You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by ra...@apache.org on 2006/09/03 20:29:14 UTC
svn commit: r439820 - in /xml/security/trunk: ./
src/org/apache/xml/security/utils/
src_samples/org/apache/xml/security/samples/
src_unitTests/org/apache/xml/security/test/
src_unitTests/org/apache/xml/security/test/utils/
Author: raul
Date: Sun Sep 3 11:29:13 2006
New Revision: 439820
URL: http://svn.apache.org/viewvc?view=rev&rev=439820
Log:
Fixed bug 40360. Changed a little the way the IdResolver works when Document.getElementById fails.
Added:
xml/security/trunk/src_unitTests/org/apache/xml/security/test/utils/IdResolverTest.java
Modified:
xml/security/trunk/CHANGELOG.txt
xml/security/trunk/src/org/apache/xml/security/utils/IdResolver.java
xml/security/trunk/src_samples/org/apache/xml/security/samples/AxisSigner.java
xml/security/trunk/src_unitTests/org/apache/xml/security/test/ModuleTest.java
Modified: xml/security/trunk/CHANGELOG.txt
URL: http://svn.apache.org/viewvc/xml/security/trunk/CHANGELOG.txt?view=diff&rev=439820&r1=439819&r2=439820
==============================================================================
--- xml/security/trunk/CHANGELOG.txt (original)
+++ xml/security/trunk/CHANGELOG.txt Sun Sep 3 11:29:13 2006
@@ -1,7 +1,9 @@
Changelog for "Apache xml-security" <http://xml.apache.org/security/>
New in ...
Fixed bug 40290.
- Fixed bug 40298
+ Fixed bug 40298.
+ Fixed bug 40360. Changed a little the way the IdResolver works when
+ Document.getElementById fails.
New in v1.4beta2
Optimization in c14n in node-sets.
Modified: xml/security/trunk/src/org/apache/xml/security/utils/IdResolver.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/utils/IdResolver.java?view=diff&rev=439820&r1=439819&r2=439820
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/utils/IdResolver.java (original)
+++ xml/security/trunk/src/org/apache/xml/security/utils/IdResolver.java Sun Sep 3 11:29:13 2006
@@ -16,15 +16,16 @@
*/
package org.apache.xml.security.utils;
+import java.lang.ref.WeakReference;
+import java.util.Arrays;
+import java.util.WeakHashMap;
+
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
-import java.util.Arrays;
-import java.util.WeakHashMap;
-import java.lang.ref.WeakReference;
-
/**
* Purpose of this class is to enable the XML Parser to keep track of ID
@@ -172,7 +173,7 @@
private static Element getElementBySearching(Node root,String id) {
Element []els=new Element[6];
- getElementBySearching(root,id,els);
+ getEl(root,id,els);
for (int i=0;i<els.length;i++) {
if (els[i]!=null) {
return els[i];
@@ -181,50 +182,93 @@
return null;
}
- private static int getElementBySearching(Node root,String id,Element []els) {
- switch (root.getNodeType()) {
- case Node.ELEMENT_NODE:
- Element el=(Element)root;
- if (el.hasAttributes()) {
- int index=names.indexOf(el.getNamespaceURI());
- if (index<0) {
- index=5;
- }
- if (el.getAttribute("Id").equals(id)) {
- els[index]=el;
- if (index==0) {
- return 1;
- }
- } else if ( el.getAttribute("id").equals(id) ) {
- if (index!=2) {
- index=5;
+ private static int getEl(Node currentNode,String id,Element []els) {
+ Node sibling=null;
+ Node parentNode=null;
+ do {
+ switch (currentNode.getNodeType()) {
+ case Node.DOCUMENT_FRAGMENT_NODE :
+ case Node.DOCUMENT_NODE :
+ sibling= currentNode.getFirstChild();
+ break;
+
+
+ case Node.ELEMENT_NODE :
+ Element currentElement = (Element) currentNode;
+ if (isElement(currentElement, id, els)==1)
+ return 1;
+ sibling= currentNode.getFirstChild();
+ if (sibling==null) {
+ if (parentNode != null) {
+ sibling= currentNode.getNextSibling();
+ }
+ } else {
+ parentNode=currentElement;
+ }
+ break;
+ } while (sibling==null && parentNode!=null) {
+ sibling=parentNode.getNextSibling();
+ parentNode=parentNode.getParentNode();
+ if (!(parentNode instanceof Element)) {
+ parentNode=null;
+ }
