You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/12/02 17:07:09 UTC
svn commit: r1209556 - in /webservices/wss4j/trunk/src:
main/java/org/apache/ws/security/spnego/
test/java/org/apache/ws/security/message/token/
Author: coheigea
Date: Fri Dec 2 16:07:08 2011
New Revision: 1209556
URL: http://svn.apache.org/viewvc?rev=1209556&view=rev
Log:
[WSS-327] - Some reshuffling of the SPNEGO code.
Added:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java
- copied, changed from r1208466, webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java
Removed:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java?rev=1209556&r1=1209555&r2=1209556&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java Fri Dec 2 16:07:08 2011
@@ -37,11 +37,19 @@ public class SpnegoClientAction implemen
private String serviceName;
private GSSContext secContext;
+ private boolean mutualAuth;
public SpnegoClientAction(String serviceName) {
this.serviceName = serviceName;
}
+ /**
+ * Whether to enable mutual authentication or not.
+ */
+ public void setMutualAuth(boolean mutualAuthentication) {
+ mutualAuth = mutualAuthentication;
+ }
+
public byte[] run() {
try {
if (secContext == null) {
@@ -51,7 +59,7 @@ public class SpnegoClientAction implemen
GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);
- secContext.requestMutualAuth(Boolean.FALSE);
+ secContext.requestMutualAuth(mutualAuth);
secContext.requestCredDeleg(Boolean.FALSE);
}
Copied: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java (from r1208466, webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java?p2=webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java&p1=webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java&r1=1208466&r2=1209556&rev=1209556&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java Fri Dec 2 16:07:08 2011
@@ -33,15 +33,16 @@ import org.ietf.jgss.GSSException;
import org.ietf.jgss.MessageProp;
/**
- * A class that wraps some functionality to obtain and validate spnego tokens.
+ * This class wraps a GSSContext and provides some functionality to obtain and validate spnego tokens.
*/
-public class SpnegoToken {
+public class SpnegoTokenContext {
private static final org.apache.commons.logging.Log LOG =
- org.apache.commons.logging.LogFactory.getLog(SpnegoToken.class);
+ org.apache.commons.logging.LogFactory.getLog(SpnegoTokenContext.class);
private GSSContext secContext;
private byte[] token;
+ private boolean mutualAuth;
/**
* Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
@@ -91,6 +92,7 @@ public class SpnegoToken {
// Get the service ticket
SpnegoClientAction action = new SpnegoClientAction(serviceName);
+ action.setMutualAuth(mutualAuth);
token = (byte[])Subject.doAs(clientSubject, action);
if (token == null) {
throw new WSSecurityException(
@@ -167,6 +169,13 @@ public class SpnegoToken {
}
}
+
+ /**
+ * Whether to enable mutual authentication or not. This only applies to retrieve service ticket.
+ */
+ public void setMutualAuth(boolean mutualAuthentication) {
+ mutualAuth = mutualAuthentication;
+ }
/**
* Get the SPNEGO token that was created.
@@ -221,6 +230,7 @@ public class SpnegoToken {
public void clear() {
token = null;
+ mutualAuth = false;
try {
secContext.dispose();
} catch (GSSException e) {
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java?rev=1209556&r1=1209555&r2=1209556&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java Fri Dec 2 16:07:08 2011
@@ -28,7 +28,7 @@ import org.apache.ws.security.common.SOA
import org.apache.ws.security.message.WSSecEncrypt;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecSignature;
-import org.apache.ws.security.spnego.SpnegoToken;
+import org.apache.ws.security.spnego.SpnegoTokenContext;
import org.apache.ws.security.util.Base64;
import org.apache.ws.security.util.WSSecurityUtil;
// import org.apache.ws.security.validate.KerberosTokenDecoderImpl;
@@ -117,13 +117,13 @@ public class KerberosTest extends org.ju
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
- SpnegoToken spnegoToken = new SpnegoToken();
+ SpnegoTokenContext spnegoToken = new SpnegoTokenContext();
spnegoToken.retrieveServiceTicket("alice", null, "bob@service.ws.apache.org");
byte[] token = spnegoToken.getToken();
assertNotNull(token);
- spnegoToken = new SpnegoToken();
+ spnegoToken = new SpnegoTokenContext();
spnegoToken.validateServiceTicket("bob", null, "bob@service.ws.apache.org", token);
assertTrue(spnegoToken.isEstablished());
}