You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ru...@apache.org on 2006/09/28 00:09:37 UTC
svn commit: r450598 - in /webservices/axis2/trunk/java/modules:
addressing/src/org/apache/axis2/addressing/
addressing/src/org/apache/axis2/handlers/addressing/
addressing/test/org/apache/axis2/addressing/
integration/test-resources/rampart/ integratio...
Author: ruchithf
Date: Wed Sep 27 15:09:34 2006
New Revision: 450598
URL: http://svn.apache.org/viewvc?view=rev&rev=450598
Log:
1.) Updated SymmetricBindingBuilder to aviod signing the Timestamp twice
2.) Use the parent's om factory to create child elements in the AddressingOuthandler and updated the usages
3.) Added missing constants in RahasConstants
4.) Updated SimpleTokenStorage to check the attached ref and unattached ref when returning tokens on getToken(id)
5.) TokenCalcellerImpl
- When obtaining a token using an id referenced in a wsse:Reference element's URI attr make sure we use the id value
- Aviod cyclic element attachment
6.) Updated the services.xmls of rampart policy integration test cases to engage addressing.
7.) TrustUtil - Request type is same for any cancel request
8.) Updated the security inflow handlers to set the OM impl to LLOM after security processing
And ... got ws-trust cancel binding of sec conv working :-)
Modified:
webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/addressing/EndpointReferenceHelper.java
webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/handlers/addressing/AddressingOutHandler.java
webservices/axis2/trunk/java/modules/addressing/test/org/apache/axis2/addressing/EndpointReferenceHelperTest.java
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-1.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-2.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-3.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-4.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-5.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-6.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-7.xml
webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-sc-1.xml
webservices/axis2/trunk/java/modules/integration/test/org/apache/rampart/RampartTest.java
webservices/axis2/trunk/java/modules/rahas/src/META-INF/module.xml
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/SimpleTokenStore.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcherConfig.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/TokenCancelerImpl.java
webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/EventingMessageReceiverDeligater.java
webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/client/EventingClient.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/TokenCallbackHandler.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/Axis2Util.java
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java
webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTestBase.java
Modified: webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/addressing/EndpointReferenceHelper.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/addressing/EndpointReferenceHelper.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/addressing/EndpointReferenceHelper.java (original)
+++ webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/addressing/EndpointReferenceHelper.java Wed Sep 27 15:09:34 2006
@@ -157,8 +157,7 @@
* @return
* @throws AxisFault
*/
- public static OMElement toOM(EndpointReference epr, QName qname, String addressingNamespace) throws AxisFault {
- OMFactory fac = OMAbstractFactory.getOMFactory();
+ public static OMElement toOM(OMFactory fac, EndpointReference epr, QName qname, String addressingNamespace) throws AxisFault {
OMElement eprElement = null;
if (log.isDebugEnabled()) {
Modified: webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/handlers/addressing/AddressingOutHandler.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/handlers/addressing/AddressingOutHandler.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/handlers/addressing/AddressingOutHandler.java (original)
+++ webservices/axis2/trunk/java/modules/addressing/src/org/apache/axis2/handlers/addressing/AddressingOutHandler.java Wed Sep 27 15:09:34 2006
@@ -264,7 +264,9 @@
epr.setAddress(anonymous);
}
- OMElement soapHeaderBlock = EndpointReferenceHelper.toOM(epr, new QName(namespace, headerName, prefix), namespace);
+ OMElement soapHeaderBlock = EndpointReferenceHelper.toOM(envelope.getOMFactory(),
+ epr,
+ new QName(namespace, headerName, prefix), namespace);
envelope.getHeader().addChild(soapHeaderBlock);
}
Modified: webservices/axis2/trunk/java/modules/addressing/test/org/apache/axis2/addressing/EndpointReferenceHelperTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/addressing/test/org/apache/axis2/addressing/EndpointReferenceHelperTest.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/addressing/test/org/apache/axis2/addressing/EndpointReferenceHelperTest.java (original)
+++ webservices/axis2/trunk/java/modules/addressing/test/org/apache/axis2/addressing/EndpointReferenceHelperTest.java Wed Sep 27 15:09:34 2006
@@ -55,7 +55,7 @@
epr.addReferenceParameter(rp1Qname,"rp1");
epr.addReferenceParameter(rp2Qname,"rp2");
- OMElement om = EndpointReferenceHelper.toOM(epr, new QName("http://nsurl","localName","prefix"), AddressingConstants.Final.WSA_NAMESPACE);
+ OMElement om = EndpointReferenceHelper.toOM(omf, epr, new QName("http://nsurl","localName","prefix"), AddressingConstants.Final.WSA_NAMESPACE);
//Test deserialize using fromOM(OMElement)
EndpointReference deser = EndpointReferenceHelper.fromOM(om);
@@ -133,7 +133,7 @@
epr.addReferenceParameter(rp1Qname,"rp1");
epr.addReferenceParameter(rp2Qname,"rp2");
- OMElement om = EndpointReferenceHelper.toOM(epr, new QName("http://nsurl","localName","prefix"), AddressingConstants.Submission.WSA_NAMESPACE);
+ OMElement om = EndpointReferenceHelper.toOM(omf, epr, new QName("http://nsurl","localName","prefix"), AddressingConstants.Submission.WSA_NAMESPACE);
//Add some reference properties.