+ }
+ if (sibling==null)
+ return 1;
+ currentNode=sibling;
+ sibling=currentNode.getNextSibling();
+ } while(true);
+
+ }
+ public static int isElement(Element el, String id,Element[] els) {
+ if (!el.hasAttributes()) {
+ return 0;
+ }
+ NamedNodeMap ns=el.getAttributes();
+ int elementIndex=names.indexOf(el.getNamespaceURI());
+ elementIndex=(elementIndex<0) ? 5 : elementIndex;
+ for (int length=ns.getLength(), i=0; i<length; i++) {
+ Attr n=(Attr)ns.item(i);
+ String s=n.getNamespaceURI();
+
+ int index=s==null ? elementIndex : names.indexOf(n.getNamespaceURI());
+ index=(index<0) ? 5 : index;
+ String name=n.getLocalName();
+ if (name.length()>2)
+ continue;
+ String value=n.getNodeValue();
+ if (name.charAt(0)=='I') {
+ char ch=name.charAt(1);
+ if (ch=='d' && value.equals(id)) {
+ els[index]=el;
+ if (index==0) {
+ return 1;
+ }
+ } else if (ch=='D' &&value.endsWith(id)) {
+ if (index!=3) {
+ index=5;
+ }
+ els[index]=el;
+ }
+ } else if ( n.getLocalName().equals("id") && value.equals(id) ) {
+ if (index!=2) {
+ index=5;
}
els[index]=el;
- } else if ( el.getAttribute("ID").equals(id) ) {
- if (index!=3) {
- index=5;
- }
- els[index]=el;
- } else if ((index==3)&&(
- el.getAttribute("OriginalRequestID").equals(id) ||
- el.getAttribute("RequestID").equals(id) ||
- el.getAttribute("ResponseID").equals(id))) {
- els[3]=el;
- } else if ((index==4)&&(
- el.getAttribute("AssertionID").equals(id) ||
- el.getAttribute("RequestID").equals(id) ||
- el.getAttribute("ResponseID").equals(id))) {
- els[4]=el;
- }
- }
- case Node.DOCUMENT_NODE:
- Node sibling=root.getFirstChild();
- while (sibling!=null) {
- if (getElementBySearching(sibling,id,els)==1)
- return 1;
- sibling=sibling.getNextSibling();
- }
- }
- return 0;
+ }
+ }
+ //For an element namespace search for importants
+ if ((elementIndex==3)&&(
+ el.getAttribute("OriginalRequestID").equals(id) ||
+ el.getAttribute("RequestID").equals(id) ||
+ el.getAttribute("ResponseID").equals(id))) {
+ els[3]=el;
+ } else if ((elementIndex==4)&&(
+ el.getAttribute("AssertionID").equals(id) ||
+ el.getAttribute("RequestID").equals(id) ||
+ el.getAttribute("ResponseID").equals(id))) {
+ els[4]=el;
+ }
+ return 0;
}
}
Modified: xml/security/trunk/src_samples/org/apache/xml/security/samples/AxisSigner.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src_samples/org/apache/xml/security/samples/AxisSigner.java?view=diff&rev=439820&r1=439819&r2=439820
==============================================================================
--- xml/security/trunk/src_samples/org/apache/xml/security/samples/AxisSigner.java (original)
+++ xml/security/trunk/src_samples/org/apache/xml/security/samples/AxisSigner.java Sun Sep 3 11:29:13 2006
@@ -100,6 +100,7 @@
bodyElem.setAttributeNS(SOAPSECNS, "SOAP-SEC:id", "Body");
+ bodyElem.setIdAttributeNS(SOAPSECNS, "id", true);
Element soapSignatureElem = doc.createElementNS(SOAPSECNS, "SOAP-SEC:Signature");
Modified: xml/security/trunk/src_unitTests/org/apache/xml/security/test/ModuleTest.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src_unitTests/org/apache/xml/security/test/ModuleTest.java?view=diff&rev=439820&r1=439819&r2=439820
==============================================================================
--- xml/security/trunk/src_unitTests/org/apache/xml/security/test/ModuleTest.java (original)
+++ xml/security/trunk/src_unitTests/org/apache/xml/security/test/ModuleTest.java Sun Sep 3 11:29:13 2006
@@ -16,15 +16,14 @@
*/
package org.apache.xml.security.test;
-import org.apache.xml.security.c14n.implementations.NameSpaceSymbTableTest;
-import org.apache.xml.security.c14n.implementations.UtfHelperTest;
-import org.apache.xml.security.c14n.implementations.UtfHelpper;
-import org.apache.xml.security.test.transforms.implementations.Xpath2TransformationTest;
-
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
