You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/07/12 21:15:13 UTC
svn commit: r1360863 - in
/webservices/wss4j/branches/swssf/streaming-ws-security/src/main:
java/org/swssf/wss/impl/processor/input/
java/org/swssf/wss/impl/processor/output/
java/org/swssf/wss/impl/resourceResolvers/ resources/wss/
Author: giger
Date: Thu Jul 12 19:15:13 2012
New Revision: 1360863
URL: http://svn.apache.org/viewvc?rev=1360863&view=rev
Log:
adapt changes in streaming-xml-sec in commit r1360861
Added:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverSameDocument.java (with props)
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverXPointer.java (with props)
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java?rev=1360863&r1=1360862&r2=1360863&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java Thu Jul 12 19:15:13 2012
@@ -22,31 +22,32 @@ import org.apache.jcs.JCS;
import org.apache.jcs.access.exception.CacheException;
import org.apache.jcs.engine.ElementAttributes;
import org.apache.xml.security.binding.excc14n.InclusiveNamespaces;
-import org.swssf.binding.wss10.TransformationParametersType;
import org.apache.xml.security.binding.xmldsig.CanonicalizationMethodType;
import org.apache.xml.security.binding.xmldsig.ReferenceType;
import org.apache.xml.security.binding.xmldsig.SignatureType;
import org.apache.xml.security.binding.xmldsig.TransformType;
-import org.swssf.wss.ext.*;
-import org.swssf.wss.impl.securityToken.SecurityTokenReference;
-import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
-import org.swssf.wss.securityEvent.TimestampSecurityEvent;
import org.apache.xml.security.stax.ext.*;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
-import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
import org.apache.xml.security.stax.impl.processor.input.AbstractSignatureReferenceVerifyInputProcessor;
import org.apache.xml.security.stax.securityEvent.AlgorithmSuiteSecurityEvent;
import org.apache.xml.security.stax.securityEvent.SignedElementSecurityEvent;
+import org.swssf.binding.wss10.TransformationParametersType;
+import org.swssf.wss.ext.*;
+import org.swssf.wss.impl.securityToken.SecurityTokenReference;
+import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
+import org.swssf.wss.securityEvent.TimestampSecurityEvent;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.events.Attribute;
+import java.io.OutputStream;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
+/**/
+
/**
* @author $Author$
* @version $Revision$ $Date$
@@ -146,10 +147,10 @@ public class WSSSignatureReferenceVerify
return super.processNextEvent(inputProcessorChain);
}
-
+
@Override
protected void processElementPath(List<QName> elementPath,
- InputProcessorChain inputProcessorChain, XMLSecEvent xmlSecEvent)
+ InputProcessorChain inputProcessorChain, XMLSecEvent xmlSecEvent)
throws XMLSecurityException {
//fire a SecurityEvent:
final DocumentContext documentContext = inputProcessorChain.getDocumentContext();
@@ -167,14 +168,14 @@ public class WSSSignatureReferenceVerify
((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(signedElementSecurityEvent);
}
}
-
+
@Override
protected InternalSignatureReferenceVerifier getSignatureReferenceVerifier(
XMLSecurityProperties securityProperties, InputProcessorChain inputProcessorChain,
ReferenceType referenceType, QName startElement) throws XMLSecurityException {
- return new InternalSignatureReferenceVerifier((WSSSecurityProperties)securityProperties,
- inputProcessorChain, referenceType,
- startElement);
+ return new InternalSignatureReferenceVerifier((WSSSecurityProperties) securityProperties,
+ inputProcessorChain, referenceType,
+ startElement);
}
private void detectReplayAttack(InputProcessorChain inputProcessorChain) throws WSSecurityException {
@@ -202,96 +203,87 @@ public class WSSSignatureReferenceVerify
}
@Override
- public Attribute getReferenceIDAttribute(XMLSecStartElement xmlSecStartElement) {
- Attribute attribute = xmlSecStartElement.getAttributeByName(WSSConstants.ATT_wsu_Id);