QName p1Qname = new QName("http://p1uri","refProp1","p1prefix");
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-1.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-1.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-1.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-1.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-2.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-2.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-2.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-2.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-3.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-3.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-3.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-3.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-4.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-4.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-4.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-4.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-5.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-5.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-5.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-5.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-6.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-6.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-6.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-6.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-7.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-7.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-7.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-7.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-sc-1.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-sc-1.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-sc-1.xml (original)
+++ webservices/axis2/trunk/java/modules/integration/test-resources/rampart/services-sc-1.xml Wed Sep 27 15:09:34 2006
@@ -1,5 +1,6 @@
<service name="SecureService">
+ <module ref="addressing"/>
<module ref="rampart"/>
<module ref="rahas"/>
@@ -191,7 +192,13 @@
<parameter name="sct-issuer-config">
<sct-issuer-config>
- <cryptoProperties>sctIssuer.properties</cryptoProperties>
+ <cryptoProperties>
+ <crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property name="org.apache.ws.security.crypto.merlin.file">sts.jks</property>
+ <property name="org.apache.ws.security.crypto.merlin.keystore.password">password</property>
+ </crypto>
+ </cryptoProperties>
<addRequestedAttachedRef />
<addRequestedUnattachedRef />
@@ -211,6 +218,14 @@
-->
<proofKeyType>BinarySecret</proofKeyType>
</sct-issuer-config>
+ </parameter>
+
+ <parameter name="token-canceler-config">
+ <token-canceler-config>
+ <!--<proofToken>EncryptedKey</proofToken>-->
+ <!--<cryptoProperties>sctIssuer.properties</cryptoProperties>-->
+ <!--<addRequestedAttachedRef />-->
+ </token-canceler-config>
</parameter>
Modified: webservices/axis2/trunk/java/modules/integration/test/org/apache/rampart/RampartTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/integration/test/org/apache/rampart/RampartTest.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/integration/test/org/apache/rampart/RampartTest.java (original)
+++ webservices/axis2/trunk/java/modules/integration/test/org/apache/rampart/RampartTest.java Wed Sep 27 15:09:34 2006
@@ -30,6 +30,7 @@
import org.apache.axis2.integration.UtilServer;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
+import org.apache.rahas.RahasConstants;
import javax.xml.namespace.QName;
@@ -73,6 +74,7 @@
//Skip the Basic256 tests
continue;
}
+ options.setAction("urn:echo");
options.setTo(new EndpointReference("http://127.0.0.1:" + PORT + "/axis2/services/SecureService" + i));
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy("test-resources/rampart/policy/" + i + ".xml"));
serviceClient.setOptions(options);
@@ -87,12 +89,19 @@
//Skip the Basic256 tests
continue;
}
+ options.setAction("urn:echo");
options.setTo(new EndpointReference("http://127.0.0.1:" + PORT + "/axis2/services/SecureServiceSC" + i));
