You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ru...@apache.org on 2006/09/21 10:36:29 UTC
svn commit: r448491 - in /webservices/axis2/trunk/java/modules/security:
src/org/apache/rampart/builder/ src/org/apache/rampart/util/
test-resources/policy/ test/org/apache/rampart/
Author: ruchithf
Date: Thu Sep 21 01:36:28 2006
New Revision: 448491
URL: http://svn.apache.org/viewvc?view=rev&rev=448491
Log:
Adde a test scenario to test symm-encr-before-sig with derived keys
Added:
webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-asymm-binding-4-dk-ebs.xml
Modified:
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java
webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java?view=diff&rev=448491&r1=448490&r2=448491
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java Thu Sep 21 01:36:28 2006
@@ -111,15 +111,11 @@
RampartUtil.appendChildToSecHeader(rmd, bstElem);
}
- if (Constants.INCLUDE_ALWAYS.equals(encryptionToken
- .getInclusion())
- || Constants.INCLUDE_ONCE.equals(encryptionToken
- .getInclusion())) {
- // Add the EncryptedKey
- encrTokenElement = encrKey.getEncryptedKeyElement();
- RampartUtil.appendChildToSecHeader(rmd,
- encrTokenElement);
- }
+
+ // Add the EncryptedKey
+ encrTokenElement = encrKey.getEncryptedKeyElement();
+ this.encrTokenElement = RampartUtil.appendChildToSecHeader(rmd,
+ encrTokenElement);
// Create the DK encryption builder
dkEncr = new WSSecDKEncrypt();
@@ -129,8 +125,7 @@
dkEncr.prepare(doc);
// Get and add the DKT element
- encrDKTokenElem = dkEncr.getdktElement();
- RampartUtil.appendChildToSecHeader(rmd, encrDKTokenElem);
+ encrDKTokenElem = RampartUtil.appendChildToSecHeader(rmd, dkEncr.getdktElement());
refList = dkEncr.encryptForExternalRef(null, encrParts);
@@ -152,14 +147,10 @@
if (bstElem != null) {
RampartUtil.appendChildToSecHeader(rmd, bstElem);
}
- if (Constants.INCLUDE_ALWAYS.equals(encryptionToken
- .getInclusion())
- || Constants.INCLUDE_ONCE.equals(encryptionToken
- .getInclusion())) {
- encrTokenElement = encr.getEncryptedKeyElement();
- RampartUtil.appendChildToSecHeader(rmd,
- encrTokenElement);
- }
+
+ this.encrTokenElement = encr.getEncryptedKeyElement();
+ this.encrTokenElement = RampartUtil.appendChildToSecHeader(rmd,
+ encrTokenElement);
refList = encr.encryptForExternalRef(null, encrParts);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java?view=diff&rev=448491&r1=448490&r2=448491
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java Thu Sep 21 01:36:28 2006
@@ -49,6 +49,7 @@
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.util.Loader;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import javax.crypto.KeyGenerator;
import javax.security.auth.callback.Callback;
@@ -447,8 +448,9 @@
public static Element appendChildToSecHeader(RampartMessageData rmd,
Element elem) {
Element secHeaderElem = rmd.getSecHeader().getSecurityHeader();
- return (Element)secHeaderElem.appendChild(secHeaderElem.getOwnerDocument().importNode(
- elem, true));
+ Node node = secHeaderElem.getOwnerDocument().importNode(
+ elem, true);
+ return (Element)secHeaderElem.appendChild(node);
}
public static Element insertSiblingAfter(RampartMessageData rmd, Element child, Element sibling) {
Added: webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-asymm-binding-4-dk-ebs.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-asymm-binding-4-dk-ebs.xml?view=auto&rev=448491
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-asymm-binding-4-dk-ebs.xml (added)
+++ webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-asymm-binding-4-dk-ebs.xml Thu Sep 21 01:36:28 2006
@@ -0,0 +1,78 @@
+<wsp:Policy wsu:Id="6" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ <sp:RequireDerivedKeys />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ <sp:RequireDerivedKeys />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptBeforeSigning />
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.TestCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">interop/interop2.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">interop/interop2.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Modified: webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java?view=diff&rev=448491&r1=448490&r2=448491
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java (original)
+++ webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java Thu Sep 21 01:36:28 2006
@@ -208,6 +208,25 @@
}
}
+ public void testAsymmBindingWithDKEncrBeforeSig() {
+ try {
+ MessageContext ctx = getMsgCtx();
+
+ String policyXml = "test-resources/policy/rampart-asymm-binding-4-dk-ebs.xml";
+ Policy policy = this.loadPolicy(policyXml);
+
+ ctx.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
+
+ MessageBuilder builder = new MessageBuilder();
+ builder.build(ctx);
+
+ System.out.println(ctx.getEnvelope());
+ } catch (Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+ }
+ }
+
/**
* @throws XMLStreamException
* @throws FactoryConfigurationError
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org