</li>
34
+ </ul><!--Get a Sun GlassFish Enterprise Server subscriptionTo benefit from powerful support for the commercial counterpart to GlassFish, the Sun GlassFish Enterprise Server, consider a Java System Application Server Subscription. This subscription provides a one-stop shop for products and services with immediate web access to software support with full indemnification, updates and upgrades, production and code support, training, and much more.--><h2>
35
+ Install and update additional software components</h2><p>Use the <a href="http://wiki.updatecenter.java.net/Wiki.jsp?page=GettingStarted" target=" blank">Update Tool</a> to install and update additional technologies and frameworks such as:<!--a href="https://open-esb.dev.java.net/" target=" blank"Open ESB a -->
36
+ </p><ul>
37
+ <li><a href="https://metro.dev.java.net/" target="blank">Metro</a></li>
38
+ <li><a href="https://jersey.dev.java.net/" target="blank">Jersey</a></li>
39
+ <li><a href="https://ajax.dev.java.net/" target=" blank">jMaki</a></li>
40
+ <li>JRuby runtime </li>
41
+ </ul><p>The Update Tool is developed through the <a href="http://wiki.updatecenter.java.net/" target="blank">Update Center</a> project.</p><p>To improve the user experience and optimize offerings to users, Sun collects data about <a
42
+ href="http://wiki.glassfish.java.net/gfwiki/Wiki.jsp?page=UsageMetrics" target=" blank">GlassFish usage</a> that is transmitted by the Update Center installer client as part of the automatic update processes. No personally identifiable information is collected by this process.</p><h2>Join the
43
+ GlassFish community</h2><p>Visit the <a href="http://java.sun.com/javaee/glassfish/" target=" blank">GlassFish Community</a> page for information about how to join the GlassFish community. The GlassFish community is developing a free, open source, production-quality, enterprise-class application
44
+ server that implements the newest features of the Java&trade; Platform, Enterprise Edition (Java EE) platform and related enterprise technologies.</p><h2>Learn more about the Application Server</h2><p>For more information about the Application Server, <!--samples, documentation, and additional resources,
45
+ see <var>as-install</var><code>/docs/about.html</code>, where <var>as-install</var> is the Application Server installation directory-->see the <a href="http://docs.sun.com/coll/1343.7" target="_blank">online product documentation</a>.</p><hr style="width: 80%; height: 2px;"> <p class="copy"><a href="http://www.sun.com/company/">Company Info</a> &nbsp;&nbsp;|&nbsp;&nbsp; <a
46
+ href="http://www.sun.com/contact/">Contact</a> &nbsp;&nbsp;|&nbsp;&nbsp; Copyright 2008 Sun Microsystems</p></body></html>
Binary file
@@ -0,0 +1,10 @@
1
+ /* Copyright 2004 Sun Microsystems, Inc. All rights reserved. */
2
+ /* SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */
3
+
4
+ default {
5
+ com.sun.enterprise.security.auth.login.ClientPasswordLoginModule required debug=false;
6
+ };
7
+
8
+ certificate {
9
+ com.sun.enterprise.security.auth.login.ClientCertificateLoginModule required debug=false;
10
+ };
@@ -0,0 +1,79 @@
1
+ //
2
+ // The contents of this file are subject to the terms
3
+ // of the Common Development and Distribution License
4
+ // (the "License"). You may not use this file except
5
+ // in compliance with the License.
6
+ //
7
+ // You can obtain a copy of the license at
8
+ // glassfish/bootstrap/legal/CDDLv1.0.txt or
9
+ // https://glassfish.dev.java.net/public/CDDLv1.0.html.
10
+ // See the License for the specific language governing
11
+ // permissions and limitations under the License.
12
+ //
13
+ // When distributing Covered Code, include this CDDL
14
+ // HEADER in each file and include the License file at
15
+ // glassfish/bootstrap/legal/CDDLv1.0.txt. If applicable,
16
+ // add the following below this CDDL HEADER, with the
17
+ // fields enclosed by brackets "[]" replaced with your
18
+ // own identifying information: Portions Copyright [yyyy]
19
+ // [name of copyright owner]
20
+ //
21
+
22
+ /* Copyright 2004 Sun Microsystems, Inc. All rights reserved. */
23
+ /* SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */
24
+
25
+ //core server classes get all permissions by default
26
+ grant codeBase "file:${com.sun.aas.installRoot}/lib/-" {
27
+ permission java.security.AllPermission;
28
+ };
29
+
30
+ //iMQ classes get all permissions by default
31
+ grant codeBase "file:${com.sun.aas.imqLib}/-" {
32
+ permission java.security.AllPermission;
33
+ };
34
+
35
+ // Standard extensions get all permissions by default
36
+ grant codeBase "file:${java.home}/lib/ext/-" {
37
+ permission java.security.AllPermission;
38
+ };
39
+
40
+ grant codeBase "file:${java.home}/../lib/tools.jar" {
41
+ permission java.security.AllPermission;
42
+ };
43
+
44
+
45
+
46
+ // default permissions granted to all domains
47
+ grant {
48
+ permission java.lang.RuntimePermission "loadLibrary.*";
49
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
50
+ permission java.lang.RuntimePermission "exitVM";
51
+ permission java.lang.RuntimePermission "queuePrintJob";
52
+ permission java.lang.RuntimePermission "modifyThreadGroup";
53
+
54
+ permission java.awt.AWTPermission "accessClipboard";
55
+ permission java.awt.AWTPermission "accessEventQueue";
56
+ permission java.awt.AWTPermission "showWindowWithoutWarningBanner";
57
+
58
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write";
59
+
60
+ permission java.net.SocketPermission "*", "connect,accept,resolve";
61
+ permission java.net.SocketPermission "localhost:1024-", "accept,listen";
62
+
63
+ // "standard" properies that can be read by anyone
64
+ permission java.util.PropertyPermission "*", "read";
65
+
66
+ // setting the JSSE provider for lazy authentication of app. clients.
