You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by na...@apache.org on 2008/10/02 08:21:43 UTC
svn commit: r701011 -
/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
Author: nandana
Date: Wed Oct 1 23:21:43 2008
New Revision: 701011
URL: http://svn.apache.org/viewvc?rev=701011&view=rev
Log:
Trust13 related fixes
Modified:
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java?rev=701011&r1=701010&r2=701011&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java Wed Oct 1 23:21:43 2008
@@ -56,6 +56,7 @@
import org.apache.ws.secpolicy.model.AlgorithmSuite;
import org.apache.ws.secpolicy.model.Binding;
import org.apache.ws.secpolicy.model.Trust10;
+import org.apache.ws.secpolicy.model.Trust13;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityException;
@@ -82,6 +83,8 @@
private Options options;
private Trust10 trust10;
+
+ private Trust13 trust13;
private AlgorithmSuite algorithmSuite;
@@ -497,6 +500,10 @@
log.debug("Extracting Trust10 assertion from " +
"service policy");
this.trust10 = (Trust10) tempAssertion;
+ } else if (tempAssertion instanceof Trust13) {
+ log.debug("Extracting Trust13 assertion from " +
+ "service policy");
+ this.trust13 = (Trust13) tempAssertion;
}
}
}
@@ -553,7 +560,7 @@
// Handle entropy
if (this.trust10 != null) {
- log.debug("Processing Trust10 assertion");
+ log.debug("Processing Trust assertion");
if (this.trust10.isRequireClientEntropy()) {
@@ -576,9 +583,38 @@
// Add the ComputedKey element
TrustUtil.createComputedKeyAlgorithm(this.version, rst,
RahasConstants.COMPUTED_KEY_PSHA1);
+ }
+
+ } else if (this.trust13 != null) {
+
+ if (this.trust13.isRequireClientEntropy()) {
+
+ log.debug("Requires client entropy");
+
+ // setup requestor entropy
+ OMElement ent = TrustUtil.createEntropyElement(this.version, rst);
+ OMElement binSec =
+ TrustUtil.createBinarySecretElement(this.version,
+ ent,
+ RahasConstants.BIN_SEC_TYPE_NONCE);
+ this.requestorEntropy =
+ WSSecurityUtil.generateNonce(this.algorithmSuite.
+ getMaximumSymmetricKeyLength()/8);
+ binSec.setText(Base64.encode(this.requestorEntropy));
+
+ log.debug("Clien entropy : "
+ + Base64.encode(this.requestorEntropy));
+ // Add the ComputedKey element
+ TrustUtil.createComputedKeyAlgorithm(this.version, rst,
+ RahasConstants.COMPUTED_KEY_PSHA1);
}
+
}
+
+
+
+
} catch (Exception e) {
throw new TrustException("errorSettingUpRequestorEntropy", e);
}
@@ -607,8 +643,7 @@
Token token = store.getToken(tokenId);
- if ( token != null) {
-
+ if ( token != null) {
OMElement str = token.getUnattachedReference();
if (str == null) {
@@ -678,6 +713,16 @@
public void setTrust10(Trust10 trust10) {
this.trust10 = trust10;
}
+
+ /**
+ * Set this to set the entropy configurations.
+ * If this is provided in the given policy it will be overridden.
+ *
+ * @param trust13 The trust13 to set.
+ */
+ public void setTrust13(Trust13 trust13) {
+ this.trust13 = trust13;
+ }
/**
* This can be used in the case where the AlgorithmSuite is not specified in