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy("test-resources/rampart/policy/sc-" + i + ".xml"));
serviceClient.setOptions(options);
//Blocking invocation
serviceClient.sendReceive(getEchoElement());
+ serviceClient.sendReceive(getEchoElement());
+
+ //Cancel the token
+ options.setAction(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT);
+ serviceClient.sendReceive(getEchoElement());
+
}
} catch (Exception e) {
Modified: webservices/axis2/trunk/java/modules/rahas/src/META-INF/module.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/META-INF/module.xml?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/META-INF/module.xml (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/META-INF/module.xml Wed Sep 27 15:09:34 2006
@@ -13,6 +13,7 @@
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</actionMapping>
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew</actionMapping>
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel</actionMapping>
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate</actionMapping>
<parameter name="token-dispatcher-configuration">
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/RahasConstants.java Wed Sep 27 15:09:34 2006
@@ -92,6 +92,7 @@
public static final String RST_ACTOIN_RENEW = "/RST" + REQ_TYPE_RENEW;
public static final String RST_ACTION_CANCEL = "/RST" + REQ_TYPE_CANCEL;
public static final String RST_ACTION_SCT = "/RST/SCT";
+ public static final String RST_ACTION_CANCEL_SCT = "/RST/SCT" + REQ_TYPE_CANCEL;
//RSTR actions
public static final String RSTR_ACTON_ISSUE = "/RSTR" + REQ_TYPE_ISSUE;
@@ -99,7 +100,7 @@
public static final String RSTR_ACTON_RENEW = "/RSTR" + REQ_TYPE_RENEW;
public static final String RSTR_ACTION_CANCEL = "/RSTR" + REQ_TYPE_CANCEL;
public static final String RSTR_ACTION_SCT = "/RSTR/SCT";
-
+ public static final String RSTR_ACTION_CANCEL_SCT = "/RSTR/SCT" + REQ_TYPE_CANCEL;
//Token types
public static final String TOK_TYPE_SAML_10 = "http://docs.oasis-open.org/wss/" +
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/SimpleTokenStore.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/SimpleTokenStore.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/SimpleTokenStore.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/SimpleTokenStore.java Wed Sep 27 15:09:34 2006
@@ -16,6 +16,12 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMElement;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.message.token.Reference;
+
+import javax.xml.namespace.QName;
+
import java.util.List;
import java.util.Map;
import java.util.ArrayList;
@@ -107,7 +113,27 @@
}
public Token getToken(String id) throws TrustException {
- return (Token) this.tokens.get(id);
+ processTokenExpiry();
+ Token token = (Token) this.tokens.get(id);
+
+ if(token == null) {
+ //Try the unattached refs
+ for (Iterator iterator = this.tokens.values().iterator(); iterator.hasNext();) {
+ Token tempToken = (Token) iterator.next();
+ OMElement elem = tempToken.getAttachedReference();
+ if(elem != null && id.equals(this.getIdFromSTR(elem))) {
+ token = tempToken;
+ }
+ elem = tempToken.getUnattachedReference();
+ if(elem != null && id.equals(this.getIdFromSTR(elem))) {
+ token = tempToken;
+ }
+
+ }
+ }
+
+
+ return token;
}
protected void processTokenExpiry() throws TrustException {
@@ -118,6 +144,22 @@
token.setState(Token.EXPIRED);
update(token);
}
+ }
+ }
+
+ private String getIdFromSTR(OMElement str) {
+// ASSUMPTION:SecurityTokenReference/KeyIdentifier
+ OMElement child = str.getFirstElement();
+ if(child == null) {
+ return null;
+ }
+
+ if (child.getQName().equals(new QName(WSConstants.SIG_NS, "KeyInfo"))) {
+ return child.getText();
+ } else if(child.getQName().equals(Reference.TOKEN)) {
+ return child.getAttributeValue(new QName("URI")).substring(1);
+ } else {
+ return null;
}
}
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcherConfig.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcherConfig.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcherConfig.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TokenRequestDispatcherConfig.java Wed Sep 27 15:09:34 2006
