You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/01/14 12:59:51 UTC
cxf git commit: Some updates from WSS4J
Repository: cxf
Updated Branches:
refs/heads/master 988fcce01 -> bceee342b
Some updates from WSS4J
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/bceee342
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/bceee342
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/bceee342
Branch: refs/heads/master
Commit: bceee342b32f3704ca75176d06067f90c6d3fbdc
Parents: 988fcce
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jan 14 11:57:59 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Jan 14 11:57:59 2016 +0000
----------------------------------------------------------------------
.../security/trust/STSStaxTokenValidator.java | 14 +++++++-------
.../security/wss4j/WSS4JStaxInInterceptor.java | 14 +++++++-------
.../cxf/ws/security/wss4j/WSS4JUtils.java | 2 +-
.../AbstractStaxBindingHandler.java | 20 ++++++++++----------
.../StaxAsymmetricBindingHandler.java | 4 ++--
.../StaxSymmetricBindingHandler.java | 4 ++--
6 files changed, 29 insertions(+), 29 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
index a51a6f1..b70fdcf 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
@@ -160,11 +160,11 @@ public class STSStaxTokenValidator
// If the UsernameToken is to be used for key derivation, the (1.1)
// spec says that it cannot contain a password, and it must contain
// an Iteration element
- final byte[] salt = XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_wsse11_Salt);
+ final byte[] salt = XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSSE11_SALT);
PasswordString passwordType =
- XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_wsse_Password);
+ XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSSE_PASSWORD);
final Long iteration =
- XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_wsse11_Iteration);
+ XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSSE11_ITERATION);
if (salt != null && (passwordType != null || iteration == null)) {
throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "badTokenType01");
}
@@ -206,7 +206,7 @@ public class STSStaxTokenValidator
final EncodedString encodedNonce =
XMLSecurityUtils.getQNameType(usernameTokenType.getAny(),
- WSSConstants.TAG_wsse_Nonce);
+ WSSConstants.TAG_WSSE_NONCE);
byte[] nonceVal = null;
if (encodedNonce != null && encodedNonce.getValue() != null) {
nonceVal = Base64.decodeBase64(encodedNonce.getValue());
@@ -214,7 +214,7 @@ public class STSStaxTokenValidator
final AttributedDateTime attributedDateTimeCreated =
XMLSecurityUtils.getQNameType(usernameTokenType.getAny(),
- WSSConstants.TAG_wsu_Created);
+ WSSConstants.TAG_WSU_CREATED);
String created = null;
if (attributedDateTimeCreated != null) {
@@ -492,7 +492,7 @@ public class STSStaxTokenValidator
x509PKIPathv1SecurityToken.setElementPath(tokenContext.getElementPath());
x509PKIPathv1SecurityToken.setXMLSecEvent(tokenContext.getFirstXMLSecEvent());
return x509PKIPathv1SecurityToken;
- } else if (WSSConstants.NS_GSS_Kerberos5_AP_REQ.equals(binarySecurityTokenType.getValueType())) {
+ } else if (WSSConstants.NS_GSS_KERBEROS5_AP_REQ.equals(binarySecurityTokenType.getValueType())) {
KerberosServiceSecurityTokenImpl kerberosServiceSecurityToken =
new KerberosServiceSecurityTokenImpl(
tokenContext.getWsSecurityContext(),
@@ -540,7 +540,7 @@ public class STSStaxTokenValidator
binarySecurity = new X509Security(doc);
} else if (WSSConstants.NS_X509PKIPathv1.equals(binarySecurityTokenType.getValueType())) {
binarySecurity = new PKIPathSecurity(doc);
- } else if (WSSConstants.NS_GSS_Kerberos5_AP_REQ.equals(binarySecurityTokenType.getValueType())) {
+ } else if (WSSConstants.NS_GSS_KERBEROS5_AP_REQ.equals(binarySecurityTokenType.getValueType())) {
binarySecurity = new KerberosSecurity(doc);
} else {
throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN);
http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
index 58a4955..b855505 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
@@ -368,15 +368,15 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor {
) throws WSSecurityException {
Validator validator = loadValidator(SecurityConstants.SAML1_TOKEN_VALIDATOR, message);
if (validator != null) {
- properties.addValidator(WSSConstants.TAG_saml_Assertion, validator);
+ properties.addValidator(WSSConstants.TAG_SAML_ASSERTION, validator);
}
validator = loadValidator(SecurityConstants.SAML2_TOKEN_VALIDATOR, message);
if (validator != null) {
- properties.addValidator(WSSConstants.TAG_saml2_Assertion, validator);
+ properties.addValidator(WSSConstants.TAG_SAML2_ASSERTION, validator);
}
validator = loadValidator(SecurityConstants.USERNAME_TOKEN_VALIDATOR, message);
if (validator != null) {
- properties.addValidator(WSSConstants.TAG_wsse_UsernameToken, validator);
+ properties.addValidator(WSSConstants.TAG_WSSE_USERNAME_TOKEN, validator);
}
validator = loadValidator(SecurityConstants.SIGNATURE_TOKEN_VALIDATOR, message);
if (validator != null) {
@@ -384,16 +384,16 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor {
}
validator = loadValidator(SecurityConstants.TIMESTAMP_TOKEN_VALIDATOR, message);
if (validator != null) {
- properties.addValidator(WSSConstants.TAG_wsu_Timestamp, validator);
+ properties.addValidator(WSSConstants.TAG_WSU_TIMESTAMP, validator);
}
validator = loadValidator(SecurityConstants.BST_TOKEN_VALIDATOR, message);
if (validator != null) {
- properties.addValidator(WSSConstants.TAG_wsse_BinarySecurityToken, validator);
+ properties.addValidator(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, validator);
}