67
+ // Please do not change it.
68
+ permission java.security.SecurityPermission "putProviderProperty.SunJSSE";
69
+ permission java.security.SecurityPermission "insertProvider.SunJSSE";
70
+
71
+ permission java.util.logging.LoggingPermission "control";
72
+ //permission java.lang.RuntimePermission "setSecurityManager";
73
+ };
74
+
75
+
76
+
77
+
78
+
79
+
@@ -0,0 +1,84 @@
1
+ <!--
2
+ Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3
+ SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
4
+ -->
5
+ <!--
6
+ This client side config file pairs with wss-server-config-1.0.xml on the server
7
+ and supports the following UseCases:
8
+ Usecase 1: Authentication by Protected UsernameToken
9
+ Usecase 3: Encrypted UsernameToken and MessageBody
10
+ Usecase 4: Response Encryption Key Learnt from Incoming Message
11
+
12
+ Certificate Alias Information :
13
+ 1. A certificateAlias under the <xwss:Encrypt> element signifies the certificate
14
+ of the recipient of the message.
15
+ 2. A certificateAlias under the <xwss:Sign> element signifies the certificate of the
16
+ sender.
17
+
18
+ NOTE:
19
+
20
+ 1. the certificateAlias has the above meaning for all the Sign and Encrypt elements below
21
+ 2. there are several Sign and Encrypt elements below and similarly several RequireSignature and
22
+ RequireEncryption elements. Which of them would be actually used at runtime will depend on
23
+ the AuthPolicy passed to the module.
24
+
25
+ For Example : if Auth-Source=Sender then only the <xwss:UsernameToken> elements will be used
26
+ and none of the <xwss:Sign> elements will be used.
27
+ If Auth-Source=Content then the <xwss:Sign> element will be used
28
+
29
+ 3. The different variations of <xwss:Encrypt> elements in this configuration file are to accomodate
30
+ default encryption of the UsernameToken.
31
+
32
+ 4. The actual certificate alias to be used for any Signature operation can be modified during AuthModule
33
+ initialization by setting the alias as the value of "signature.key.alias" property in the Module Options Map.
34
+ 5. The actual certificate alias to be used for any Encrypt operation can be modified during AuthModule
35
+ initialization by setting the alias as the value of "encryption.key.alias" property in the Module Options Map.
36
+
37
+ 6. Debug Dumping of Messages can be enabled by setting the "debug" property in the Module Options Map to "true" during
38
+ AuthModule initialization.
39
+ 7. The Actual configuration file to be used by an Authmodule can be changed by setting the property "security.config" in
40
+ the Module Options Map to point to the configuration file location.
41
+ 8. When the "security.config" property is not set during module initialization then a client auth module will use wss-client-config-2.0.xml
42
+ by default.
43
+ 9. When the "security.config" property is not set during module initialization then a server auth module will use wss-server-config-2.0.xml by default.
44
+ 10. The property "dynamic.username.password" when set during module initialization to "true" will signal the provider runtime to collect the username and password from the CallbackHandler for each request. When this property is set to "false" or if the property is not set then the username and password for wsse:UsernameToken(s) is collected once during Module Initialization.
45
+ -->
46
+
47
+ <xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config"
48
+ dumpMessages="false">
49
+ <xwss:Timestamp/>
50
+ <xwss:RequireUsernameToken nonceRequired="false" passwordDigestRequired="false"/>
51
+ <xwss:RequireEncryption>
52
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
53
+ </xwss:RequireEncryption>
54
+ <xwss:RequireEncryption>
55
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
56
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
57
+ </xwss:RequireEncryption>
58
+ <xwss:RequireEncryption>
59
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
60
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
61
+ </xwss:RequireEncryption>
62
+ <xwss:RequireSignature>
63
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
64
+ </xwss:RequireSignature>
65
+ <xwss:Encrypt>
66
+ <xwss:X509Token certificateAlias="s1as"/>
67
+ </xwss:Encrypt>
68
+ <xwss:Encrypt>
69
+ <xwss:X509Token certificateAlias="s1as"/>
70
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
71
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
72
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
73
+ </xwss:Encrypt>
74
+ <xwss:Encrypt>
75
+ <xwss:X509Token certificateAlias="s1as"/>
76
+ <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
77
+ <xwss:Target type="qname">SOAP-BODY</xwss:Target>
78
+ <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
79
+ </xwss:Encrypt>
80
+ <xwss:Sign>
81
+ <xwss:X509Token certificateAlias="s1as"/>
82
+ </xwss:Sign>
83
+ <xwss:UsernameToken digestPassword="false" useNonce="false"/>
84
+ </xwss:SecurityConfiguration>