@@ -77,16 +77,7 @@
if (cancelerClass == null) {
throw new TrustException("missingClassName");
}
- String isDefault = cancelerEle.getAttributeValue(DEFAULT_ATTR);
- if (isDefault != null && "true".equalsIgnoreCase(isDefault)) {
-
- //Use the first default issuer as the default isser
- if (conf.defaultCancelerClassName == null) {
- conf.defaultCancelerClassName = cancelerClass;
- } else {
- throw new TrustException("badDispatcherConfigMultipleDefaultCancelers");
- }
- }
+ conf.defaultCancelerClassName = cancelerClass;
processConfiguration(cancelerEle, conf, cancelerClass);
}
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/TrustUtil.java Wed Sep 27 15:09:34 2006
@@ -442,8 +442,7 @@
}
- public static OMElement createCancelRequest(String requestType,
- String tokenId,
+ public static OMElement createCancelRequest(String tokenId,
int version) throws TrustException {
/*
<wst:RequestSecurityToken>
@@ -460,9 +459,9 @@
</wst:RequestSecurityToken>
*/
OMElement rst = TrustUtil.createRequestSecurityTokenElement(version);
- TrustUtil.createRequestTypeElement(version, rst, requestType);
+ TrustUtil.createRequestTypeElement(version, rst, RahasConstants.REQ_TYPE_CANCEL);
OMElement cancelTargetEle = TrustUtil.createCancelTargetElement(version, rst);
- OMFactory factory = DOOMAbstractFactory.getOMFactory();
+ OMFactory factory = rst.getOMFactory();
OMElement secTokenRefEle =
factory.createOMElement(RahasConstants.CancelBindingLocalNames.SECURITY_TOKEN_REF,
WSSE_NAMESPACE_URI,
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/client/STSClient.java Wed Sep 27 15:09:34 2006
@@ -51,8 +51,8 @@
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.processor.EncryptedKeyProcessor;
import org.apache.ws.security.util.WSSecurityUtil;
-import org.apache.xml.security.signature.XMLSignature;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -139,21 +139,25 @@
* @throws TrustException
*/
public boolean cancelToken(String issuerAddress,
- String tokenId) throws TrustException {
+ String tokenId,
+ String action) throws TrustException {
try {
QName rstQn = new QName("cancelSecurityToken");
String requestType =
TrustUtil.getWSTNamespace(version) + RahasConstants.REQ_TYPE_CANCEL;
ServiceClient client = getServiceClient(rstQn, issuerAddress);
+ if(action != null) {
+ client.getOptions().setAction(action);
+ }
+
return processCancelResponse(client.sendReceive(rstQn,
- createCancelRequest(requestType,
- tokenId)));
+ createCancelRequest(tokenId)));
} catch (AxisFault e) {
log.error("errorInCancelingToken", e);
throw new TrustException("errorInCancelingToken", e);
}
}
-
+
private ServiceClient getServiceClient(QName rstQn,
String issuerAddress) throws AxisFault {
AxisService axisService =
@@ -443,7 +447,6 @@
while (templateChildren.hasNext()) {
OMNode child = (OMNode) templateChildren.next();
rst.addChild(child);
-
//Look for the key size element
if (child instanceof OMElement
&& ((OMElement) child).getQName().equals(
@@ -494,13 +497,14 @@
throw new TrustException("errorSettingUpRequestorEntropy", e);
}
+
return rst;
+
}
- private OMElement createCancelRequest(String requestType,
- String tokenId) throws TrustException {
+ private OMElement createCancelRequest(String tokenId) throws TrustException {
- return TrustUtil.createCancelRequest(requestType, tokenId, version);
+ return TrustUtil.createCancelRequest(tokenId, version);
}
/**
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/errors.properties Wed Sep 27 15:09:34 2006
@@ -29,7 +29,6 @@
notSupported = Not supported: {0}
errorCreatingSymmKey = Error in creating the ephemeral key
badDispatcherConfigMultipleDefaultIssuers = Dispatcher configuration error : There should be only one default issuer
-badDispatcherConfigMultipleDefaultCancelers = Dispatcher configuration error : There should be only one default canceler
errorInBuildingTheEncryptedKeyForPrincipal = Error in building encrypted key for principal : \"{0}\"
invlidTTL = timeToLive (in milliseconds) must be a positive long value.