validator = loadValidator(SecurityConstants.SCT_TOKEN_VALIDATOR, message);
if (validator != null) {
- properties.addValidator(WSSConstants.TAG_wsc0502_SecurityContextToken, validator);
- properties.addValidator(WSSConstants.TAG_wsc0512_SecurityContextToken, validator);
+ properties.addValidator(WSSConstants.TAG_WSC0502_SCT, validator);
+ properties.addValidator(WSSConstants.TAG_WSC0512_SCT, validator);
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
index b3f3dd4..f54680f 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
@@ -157,7 +157,7 @@ public final class WSS4JUtils {
if (securityToken.getTokenType() == WSSecurityTokenConstants.EncryptedKeyToken) {
cachedTok.setTokenType(WSSConstants.NS_WSS_ENC_KEY_VALUE_TYPE);
} else if (securityToken.getTokenType() == WSSecurityTokenConstants.KerberosToken) {
- cachedTok.setTokenType(WSSConstants.NS_GSS_Kerberos5_AP_REQ);
+ cachedTok.setTokenType(WSSConstants.NS_GSS_KERBEROS5_AP_REQ);
} else if (securityToken.getTokenType() == WSSecurityTokenConstants.Saml11Token) {
cachedTok.setTokenType(WSSConstants.NS_SAML11_TOKEN_PROFILE_TYPE);
} else if (securityToken.getTokenType() == WSSecurityTokenConstants.Saml20Token) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
index 779407a..4940b99 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
@@ -171,7 +171,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
}
}
- return new SecurePart(WSSConstants.TAG_wsse_UsernameToken, Modifier.Element);
+ return new SecurePart(WSSConstants.TAG_WSSE_USERNAME_TOKEN, Modifier.Element);
}
private static class UTCallbackHandler implements CallbackHandler {
@@ -265,7 +265,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
}
*/
- SecurePart securePart = new SecurePart(WSSConstants.TAG_wsse_BinarySecurityToken, Modifier.Element);
+ SecurePart securePart = new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element);
securePart.setIdToSign(wss4jToken.getId());
return securePart;
@@ -304,10 +304,10 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
}
properties.addAction(actionToPerform);
- QName qname = WSSConstants.TAG_saml2_Assertion;
+ QName qname = WSSConstants.TAG_SAML2_ASSERTION;
SamlTokenType tokenType = token.getSamlTokenType();
if (tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) {
- qname = WSSConstants.TAG_saml_Assertion;
+ qname = WSSConstants.TAG_SAML_ASSERTION;
}
return new SecurePart(qname, Modifier.Element);
@@ -362,9 +362,9 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
};
properties.setSamlCallbackHandler(callbackHandler);
- QName qname = WSSConstants.TAG_saml2_Assertion;
+ QName qname = WSSConstants.TAG_SAML2_ASSERTION;
if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) {
- qname = WSSConstants.TAG_saml_Assertion;
+ qname = WSSConstants.TAG_SAML_ASSERTION;
}
return new SecurePart(qname, Modifier.Element);
@@ -671,7 +671,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
configureSignature(token, false);
if (suppTokens.isEncryptedToken()) {
SecurePart part =
- new SecurePart(WSSConstants.TAG_wsse_BinarySecurityToken, Modifier.Element);
+ new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element);
encryptedTokensList.add(part);
}
ret.put(token, new SecurePart(WSSConstants.TAG_dsig_Signature, Modifier.Element));
@@ -777,8 +777,8 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
List<WSSConstants.Action> actionList = properties.getActions();
// Don't add a signed SAML Token as a part, as it will be automatically signed by WSS4J
- if (!((WSSConstants.TAG_saml_Assertion.equals(name)
- || WSSConstants.TAG_saml2_Assertion.equals(name))
+ if (!((WSSConstants.TAG_SAML_ASSERTION.equals(name)
+ || WSSConstants.TAG_SAML2_ASSERTION.equals(name))
&& actionList != null && actionList.contains(WSSConstants.SAML_TOKEN_SIGNED))) {
properties.addSignaturePart(part);
}
@@ -805,7 +805,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
if (sigParts != null) {
SecurePart securePart =
- new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element);
+ new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
sigParts.add(securePart);
}
signatureConfirmationAdded = true;
http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
index 771c5e2..1a9c6cf 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
@@ -191,7 +191,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
enc.add(part);
if (signatureConfirmationAdded) {
SecurePart securePart =
- new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element);
+ new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
enc.add(securePart);
}
assertPolicy(
@@ -303,7 +303,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
encrParts.add(part);
if (signatureConfirmationAdded) {
SecurePart securePart =
- new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element);
+ new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
encrParts.add(securePart);
}
assertPolicy(
http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
index aa4137f..9a42984 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
@@ -238,7 +238,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element);
encrParts.add(part);
if (signatureConfirmationAdded) {
- part = new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element);
+ part = new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
encrParts.add(part);
}
assertPolicy(
@@ -376,7 +376,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element);
enc.add(part);
if (signatureConfirmationAdded) {
- part = new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element);
+ part = new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
enc.add(part);
}
assertPolicy(