Hello World Secure Web Service Service Sample ============================================= This sample demonstrates an SCA service that uses a web service binding that is enabled for simple authentication using UseridToken and PasswordText The README in the samples directory (the directory above this) provides general instructions about building and running samples. Take a look there first. If you just want to run it to see what happens open a command prompt, navigate to this sample directory and do: ant run OR if you don't have ant, on Windows do java -cp ..\..\lib\tuscany-sca-manifest.jar;target\sample-helloworld-ws-service-secure.jar helloworld.HelloWorldServer and on *nix do java -cp ../../lib/tuscany-sca-manifest.jar:target/sample-helloworld-ws-service-secure.jar helloworld.HelloWorldServer Now the server is started you can use the helloworld-ws-reference-secure sample to exercise it. Sample Overview --------------- The sample provides a single component that is wired to a service with a web service binding. The service specifies a policy intent named 'authentication' which is fulfilled by a suitable policyset that is defined for the SCA Domain. Over the helloworld-ws-service sample, this sample demonstrate generally the use of policy intents and policy sets in Tuscany taking the specific instance of a security policy. Note : ------ The policies mentioned and supported are instances of Tuscany specified policies and not instnaces of WS-Policy. helloworld-ws-service-secure/ src/ main/ java/ helloworld/ HelloWorldService.java - interface description for HelloWorldServiceComponent HelloWorldImpl.java - component implementation HelloWorldServer.java - starts the SCA Runtime and deploys the helloworldws .composite and then waits for the service to be called via web services ServerPWCBHandler.java - callback handler to authenticate client userid and password. The handle(Callback[] callbacks) method of this class typically contains code for accessing user registries and retrieving passwords for user identifiers sent by the client and verifying them against the password sent by the client. For example here is where one could access LDAP registries to obtain or compare user identities and passwords. resources/ wsdl/ helloworld.wsdl - the service description that describes the exposed service helloworldws.composite - the SCA assembly for this sample definitions.xml - the SCA Definitions file that contains intents and policysets defined for the SCA Domain helloworld-ws-service-secure.png - a pictorial representation of the sample .composite file build.xml - the Ant build file pom.xml - the Maven build file Building And Running The Sample Using Ant ----------------------------------------- With the binary distribution the sample can be built and run using Ant using the following commands cd helloworld-ws-service-secure ant compile ant run You should see the following output from the run target. run: [java] 14-Jan-2008 14:22:07 org.apache.tuscany.sca.http.jetty.JettyServer a ddServletMapping [java] INFO: Added Servlet mapping: http://L3AW203:8085/HelloWorldService [java] 14-Jan-2008 14:22:07 org.apache.tuscany.sca.http.jetty.JettyServer a ddServletMapping [java] INFO: Added Servlet mapping: http://L3AW203:8085/HelloWorldWsPolicyS ervice [java] HelloWorld server started (press enter to shutdown) As this point the SCA service is exposed as a web service by a web server started automatically by the SCA runtime. The webservice requires clients to have security headers that carry userid tonken and password text. To stop the server just press enter. To exercise the service run up the helloworld-ws-reference-secure sample. Take a look at the README in that sample and you will see you need the following commands cd helloworld-ws-reference-secure ant run Building And Running The Sample Using Maven ------------------------------------------- With either the binary or source distributions the sample can be built and run using Maven as follows. When using Maven you don't need to run the helloworld- ws-reference-secure sample as Maven includes a simple ping test to make sure that the service is available cd helloworld-ws-service-secure mvn You should see the following output from the test phase. ------------------------------------------------------- T E S T S ------------------------------------------------------- Running helloworld.HelloWorldServerTestCase 14-Jan-2008 14:23:20 org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.10 14-Jan-2008 14:23:20 org.apache.catalina.startup.ContextConfig defaultWebConfig INFO: No default web.xml 14-Jan-2008 14:23:20 org.apache.catalina.startup.DigesterFactory register WARNING: Could not get url for /javax/servlet/jsp/resources/jsp_2_0.xsd 14-Jan-2008 14:23:20 org.apache.catalina.startup.DigesterFactory register WARNING: Could not get url for /javax/servlet/jsp/resources/web-jsptaglibrary_1_ 1.dtd 14-Jan-2008 14:23:20 org.apache.catalina.startup.DigesterFactory register WARNING: Could not get url for /javax/servlet/jsp/resources/web-jsptaglibrary_1_ 2.dtd 14-Jan-2008 14:23:20 org.apache.catalina.startup.DigesterFactory register WARNING: Could not get url for /javax/servlet/jsp/resources/web-jsptaglibrary_2_ 0.xsd 14-Jan-2008 14:23:20 org.apache.catalina.startup.DigesterFactory register WARNING: Could not get url for /javax/servlet/resources/j2ee_web_services_1_1.xs d 14-Jan-2008 14:23:21 org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-8085 14-Jan-2008 14:23:21 org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on http-8085 14-Jan-2008 14:23:21 org.apache.tuscany.sca.http.tomcat.TomcatServer addServletM apping INFO: Added Servlet mapping: http://L3AW203:8085/HelloWorldService 14-Jan-2008 14:23:21 org.apache.tuscany.sca.http.tomcat.TomcatServer addServletM apping INFO: Added Servlet mapping: http://L3AW203:8085/HelloWorldWsPolicyService 14-Jan-2008 14:23:21 org.apache.coyote.http11.Http11Protocol destroy INFO: Stopping Coyote HTTP/1.1 on http-8085 Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 5.734 sec This shows that the Junit test cases have run successfully.