invalidKeysize = Invalid key size
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/SCTIssuer.java Wed Sep 27 15:09:34 2006
@@ -119,32 +119,20 @@
String tokenType = data.getTokenType();
+ OMElement reqAttachedRef = null;
+ OMElement reqUnattachedRef = null;
if (config.addRequestedAttachedRef) {
- if (wstVersion == RahasConstants.VERSION_05_02) {
- TrustUtil.createRequestedAttachedRef(wstVersion,
+ reqAttachedRef = TrustUtil.createRequestedAttachedRef(wstVersion,
rstrElem,
"#" + sct.getID(),
tokenType);
- } else {
- TrustUtil.createRequestedAttachedRef(wstVersion,
- rstrElem,
- "#" + sct.getID(),
- tokenType);
- }
}
if (config.addRequestedUnattachedRef) {
- if (wstVersion == RahasConstants.VERSION_05_02) {
- TrustUtil.createRequestedUnattachedRef(wstVersion,
- rstrElem,
- sct.getIdentifier(),
- tokenType);
- } else {
- TrustUtil.createRequestedUnattachedRef(wstVersion,
+ reqUnattachedRef = TrustUtil.createRequestedUnattachedRef(wstVersion,
rstrElem,
sct.getIdentifier(),
tokenType);
- }
}
//Creation and expiration times
@@ -167,6 +155,9 @@
(OMElement) sct.getElement(),
creationTime,
expirationTime);
+
+ sctToken.setUnattachedReference(reqAttachedRef.getFirstElement());
+ sctToken.setAttachedReference(reqAttachedRef.getFirstElement());
//Add the RequestedProofToken
TokenIssuerUtil.handleRequestedProofToken(data,
Modified: webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/TokenCancelerImpl.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/TokenCancelerImpl.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/TokenCancelerImpl.java (original)
+++ webservices/axis2/trunk/java/modules/rahas/src/org/apache/rahas/impl/TokenCancelerImpl.java Wed Sep 27 15:09:34 2006
@@ -106,7 +106,7 @@
if (referenceEle != null) {
OMAttribute uri = referenceEle.getAttribute(QNAME_URI);
if (uri != null) {
- tokenId = uri.getAttributeValue();
+ tokenId = uri.getAttributeValue().substring(1);
} else {
throw new TrustException("cannotDetermineTokenId");
}
@@ -147,7 +147,6 @@
}
OMElement reqTokenCanceledEle =
TrustUtil.createRequestedTokenCanceledElement(version, rstrElem);
- responseEnv.getBody().addChild(reqTokenCanceledEle);
return responseEnv;
}
Modified: webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/EventingMessageReceiverDeligater.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/EventingMessageReceiverDeligater.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/EventingMessageReceiverDeligater.java (original)
+++ webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/EventingMessageReceiverDeligater.java Wed Sep 27 15:09:34 2006
@@ -83,7 +83,7 @@
OMElement subscribeResponseElement = factory.createOMElement(EventingConstants.ElementNames.SubscribeResponse,ens);
OMElement subscriptionManagerElement = null;
try {
- subscriptionManagerElement = EndpointReferenceHelper.toOM(subscriptionManagerEPR, new QName(EventingConstants.EVENTING_NAMESPACE,EventingConstants.ElementNames.SubscriptionManager,EventingConstants.EVENTING_PREFIX), AddressingConstants.Submission.WSA_NAMESPACE);
+ subscriptionManagerElement = EndpointReferenceHelper.toOM(subscribeResponseElement.getOMFactory(), subscriptionManagerEPR, new QName(EventingConstants.EVENTING_NAMESPACE,EventingConstants.ElementNames.SubscriptionManager,EventingConstants.EVENTING_PREFIX), AddressingConstants.Submission.WSA_NAMESPACE);
} catch (AxisFault e) {
throw new SavanException (e);
}
Modified: webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/client/EventingClient.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/client/EventingClient.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/client/EventingClient.java (original)
+++ webservices/axis2/trunk/java/modules/savan/src/org/apache/savan/eventing/client/EventingClient.java Wed Sep 27 15:09:34 2006
@@ -244,7 +244,7 @@
EndpointReference endToEPR = bean.getEndToEPR();
if (bean.getEndToEPR()!=null) {
- OMElement endToElement = EndpointReferenceHelper.toOM(endToEPR, new QName(EventingConstants.EVENTING_NAMESPACE,EventingConstants.ElementNames.EndTo,EventingConstants.EVENTING_PREFIX), AddressingConstants.Submission.WSA_NAMESPACE);
+ OMElement endToElement = EndpointReferenceHelper.toOM(subscriptionElement.getOMFactory(), endToEPR, new QName(EventingConstants.EVENTING_NAMESPACE,EventingConstants.ElementNames.EndTo,EventingConstants.EVENTING_PREFIX), AddressingConstants.Submission.WSA_NAMESPACE);