- if (attribute == null) {
- attribute = super.getReferenceIDAttribute(xmlSecStartElement);
- }
- return attribute;
- }
-
- class InternalSignatureReferenceVerifier extends AbstractSignatureReferenceVerifyInputProcessor.InternalSignatureReferenceVerifier {
+ protected Transformer buildTransformerChain(ReferenceType referenceType, OutputStream outputStream,
+ InputProcessorChain inputProcessorChain,
+ AbstractSignatureReferenceVerifyInputProcessor.InternalSignatureReferenceVerifier internalSignatureReferenceVerifier)
+ throws XMLSecurityException, XMLStreamException, NoSuchMethodException, InstantiationException,
+ IllegalAccessException, InvocationTargetException {
- InternalSignatureReferenceVerifier(WSSSecurityProperties securityProperties, InputProcessorChain inputProcessorChain,
- ReferenceType referenceType, QName startElementName) throws XMLSecurityException {
- super(securityProperties, inputProcessorChain, referenceType, startElementName);
- this.addAfterProcessor(WSSSignatureReferenceVerifyInputProcessor.class.getName());
+ if (referenceType.getTransforms() == null || referenceType.getTransforms().getTransform().size() == 0) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
}
+ List<TransformType> transformTypeList = referenceType.getTransforms().getTransform();
- protected void buildTransformerChain(ReferenceType referenceType, InputProcessorChain inputProcessorChain)
- throws XMLSecurityException, XMLStreamException, NoSuchMethodException, InstantiationException, IllegalAccessException, InvocationTargetException {
-
- if (referenceType.getTransforms() == null || referenceType.getTransforms().getTransform().size() == 0) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
- }
- List<TransformType> transformTypeList = referenceType.getTransforms().getTransform();
-
- String algorithm = null;
- Transformer parentTransformer = null;
- for (int i = transformTypeList.size() - 1; i >= 0; i--) {
- TransformType transformType = transformTypeList.get(i);
- TransformationParametersType transformationParametersType =
- XMLSecurityUtils.getQNameType(transformType.getContent(), WSSConstants.TAG_wsse_TransformationParameters);
- if (transformationParametersType != null) {
- CanonicalizationMethodType canonicalizationMethodType =
- XMLSecurityUtils.getQNameType(transformationParametersType.getAny(), WSSConstants.TAG_dsig_CanonicalizationMethod);
- if (canonicalizationMethodType != null) {
-
- InclusiveNamespaces inclusiveNamespacesType =
- XMLSecurityUtils.getQNameType(canonicalizationMethodType.getContent(), XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
- List<String> inclusiveNamespaces = inclusiveNamespacesType != null ? inclusiveNamespacesType.getPrefixList() : null;
- if (WSSConstants.SOAPMESSAGE_NS10_STRTransform.equals(transformType.getAlgorithm())) {
- if (inclusiveNamespaces == null) {
- inclusiveNamespaces = new ArrayList<String>(1);
- }
- inclusiveNamespaces.add("#default");
+ String algorithm = null;
+ Transformer parentTransformer = null;
+ for (int i = transformTypeList.size() - 1; i >= 0; i--) {
+ TransformType transformType = transformTypeList.get(i);
+ TransformationParametersType transformationParametersType =
+ XMLSecurityUtils.getQNameType(transformType.getContent(), WSSConstants.TAG_wsse_TransformationParameters);
+ if (transformationParametersType != null) {
+ CanonicalizationMethodType canonicalizationMethodType =
+ XMLSecurityUtils.getQNameType(transformationParametersType.getAny(), WSSConstants.TAG_dsig_CanonicalizationMethod);
+ if (canonicalizationMethodType != null) {
+
+ InclusiveNamespaces inclusiveNamespacesType =
+ XMLSecurityUtils.getQNameType(canonicalizationMethodType.getContent(), XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
+ List<String> inclusiveNamespaces = inclusiveNamespacesType != null ? inclusiveNamespacesType.getPrefixList() : null;
+ if (WSSConstants.SOAPMESSAGE_NS10_STRTransform.equals(transformType.getAlgorithm())) {
