Tuesday Sep 21, 2010

Security annotations support in Sailfin CAFE

Recently we added security annotations support to CAFE on Sailfin. Though there is lot of work to be
done in this area, please give it a try.

@org.glassfish.cafe.api.security.LoginConfig
@org.glassfish.cafe.api.security.TransportProtected
@javax.annotation.security.RolesAllowed
@javax.annotation.security.DeclareRoles

JavaDocs can be found here

Here is musicstore sample bean annotated with security annotations. Though this eliminates the need for sip.xml for
security configuration, you still need to declare role to group or principal mapping in sun-sip.xml

Cafe Security Annotations

Sample security role mappings in sun-sip.xml

Security Role to Group mapping

Permanent link to this entry | Comments [0]

Thursday Jan 21, 2010

Metro performance comparision with Axis2

Its good to see Metro performance comparision (with and without security) against Axis2 from Dennis , please read his articleto find out more. Finally streaming security implementation from Metro team has payed off.

Wednesday Jan 06, 2010

Sun Diameter 1.0 now available on sunsolve

Sun Diameter Adapter is now available on SunSolve as a patch [No : 142949-01 ], this needs to be used with Sun GlassFish Communications Server 2.0 Patch01. Again you can find Sun Diameter documentation and release notes here

Friday Dec 18, 2009

Diameter documentation

Diameter documentation and release notes can be found here

Tuesday Apr 14, 2009

Support for Diameter Sh API in sailfin

Sailfin project will soon support Diameter protocol and will have API's to enable applications to use Sh,Ro,Rf functionality. As we progress towards providing Diameter support in Sailfin, we have released Sh API's to solicit your valuable feedback. In course of time we will publish API's for Ro and Rf applications too.

Javadocs for Sh API is published here. I will keep writing here on Sh API', to start with let us quickly look at a simple sample on how to use Sh API in a SIP Servlet.








public class RegisterServlet extends SipServlet {
     protected void doInvite(SipServletRequest req) throws ServletException, IOException {

      
       ProfileData data = readUserState(req.getSubscriberURI().toString());
       SipServletResponse resp = req.createResponse(180);
       req.setExpires(2000000);
       resp.send();
     }

     private ProfileData readUserState(String user) {
      try {
        InitialContext context = new InitialContext();
        //configuration of HSS server is configured using Sailfin Admin UI.
        UserProfileServer connectionFactory = (UserProfileServer) context.lookup("eis/SH");
        UserProfileConnection connection = connectionFactory.createConnection();
        // Configure Key specifying information to read.
        ReadProfileKey rpk = new ReadProfileKey();
        rpk.addDataReference(DataReference.IMS_USER_STATE);
        eg:"sip:bob-AT-open-ims-DOT-test"
        UserIdentity uID = new UserIdentity(user, UserIdentityType.PUBLIC_USER_ID);
        rpk.setUserIdentity(uID);
        //validate if the constructed key is correct and all information needed is provided.
        rpk.validate();
        //perform a read operation from HSS server in synchronous mode.
        UserProfileReadResponse urr = connection.read(rpk, false);
        ProfileData data = urr.getProfileData();
        //read the information as bytes,XMLStream or JAXBObject
        System.out.println("User Profile data is" + new String(data.toBytes()));
        return data;
      } catch (KeyValidationException ex) {
       Logger.getLogger(RegisterServlet.class.getName()).log(Level.SEVERE, null, ex);
      } catch (ConnectException ex) {
       Logger.getLogger(RegisterServlet.class.getName()).log(Level.SEVERE, null, ex);
      } catch (NamingException ex) {
       Logger.getLogger(RegisterServlet.class.getName()).log(Level.SEVERE, null, ex);
      }
      return null;
}
}

We encourage users to look at Javadocs and provide us feedback. Please write to us at dev-AT-sailfin.dev.java.net

Friday Jun 09, 2006

Webservices Security configuration using Netbeans

More and more emphasis on better Developer support has resulted in Webservices Security getting some focus on tools support. Jiandong,VB Kumar and myself did a technical session at JavaOne 2006 [ TS-3473 Building Secure and Trusted Web Services Using "Project Tango"] where we demonstrated Netbeans[TM] support, to configure webservices security. As the tools support was just out of the furnace, except to see more ease of use features and configuration support. Go here to get more information on Netbeans support for WSIT.

Netbeans helps developers to embed complex policy assertions into the wsdl just by few clicks of your mouse button , I am excited to see tools get better... more later.

Monday May 29, 2006

WSIT


WSIT is another initiative from SUN towards providing this world with an open and interoperable solutions. Web Services Interoperability Technology (WSIT) is an open-source implementation of next generation Web services technologies that deliver interoperability between Java EE and .Net to help users build, deploy, and maintain Composite Applications for their Service Oriented Architecture.It is focused on four main categories: Messaging, Metadata, Security, Policy and Quality-of-Service (QoS).

For several months engineers at SUN have been working closely with engineers at Microsoft and SUN has been participating in various interop events [1] to flush out issues and make WSIT one of the best products in its clan.

One of the important features of WSIT is Webservices security. Webservices security from SUN has been out there for a while now and recent release of XWSS 2.0 [2] has added support for more specifications and better performance to its credit. Webservices security in WSIT has gotten better than XWSS 2.0 with support for WSS 1.1 , WS-Trust , WS-Secureconversation and WS Security Policy.

After XWSS 2.0 got released I have been tracking WS-Security Policy specification and implementing the same , rearchitecting WS Security implementation to improve performance is another task of mine. It has been very challenging and exciting to work with WSIT team at SUN. Boy they do have Kick butt and have fun attitude :) . That's it for now guys, will provide more insight into WS Security Policy implementation and WS Security soon.

For information on Web Services Interoperability Technology (WSIT), please go to http://java.sun.com/webservices/interop. For more information on the open source project on java.net, please go to project page at wsit.dev.java.net.We encourage you to join the project, download, contribute and provide feedback.

[1] Blogs from Arun Gupta about SUN participating at interop events.(Nov 2005 and Mar 2006).
[2]https://xwss.dev.java.net/
[3]http://blogs.sun.com/roller/page/ashutosh?entry=xwss_2_0_on_java
[4]http://blogs.sun.com/roller/page/venu?entry=xwss_2_0_ea2_performance

Thursday Feb 02, 2006

XWSS 2.0 EA2 performance optimizations

As I mentioned XWSS 2.0 EA2 has significant performance improvements when compared to XWSS 1.X releases. Integration of JAXWS 2.0 and XWSS 2.0 is written to perform optimized security processing. XWSS 2.0 EA2 analyses supplied security configuration file to check what level of optimization can be performed. To take advantage of maximum level of optimization one must set optimize attribute on JAXRPCSecurity element to true.


<xwss:JAXRPCSecurity xmlns:xwss="http://java.sun.com/xml/ns/xwss/config" optimize="true">

<xwss:Service>

<xwss:SecurityConfiguration >

<xwss:Sign/>

....

....

</xwss:SecurityConfiguration>

</xwss:Service>


<xwss:SecurityEnvironmentHandler>

sample.SecurityEnvironmentHandler

</xwss:SecurityEnvironmentHandler>

</xwss:JAXRPCSecurity>


I have observed very good results for couple of message level security scenarios. If you are just doing UsernameToken authentication I would strongly recommend you to give it a try.

Let us know if you find any issues , we will try to fix them.


About

venu

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today