subscriptionElement.addChild(endToElement);
}
@@ -253,7 +253,7 @@
throw new Exception ("Delivery EPR is not set");
OMElement deliveryElement = factory.createOMElement(EventingConstants.ElementNames.Delivery,ens);
- OMElement notifyToElement = EndpointReferenceHelper.toOM(deliveryEPR, new QName(EventingConstants.EVENTING_NAMESPACE,EventingConstants.ElementNames.NotifyTo,EventingConstants.EVENTING_PREFIX), AddressingConstants.Submission.WSA_NAMESPACE);
+ OMElement notifyToElement = EndpointReferenceHelper.toOM(subscriptionElement.getOMFactory(), deliveryEPR, new QName(EventingConstants.EVENTING_NAMESPACE,EventingConstants.ElementNames.NotifyTo,EventingConstants.EVENTING_PREFIX), AddressingConstants.Submission.WSA_NAMESPACE);
deliveryElement.addChild(notifyToElement);
subscriptionElement.addChild(deliveryElement);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/MessageBuilder.java Wed Sep 27 15:09:34 2006
@@ -16,16 +16,24 @@
package org.apache.rampart;
+import org.apache.axiom.om.OMElement;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.TrustUtil;
import org.apache.rampart.builder.AsymmetricBindingBuilder;
import org.apache.rampart.builder.SymmetricBindingBuilder;
import org.apache.rampart.builder.TransportBindingBuilder;
import org.apache.rampart.policy.RampartPolicyData;
+import org.apache.rampart.util.Axis2Util;
+import org.apache.rampart.util.RampartUtil;
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.security.WSSecurityException;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
public class MessageBuilder {
@@ -34,11 +42,38 @@
public void build(MessageContext msgCtx) throws WSSPolicyException,
RampartException, WSSecurityException, AxisFault {
+ Axis2Util.useDOOM(true);
+
RampartMessageData rmd = new RampartMessageData(msgCtx, true);
+
RampartPolicyData rpd = rmd.getPolicyData();
if(rpd == null) {
return;
+ }
+
+ String action = msgCtx.getOptions().getAction();
+ System.out.println("MessageBuilder: 52: " + action);
+ if(action !=null && (action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT) ||
+ action.equals(RahasConstants.WST_NS_05_12 + RahasConstants.RSTR_ACTION_CANCEL_SCT))) {
+
+ //set payload to a cancel request
+ String ctxIdKey = RampartUtil.getContextIdentifierKey(msgCtx);
+ String tokenId = (String)RampartUtil.getContextMap(msgCtx).get(ctxIdKey);
+ try {
+ if(RampartUtil.isTokenValid(rmd, tokenId)) {
+ OMElement bodyElem = msgCtx.getEnvelope().getBody();
+ OMElement child = bodyElem.getFirstElement();
+ OMElement newChild = TrustUtil.createCancelRequest(tokenId, rmd.getWstVersion());
+ Node importedNode = rmd.getDocument().importNode((Element) newChild, true);
+ ((Element) bodyElem).replaceChild(importedNode, (Element) child);
+ } else {
+ throw new RampartException("tokenToBeCancelledInvalid");
+ }
+
+ } catch (TrustException e) {
+ throw new RampartException("errorInTokenCancellation");
+ }
}
if(rpd.isTransportBinding()) {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java Wed Sep 27 15:09:34 2006
@@ -39,6 +39,11 @@
RampartMessageData rmd = new RampartMessageData(msgCtx, false);
RampartPolicyData rpd = rmd.getPolicyData();
if(rpd == null) {
+ SOAPEnvelope env = Axis2Util.getSOAPEnvelopeFromDOOMDocument(rmd.getDocument());
+
+ //Convert back to llom since the inflow cannot use llom
+ msgCtx.setEnvelope(env);
+ Axis2Util.useDOOM(false);
return null;
}
Vector results = null;
@@ -53,10 +58,6 @@
null,
new TokenCallbackHandler(rmd.getTokenStorage()),
null);
-
- //Convert back to llom since the inflow cannot use llom
- rmd.getMsgContext().setEnvelope(Axis2Util
- .getSOAPEnvelopeFromDOOMDocument(rmd.getDocument()));
} else {
results = engine.processSecurityHeader(rmd.getDocument(),
null,
@@ -67,7 +68,13 @@
msgCtx.getAxisService().getClassLoader()));
}
- msgCtx.setEnvelope((SOAPEnvelope)rmd.getDocument().getDocumentElement());
+
+ SOAPEnvelope env = Axis2Util.getSOAPEnvelopeFromDOOMDocument(rmd.getDocument());
+
+ //Convert back to llom since the inflow cannot use llom
+ msgCtx.setEnvelope(env);
+ Axis2Util.useDOOM(false);
+
return results;
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/TokenCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/TokenCallbackHandler.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/TokenCallbackHandler.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/TokenCallbackHandler.java Wed Sep 27 15:09:34 2006