+ if (inclusiveNamespaces == null) {
+ inclusiveNamespaces = new ArrayList<String>(1);
}
- algorithm = canonicalizationMethodType.getAlgorithm();
- parentTransformer = WSSUtils.getTransformer(inclusiveNamespaces, this.getBufferedDigestOutputStream(), algorithm);
+ inclusiveNamespaces.add("#default");
}
- }
- algorithm = transformType.getAlgorithm();
- AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent();
- algorithmSuiteSecurityEvent.setAlgorithmURI(algorithm);
- algorithmSuiteSecurityEvent.setKeyUsage(WSSConstants.C14n);
- ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(algorithmSuiteSecurityEvent);
-
- InclusiveNamespaces inclusiveNamespacesType = XMLSecurityUtils.getQNameType(transformType.getContent(), XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
- List<String> inclusiveNamespaces = inclusiveNamespacesType != null ? inclusiveNamespacesType.getPrefixList() : null;
-
- if (parentTransformer != null) {
- parentTransformer = WSSUtils.getTransformer(parentTransformer, inclusiveNamespaces, algorithm);
- } else {
- parentTransformer = WSSUtils.getTransformer(inclusiveNamespaces, this.getBufferedDigestOutputStream(), algorithm);
+ algorithm = canonicalizationMethodType.getAlgorithm();
+ parentTransformer = WSSUtils.getTransformer(inclusiveNamespaces, outputStream, algorithm);
}
}
+ algorithm = transformType.getAlgorithm();
+ AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent();
+ algorithmSuiteSecurityEvent.setAlgorithmURI(algorithm);
+ algorithmSuiteSecurityEvent.setKeyUsage(WSSConstants.C14n);
+ ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(algorithmSuiteSecurityEvent);
- this.setTransformer(parentTransformer);
+ InclusiveNamespaces inclusiveNamespacesType = XMLSecurityUtils.getQNameType(transformType.getContent(), XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
+ List<String> inclusiveNamespaces = inclusiveNamespacesType != null ? inclusiveNamespacesType.getPrefixList() : null;
- if (WSSConstants.SOAPMESSAGE_NS10_STRTransform.equals(algorithm)) {
- SecurityTokenProvider securityTokenProvider = inputProcessorChain.getSecurityContext().getSecurityTokenProvider(XMLSecurityUtils.dropReferenceMarker(referenceType.getURI()));
- if (securityTokenProvider == null) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "noReference");
- }
- SecurityToken securityToken = securityTokenProvider.getSecurityToken();
- if (!(securityToken instanceof SecurityTokenReference)) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN);
- }
- SecurityTokenReference securityTokenReference = (SecurityTokenReference) securityToken;
- //todo analyse and fix me: the following statement could be problematic
- inputProcessorChain.getDocumentContext().setIsInSignedContent(inputProcessorChain.getProcessors().indexOf(this), this);
- this.setStartElement(securityTokenReference.getXmlSecEvents().getLast().asStartElement().getName());
- Iterator<XMLSecEvent> xmlSecEventIterator = securityTokenReference.getXmlSecEvents().descendingIterator();
- while (xmlSecEventIterator.hasNext()) {
- processEvent(xmlSecEventIterator.next(), inputProcessorChain);
- }
+ if (parentTransformer != null) {
+ parentTransformer = WSSUtils.getTransformer(parentTransformer, inclusiveNamespaces, algorithm);
+ } else {
+ parentTransformer = WSSUtils.getTransformer(inclusiveNamespaces, outputStream, algorithm);
}
}
- @Override
- protected void processEvent(XMLSecEvent xmlSecEvent, InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
- super.processEvent(xmlSecEvent, inputProcessorChain);
+ if (WSSConstants.SOAPMESSAGE_NS10_STRTransform.equals(algorithm)) {
+
+ internalSignatureReferenceVerifier.setTransformer(parentTransformer);
+
+ SecurityTokenProvider securityTokenProvider = inputProcessorChain.getSecurityContext().getSecurityTokenProvider(XMLSecurityUtils.dropReferenceMarker(referenceType.getURI()));
+ if (securityTokenProvider == null) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "noReference");
+ }
+ SecurityToken securityToken = securityTokenProvider.getSecurityToken();