+import org.apache.xml.security.c14n.implementations.NameSpaceSymbTableTest;
+import org.apache.xml.security.c14n.implementations.UtfHelperTest;
+import org.apache.xml.security.test.transforms.implementations.Xpath2TransformationTest;
+
public class ModuleTest extends TestCase {
@@ -57,6 +56,7 @@
suite.addTest(org.apache.xml.security.test.signature.UnknownAlgoSignatureTest.suite());
suite.addTest(org.apache.xml.security.test.transforms.implementations.TransformBase64DecodeTest.suite());
suite.addTest(org.apache.xml.security.test.utils.Base64Test.suite());
+ suite.addTest(org.apache.xml.security.test.utils.IdResolverTest.suite());
suite.addTest(NameSpaceSymbTableTest.suite());
suite.addTest(UtfHelperTest.suite());
suite.addTest(Xpath2TransformationTest.suite());
Added: xml/security/trunk/src_unitTests/org/apache/xml/security/test/utils/IdResolverTest.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src_unitTests/org/apache/xml/security/test/utils/IdResolverTest.java?view=auto&rev=439820
==============================================================================
--- xml/security/trunk/src_unitTests/org/apache/xml/security/test/utils/IdResolverTest.java (added)
+++ xml/security/trunk/src_unitTests/org/apache/xml/security/test/utils/IdResolverTest.java Sun Sep 3 11:29:13 2006
@@ -0,0 +1,55 @@
+package org.apache.xml.security.test.utils;
+
+import java.io.ByteArrayInputStream;
+
+import javax.xml.parsers.DocumentBuilderFactory;
+
+import org.apache.xml.security.utils.IdResolver;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+public class IdResolverTest extends TestCase {
+ public static Test suite() {
+ return new TestSuite(IdResolverTest.class);
+ }
+ public void testIdSoap() throws Exception {
+ String s="<env:Envelope xmlns:SOAP-SEC=\"http://schemas.xmlsoap.org/soap/security/2000-12\" xmlns:env=\"http://www.w3.org/2001/12/soap-envelope\" actor=\"some-uri\" mustUnderstand=\"1\">\r\n" +
+ "<env:Header><SOAP-SEC:Signature>xxxx</SOAP-SEC:Signature></env:Header>\r\n" +
+ "<env:Body SOAP-SEC:id=\"Body\">This is signed together with it\'s Body ancestor</env:Body>\r\n" +
+ "</env:Envelope>";
+ DocumentBuilderFactory dbf=DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ Document doc=dbf.newDocumentBuilder().parse(new ByteArrayInputStream(s.getBytes()));
+ Element el=IdResolver.getElementById(doc, "Body");
+ assertNotNull(el);
+ assertEquals("Body",el.getLocalName());
+ }
+ public void testIdWithOtherIdSoap() throws Exception {
+ String s="<env:Envelope xmlns:SOAP-SEC=\"http://schemas.xmlsoap.org/soap/security/2000-12\" xmlns:env=\"http://www.w3.org/2001/12/soap-envelope\" actor=\"some-uri\" mustUnderstand=\"1\">\r\n" +
+ "<env:Header><SOAP-SEC:Signature>xxxx</SOAP-SEC:Signature></env:Header>\r\n" +
+ "<a id=\"Body\"/><env:Body SOAP-SEC:id=\"Body\">This is signed together with it\'s Body ancestor</env:Body>\r\n" +
+ "</env:Envelope>";
+ DocumentBuilderFactory dbf=DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ Document doc=dbf.newDocumentBuilder().parse(new ByteArrayInputStream(s.getBytes()));
+ Element el=IdResolver.getElementById(doc, "Body");
+ assertNotNull(el);
+ assertEquals("Body",el.getLocalName());
+ }
+ public void testANoId() throws Exception {
+ String s="<env:Envelope xmlns:SOAP-SEC=\"http://schemas.xmlsoap.org/soap/security/2000-12\" xmlns:env=\"http://www.w3.org/2001/12/soap-envelope\" actor=\"some-uri\" mustUnderstand=\"1\">\r\n" +
+ "<env:Header><SOAP-SEC:Signature>xxxx</SOAP-SEC:Signature></env:Header>\r\n" +
+ "<a id=\"Body\"/>" +
+ "</env:Envelope>";
+ DocumentBuilderFactory dbf=DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ Document doc=dbf.newDocumentBuilder().parse(new ByteArrayInputStream(s.getBytes()));
+ Element el=IdResolver.getElementById(doc, "Body");
+ assertNotNull(el);
+ assertEquals("a",el.getLocalName());
+ }
+}