@@ -53,24 +53,7 @@
if(tok != null) {
//Get the secret and set it in the callback object
pc.setKey(tok.getSecret());
- } else {
- //Try the unattached refs
- Token[] tokens = store.getValidTokens();
- for (int j = 0; j < tokens.length; j++) {
- OMElement elem = tokens[j].getAttachedReference();
- if(elem != null && id.equals(this.getIdFromSTR(elem))) {
- pc.setKey(tokens[j].getSecret());
- return;
- }
- elem = tokens[j].getUnattachedReference();
- if(elem != null && id.equals(this.getIdFromSTR(elem))) {
- pc.setKey(tokens[j].getSecret());
- return;
- }
-
- }
}
-
} catch (Exception e) {
e.printStackTrace();
throw new IOException(e.getMessage());
@@ -83,20 +66,6 @@
}
}
- private String getIdFromSTR(OMElement str) {
-// ASSUMPTION:SecurityTokenReference/KeyIdentifier
- OMElement child = str.getFirstElement();
- if(child == null) {
- return null;
- }
-
- if (child.getQName().equals(new QName(WSConstants.SIG_NS, "KeyInfo"))) {
- return child.getText();
- } else if(child.getQName().equals(Reference.TOKEN)) {
- return child.getAttributeValue(new QName("URI"));
- } else {
- return null;
- }
- }
+
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java Wed Sep 27 15:09:34 2006
@@ -484,8 +484,6 @@
dkSign.prepare(doc, rmd.getSecHeader());
- sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
-
if(rpd.isTokenProtection()) {
sigParts.add(new WSEncryptionPart(tok.getId()));
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/SymmetricBindingBuilder.java Wed Sep 27 15:09:34 2006
@@ -19,6 +19,7 @@
import org.apache.axiom.om.OMElement;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.RahasConstants;
import org.apache.rahas.TrustException;
import org.apache.rampart.RampartException;
import org.apache.rampart.RampartMessageData;
@@ -483,7 +484,27 @@
//TODO check for an existing token and use it
- if(rmd.getSecConvTokenId() == null) {
+ String secConvTokenId = rmd.getSecConvTokenId();
+
+ //The RSTR has to be secured with the cancelled token
+ String action = rmd.getMsgContext().getOptions().getAction();
+ boolean cancelReqResp = action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
+ action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
+ action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT) ||
+ action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT);
+
+ //In the case of the cancel req or resp we should mark the token as cancelled
+ if(secConvTokenId != null && cancelReqResp) {
+ try {
+ rmd.getTokenStorage().getToken(secConvTokenId).setState(org.apache.rahas.Token.CANCELLED);
+ } catch (TrustException e) {
+ throw new RampartException("errorExtractingToken");
+ }
+ }
+
+ if (secConvTokenId == null
+ || (secConvTokenId != null &&
+ (!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {
log.debug("No SecureConversationToken found, " +
"requesting a new token");
@@ -492,9 +513,8 @@
(SecureConversationToken) sigTok;
try {
-
- String id = RampartUtil.getSecConvToken(rmd,
- secConvTok);
+
+ String id = RampartUtil.getSecConvToken(rmd, secConvTok);
rmd.setSecConvTokenId(id);
} catch (TrustException e) {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties Wed Sep 27 15:09:34 2006
@@ -37,7 +37,8 @@
signatureTokenMissing = Signature token missging
errorInEncryption = Error during encryption
sctIssuerPolicyMissing = sct-issuer-policy parameter missing
-
+errorInTokenCancellation = Error in cancelling token
+tokenToBeCancelledInvalid = Token to be cancelled is invalid or expired
#Errors in processors
errorProcessingUT = Error in processing UsernameToken
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java Wed Sep 27 15:09:34 2006
@@ -70,9 +70,6 @@
try {
wsResult = engine.process(msgContext);
- //Convert back to LLOM
- Document doc = ((Element)msgContext.getEnvelope()).getOwnerDocument();
- msgContext.setEnvelope(Axis2Util.getSOAPEnvelopeFromDOOMDocument(doc));
} catch (WSSecurityException e) {
e.printStackTrace();
throw new AxisFault(e);
@@ -85,7 +82,7 @@
} finally {
// Reset the document builder factory
DocumentBuilderFactoryImpl.setDOOMRequired(false);
-
+ Axis2Util.useDOOM(false);
}
if(wsResult == null) {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartSender.java Wed Sep 27 15:09:34 2006