+ if (!(securityToken instanceof SecurityTokenReference)) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN);
+ }
+ SecurityTokenReference securityTokenReference = (SecurityTokenReference) securityToken;
+ //todo analyse and fix me: the following statement could be problematic
+ inputProcessorChain.getDocumentContext().setIsInSignedContent(inputProcessorChain.getProcessors().indexOf(internalSignatureReferenceVerifier), internalSignatureReferenceVerifier);
+ internalSignatureReferenceVerifier.setStartElement(securityTokenReference.getXmlSecEvents().getLast().asStartElement().getName());
+ Iterator<XMLSecEvent> xmlSecEventIterator = securityTokenReference.getXmlSecEvents().descendingIterator();
+ while (xmlSecEventIterator.hasNext()) {
+ internalSignatureReferenceVerifier.processEvent(xmlSecEventIterator.next(), inputProcessorChain);
+ }
}
+ return parentTransformer;
}
+ class InternalSignatureReferenceVerifier extends AbstractSignatureReferenceVerifyInputProcessor.InternalSignatureReferenceVerifier {
+
+ InternalSignatureReferenceVerifier(WSSSecurityProperties securityProperties, InputProcessorChain inputProcessorChain,
+ ReferenceType referenceType, QName startElementName) throws XMLSecurityException {
+ super(securityProperties, inputProcessorChain, referenceType, startElementName);
+ this.addAfterProcessor(WSSSignatureReferenceVerifyInputProcessor.class.getName());
+ }
+ }
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java?rev=1360863&r1=1360862&r2=1360863&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java Thu Jul 12 19:15:13 2012
@@ -143,6 +143,7 @@ public class WSSSignatureEndingOutputPro
protected void createTransformsStructureForSignature(OutputProcessorChain subOutputProcessorChain, SignaturePartDef signaturePartDef) throws XMLStreamException, XMLSecurityException {
if (signaturePartDef.getTransformAlgo() != null) {
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms, false, null);
List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1);
attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, signaturePartDef.getTransformAlgo()));
createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform, false, attributes);
@@ -153,11 +154,14 @@ public class WSSSignatureEndingOutputPro
createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_CanonicalizationMethod);
createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_TransformationParameters);
createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform);
- } else {
+ createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms);
+ } else if (signaturePartDef.getC14nAlgo() != null) {
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms, false, null);
List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1);
attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, signaturePartDef.getC14nAlgo()));
createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform, false, attributes);
createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform);
+ createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms);
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java?rev=1360863&r1=1360862&r2=1360863&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java Thu Jul 12 19:15:13 2012
@@ -78,6 +78,7 @@ public class WSSSignatureOutputProcessor
try {
SignaturePartDef signaturePartDef = new SignaturePartDef();
if (securePart.getIdToSign() == null) {
+ signaturePartDef.setGenerateXPointer(securePart.isGenerateXPointer());
signaturePartDef.setSigRefId(IDGenerator.generateID(null));
signaturePartDef.setC14nAlgo(getSecurityProperties().getSignatureCanonicalizationAlgorithm());
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverSameDocument.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverSameDocument.java?rev=1360863&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverSameDocument.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverSameDocument.java Thu Jul 12 19:15:13 2012
