You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/12/02 17:07:09 UTC

svn commit: r1209556 - in /webservices/wss4j/trunk/src: main/java/org/apache/ws/security/spnego/ test/java/org/apache/ws/security/message/token/

Author: coheigea
Date: Fri Dec  2 16:07:08 2011
New Revision: 1209556

URL: http://svn.apache.org/viewvc?rev=1209556&view=rev
Log:
[WSS-327] - Some reshuffling of the SPNEGO code.

Added:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java
      - copied, changed from r1208466, webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java
Removed:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java
Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java?rev=1209556&r1=1209555&r2=1209556&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoClientAction.java Fri Dec  2 16:07:08 2011
@@ -37,11 +37,19 @@ public class SpnegoClientAction implemen
     
     private String serviceName;
     private GSSContext secContext;
+    private boolean mutualAuth;
     
     public SpnegoClientAction(String serviceName) {
         this.serviceName = serviceName;
     }
     
+    /**
+     * Whether to enable mutual authentication or not.
+     */
+    public void setMutualAuth(boolean mutualAuthentication) {
+        mutualAuth = mutualAuthentication;
+    }
+    
     public byte[] run() {
         try {
             if (secContext == null) {
@@ -51,7 +59,7 @@ public class SpnegoClientAction implemen
                 GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
                 secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);
                 
-                secContext.requestMutualAuth(Boolean.FALSE);
+                secContext.requestMutualAuth(mutualAuth);
                 secContext.requestCredDeleg(Boolean.FALSE);
             }
         

Copied: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java (from r1208466, webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java?p2=webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java&p1=webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java&r1=1208466&r2=1209556&rev=1209556&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoToken.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/spnego/SpnegoTokenContext.java Fri Dec  2 16:07:08 2011
@@ -33,15 +33,16 @@ import org.ietf.jgss.GSSException;
 import org.ietf.jgss.MessageProp;
 
 /**
- * A class that wraps some functionality to obtain and validate spnego tokens.
+ * This class wraps a GSSContext and provides some functionality to obtain and validate spnego tokens.
  */
-public class SpnegoToken {
+public class SpnegoTokenContext {
     
     private static final org.apache.commons.logging.Log LOG = 
-        org.apache.commons.logging.LogFactory.getLog(SpnegoToken.class);
+        org.apache.commons.logging.LogFactory.getLog(SpnegoTokenContext.class);
     
     private GSSContext secContext;
     private byte[] token;
+    private boolean mutualAuth;
 
     /**
      * Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
@@ -91,6 +92,7 @@ public class SpnegoToken {
         
         // Get the service ticket
         SpnegoClientAction action = new SpnegoClientAction(serviceName);
+        action.setMutualAuth(mutualAuth);
         token = (byte[])Subject.doAs(clientSubject, action);
         if (token == null) {
             throw new WSSecurityException(
@@ -167,6 +169,13 @@ public class SpnegoToken {
         }
 
     }
+    
+    /**
+     * Whether to enable mutual authentication or not. This only applies to retrieve service ticket.
+     */
+    public void setMutualAuth(boolean mutualAuthentication) {
+        mutualAuth = mutualAuthentication;
+    }
 
     /**
      * Get the SPNEGO token that was created.
@@ -221,6 +230,7 @@ public class SpnegoToken {
     
     public void clear() {
         token = null;
+        mutualAuth = false;
         try {
             secContext.dispose();
         } catch (GSSException e) {

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java?rev=1209556&r1=1209555&r2=1209556&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/KerberosTest.java Fri Dec  2 16:07:08 2011
@@ -28,7 +28,7 @@ import org.apache.ws.security.common.SOA
 import org.apache.ws.security.message.WSSecEncrypt;
 import org.apache.ws.security.message.WSSecHeader;
 import org.apache.ws.security.message.WSSecSignature;
-import org.apache.ws.security.spnego.SpnegoToken;
+import org.apache.ws.security.spnego.SpnegoTokenContext;
 import org.apache.ws.security.util.Base64;
 import org.apache.ws.security.util.WSSecurityUtil;
 // import org.apache.ws.security.validate.KerberosTokenDecoderImpl;
@@ -117,13 +117,13 @@ public class KerberosTest extends org.ju
         WSSecHeader secHeader = new WSSecHeader();
         secHeader.insertSecurityHeader(doc);
         
-        SpnegoToken spnegoToken = new SpnegoToken();
+        SpnegoTokenContext spnegoToken = new SpnegoTokenContext();
         spnegoToken.retrieveServiceTicket("alice", null, "bob@service.ws.apache.org");
         
         byte[] token = spnegoToken.getToken();
         assertNotNull(token);
         
-        spnegoToken = new SpnegoToken();
+        spnegoToken = new SpnegoTokenContext();
         spnegoToken.validateServiceTicket("bob", null, "bob@service.ws.apache.org", token);
         assertTrue(spnegoToken.isEstablished());
     }