@@ -21,8 +21,11 @@
import org.apache.axis2.description.HandlerDescription;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.Handler;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.TrustUtil;
import org.apache.rampart.MessageBuilder;
import org.apache.rampart.RampartException;
+import org.apache.rampart.util.RampartUtil;
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.security.WSSecurityException;
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java Wed Sep 27 15:09:34 2006
@@ -120,6 +120,7 @@
// Reset the document builder factory
DocumentBuilderFactoryImpl.setDOOMRequired(false);
+ Axis2Util.useDOOM(false);
if (doDebug) {
log.debug("WSDoAllReceiver: exit invoke()");
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java Wed Sep 27 15:09:34 2006
@@ -130,7 +130,9 @@
String sts = config.getStsEPRAddress();
if(sts != null) {
//Use a security token service
- STSRequester.issueRequest(config);
+ Axis2Util.useDOOM(false);
+ STSRequester.issueRequest(config);
+ Axis2Util.useDOOM(true);
} else {
//Create an an SCT, include it in an RSTR
// and add the RSTR to the header
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/Axis2Util.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/Axis2Util.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/Axis2Util.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/Axis2Util.java Wed Sep 27 15:09:34 2006
@@ -57,7 +57,7 @@
public static void useDOOM(boolean isDOOMRequired) {
if(isDOOMRequired) {
- if(isUseDOOM()) {
+ if(!isUseDOOM()) {
System.setProperty(OMAbstractFactory.SOAP11_FACTORY_NAME_PROPERTY, SOAP11Factory.class.getName());
System.setProperty(OMAbstractFactory.SOAP12_FACTORY_NAME_PROPERTY, SOAP12Factory.class.getName());
System.setProperty(OMAbstractFactory.OM_FACTORY_NAME_PROPERTY, OMDOMFactory.class.getName());
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java Wed Sep 27 15:09:34 2006
@@ -407,13 +407,15 @@
String issuerEpr, String action, Policy issuerPolicy) throws RampartException {
try {
+ Axis2Util.useDOOM(false);
STSClient client = new STSClient(rmd.getMsgContext()
.getConfigurationContext());
// Set request action
client.setAction(action);
- client.setRstTemplate(rstTemplate);
+ OMElement tmpl = Axis2Util.toOM((Element)rstTemplate);
+ client.setRstTemplate(tmpl);
// Set crypto information
Crypto crypto = RampartUtil.getSignatureCrypto(rmd.getPolicyData().getRampartConfig(),
@@ -438,9 +440,9 @@
//Add the token to token storage
rst.setState(Token.ISSUED);
rmd.getTokenStorage().add(rst);
-
+ Axis2Util.useDOOM(true);
return rst.getId();
- } catch (TrustException e) {
+ } catch (Exception e) {
throw new RampartException(e.getMessage(), e);
}
}
@@ -599,4 +601,12 @@
return (Hashtable)map;
}
+ public static boolean isTokenValid(RampartMessageData rmd, String id) throws RampartException {
+ try {
+ org.apache.rahas.Token token = rmd.getTokenStorage().getToken(id);
+ return token!= null && token.getState() == org.apache.rahas.Token.ISSUED;
+ } catch (TrustException e) {
+ throw new RampartException("errorExtractingToken");
+ }
+ }
}
Modified: webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTestBase.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTestBase.java?view=diff&rev=450598&r1=450597&r2=450598
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTestBase.java (original)
+++ webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTestBase.java Wed Sep 27 15:09:34 2006
@@ -21,6 +21,7 @@
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder;
import org.apache.axis2.AxisFault;
+import org.apache.axis2.client.Options;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.OutInAxisOperation;
@@ -39,9 +40,6 @@
import junit.framework.TestCase;
-/**
- * @author Ruchith Fernando (ruchith.fernando@gmail.com)
- */
public class MessageBuilderTestBase extends TestCase {
public MessageBuilderTestBase() {
@@ -61,6 +59,9 @@
MessageContext ctx = new MessageContext();
ctx.setAxisService(new AxisService("TestService"));
ctx.setAxisOperation(new OutInAxisOperation(new QName("http://rampart.org", "test")));
+ Options options = new Options();
+ options.setAction("urn:testOperation");
+ ctx.setOptions(options);
XMLStreamReader reader =
XMLInputFactory.newInstance().
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org