You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2008/09/22 18:33:14 UTC
svn commit: r697891 - in /webservices/wss4j/trunk:
src/org/apache/ws/security/saml/SAMLIssuerFactory.java src/saml3.properties
test/wssec/TestWSSecurityNewST2.java
Author: coheigea
Date: Mon Sep 22 09:33:14 2008
New Revision: 697891
URL: http://svn.apache.org/viewvc?rev=697891&view=rev
Log:
[WSS-121] - Applied patch to fix a bug in the default SAML issuer class value.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLIssuerFactory.java
webservices/wss4j/trunk/src/saml3.properties
webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLIssuerFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLIssuerFactory.java?rev=697891&r1=697890&r2=697891&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLIssuerFactory.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLIssuerFactory.java Mon Sep 22 09:33:14 2008
@@ -35,7 +35,7 @@
public abstract class SAMLIssuerFactory {
private static Log log = LogFactory.getLog(SAMLIssuerFactory.class);
private static final String defaultSAMLClassName =
- "org.apache.ws.security.saml.WSSSAMLIssuerImpl";
+ "org.apache.ws.security.saml.SAMLIssuerImpl";
/**
* getInstance
Modified: webservices/wss4j/trunk/src/saml3.properties
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/saml3.properties?rev=697891&r1=697890&r2=697891&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/saml3.properties (original)
+++ webservices/wss4j/trunk/src/saml3.properties Mon Sep 22 09:33:14 2008
@@ -1,4 +1,3 @@
-org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl
org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.properties
org.apache.ws.security.saml.issuer.key.name=16c73ab6-b892-458f-abf5-2f875f74882e
org.apache.ws.security.saml.issuer.key.password=security
Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java?rev=697891&r1=697890&r2=697891&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java (original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java Mon Sep 22 09:33:14 2008
@@ -138,7 +138,7 @@
*/
public void testSAMLSignedSenderVouches() throws Exception {
SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
- SAMLIssuer saml = SAMLIssuerFactory.getInstance("saml3.properties");
+ SAMLIssuer saml = SAMLIssuerFactory.getInstance("saml.properties");
SAMLAssertion assertion = saml.newAssertion();
@@ -162,7 +162,7 @@
* convert the resulting document into a message first. The toAxisMessage()
* method performs the necessary c14n call to properly set up the signed
* document and convert it into a SOAP message. Check that the contents can't
- * be read (cheching if we can find a specific substring). After that we extract it
+ * be read (checking if we can find a specific substring). After that we extract it
* as a document again for further processing.
*/
@@ -176,6 +176,53 @@
verify(signedDoc);
}
+
+
+ /**
+ * Test the default issuer class as specified in SAMLIssuerFactory. The configuration
+ * file "saml3.properties" has no "org.apache.ws.security.saml.issuerClass" property,
+ * and so the default value is used (A bad value was previously used for the default
+ * value).
+ */
+ public void testDefaultIssuerClass() throws Exception {
+ SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
+ SAMLIssuer saml = SAMLIssuerFactory.getInstance("saml3.properties");
+
+ SAMLAssertion assertion = saml.newAssertion();
+
+ String issuerKeyName = saml.getIssuerKeyName();
+ String issuerKeyPW = saml.getIssuerKeyPassword();
+ Crypto issuerCrypto = saml.getIssuerCrypto();
+ WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
+ wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+
+ log.info("Before SAMLSignedSenderVouches....");
+
+ Document doc = unsignedEnvelope.getAsDocument();
+
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ Document signedDoc = wsSign.build(doc, null, assertion, issuerCrypto, issuerKeyName, issuerKeyPW, secHeader);
+ log.info("After SAMLSignedSenderVouches....");
+
+ /*
+ * convert the resulting document into a message first. The toAxisMessage()
+ * method performs the necessary c14n call to properly set up the signed
+ * document and convert it into a SOAP message. Check that the contents can't
+ * be read (checking if we can find a specific substring). After that we extract it
+ * as a document again for further processing.
+ */
+
+ Message signedMsg = SOAPUtil.toAxisMessage(signedDoc);
+ if (log.isDebugEnabled()) {
+ log.debug("Signed SAML message (sender vouches):");
+ XMLUtils.PrettyElementToWriter(signedMsg.getSOAPEnvelope().getAsDOM(), new PrintWriter(System.out));
+ }
+ // String encryptedString = signedMsg.getSOAPPartAsString();
+ signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
+ verify(signedDoc);
+ }
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org