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.wss.impl.resourceResolvers;
+
+import org.apache.xml.security.stax.ext.ResourceResolver;
+import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
+import org.swssf.wss.ext.WSSConstants;
+
+import javax.xml.stream.events.Attribute;
+
+/**
+ * @author $Author: $
+ * @version $Revision: $ $Date: $
+ */
+public class ResolverSameDocument extends org.apache.xml.security.stax.impl.resourceResolvers.ResolverSameDocument {
+
+ public ResolverSameDocument() {
+ super();
+ }
+
+ public ResolverSameDocument(String uri) {
+ super(uri);
+ }
+
+ @Override
+ public ResourceResolver newInstance(String uri) {
+ return new ResolverSameDocument(uri);
+ }
+
+ @Override
+ public boolean matches(XMLSecStartElement xmlSecStartElement) {
+ Attribute attribute = xmlSecStartElement.getAttributeByName(WSSConstants.ATT_wsu_Id);
+ if (attribute != null && attribute.getValue().equals(getId())) {
+ return true;
+ }
+ return super.matches(xmlSecStartElement);
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverSameDocument.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverXPointer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverXPointer.java?rev=1360863&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverXPointer.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverXPointer.java Thu Jul 12 19:15:13 2012
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.wss.impl.resourceResolvers;
+
+import org.apache.xml.security.stax.ext.ResourceResolver;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
+import org.swssf.wss.ext.WSSConstants;
+
+import javax.xml.stream.events.Attribute;
+
+/**
+ * @author $Author: $
+ * @version $Revision: $ $Date: $
+ */
+public class ResolverXPointer extends org.apache.xml.security.stax.impl.resourceResolvers.ResolverXPointer {
+
+ public ResolverXPointer() {
+ super();
+ }
+
+ public ResolverXPointer(String uri) {
+ super(uri);
+ }
+
+ @Override
+ public ResourceResolver newInstance(String uri) {
+ return new ResolverXPointer(uri);
+ }
+
+ @Override
+ public boolean matches(XMLSecStartElement xmlSecStartElement) {
+ //when id is null we have #xpointer(/) and then we just return true for the first start-element
+ if (getId() == null) {
+ if (!isRootNodeOccured()) {
+ setRootNodeOccured(true);
+ return true;
+ }
+ return false;
+ }
+ //case #xpointer(id('ID')):
+ Attribute attribute = xmlSecStartElement.getAttributeByName(WSSConstants.ATT_wsu_Id);
+ if (attribute != null && attribute.getValue().equals(getId())) {
+ return true;
+ }
+ return super.matches(xmlSecStartElement);
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/resourceResolvers/ResolverXPointer.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml?rev=1360863&r1=1360862&r2=1360863&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml Thu Jul 12 19:15:13 2012
@@ -59,7 +59,12 @@
<JCEAlgorithmMappings>
<xi:include href="security-config.xml" xpointer="xmlns(c=http://www.xmlsecurity.org/NS/configuration)xpointer(/c:Configuration/c:JCEAlgorithmMappings/c:Algorithm)"/>
</JCEAlgorithmMappings>
- <ResourceResolvers>
- <xi:include href="security-config.xml" xpointer="xmlns(c=http://www.xmlsecurity.org/NS/configuration)xpointer(/c:Configuration/c:ResourceResolvers/c:Resolver)"/>
- </ResourceResolvers>
+ <ResourceResolvers>
+ <Resolver JAVACLASS="org.swssf.wss.impl.resourceResolvers.ResolverSameDocument"
+ DESCRIPTION="A simple resolver for requests of same-document URIs"/>
+ <Resolver JAVACLASS="org.swssf.wss.impl.resourceResolvers.ResolverXPointer"
+ DESCRIPTION="A simple resolver for requests of XPointer fragents"/>
+ <xi:include href="security-config.xml"
+ xpointer="xmlns(c=http://www.xmlsecurity.org/NS/configuration)xpointer(/c:Configuration/c:ResourceResolvers/c:Resolver[@JAVACLASS!='org.apache.xml.security.stax.impl.resourceResolvers.ResolverSameDocument' and @JAVACLASS!='org.apache.xml.security.stax.impl.resourceResolvers.ResolverXPointer'])"/>
+ </ResourceResolvers>
</Configuration>