You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by mu...@apache.org on 2007/05/24 07:50:00 UTC
svn commit: r541193 - in
/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart:
builder/AsymmetricBindingBuilder.java builder/SymmetricBindingBuilder.java
builder/TransportBindingBuilder.java util/RampartUtil.java
Author: muthulee
Date: Wed May 23 22:49:59 2007
New Revision: 541193
URL: http://svn.apache.org/viewvc?view=rev&rev=541193
Log:
Fixing Jira Rampart-42
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java?view=diff&rev=541193&r1=541192&r2=541193
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java Wed May 23 22:49:59 2007
@@ -41,6 +41,7 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+
import java.util.HashMap;
import java.util.Iterator;
import java.util.Vector;
@@ -171,9 +172,12 @@
HashMap endSuppTokMap = null;
HashMap sgndEndSuppTokMap = null;
this.sigParts = RampartUtil.getSignedParts(rmd);
- sigParts.add(new WSEncryptionPart(RampartUtil
+
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(RampartUtil
.addWsuIdToElement((OMElement) this.timestampElement)));
-
+ }
+
if (rmd.isInitiator()) {
// Now add the supporting tokens
@@ -278,9 +282,13 @@
sigParts = RampartUtil.getSignedParts(rmd);
//Add timestamp
- sigParts.add(new WSEncryptionPart(RampartUtil
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(RampartUtil
.addWsuIdToElement((OMElement) this.timestampElement)));
-
+ }else{
+ this.setInsertionLocation(null);
+ }
+
if (rmd.isInitiator()) {
// Now add the supporting tokens
SupportingToken sgndSuppTokens = rpd.getSignedSupportingTokens();
@@ -327,6 +335,8 @@
}
}
+
+
Vector encrParts = RampartUtil.getEncryptedParts(rmd);
//Check for signature protection
@@ -396,23 +406,30 @@
encr.prepare(doc, RampartUtil.getEncryptionCrypto(rpd
.getRampartConfig(), rmd.getCustomClassLoader()));
- this.setInsertionLocation(this.timestampElement);
+ if(this.timestampElement != null){
+ this.setInsertionLocation(this.timestampElement);
+ }else{
+ this.setInsertionLocation(null);
+ }
+
if(encr.getBSTTokenId() != null) {
this.setInsertionLocation(RampartUtil
- .insertSiblingAfter(rmd,
+ .insertSiblingAfterOrPrepend(rmd,
this.getInsertionLocation(),
encr.getBinarySecurityTokenElement()));
}
+
Element encryptedKeyElement = encr.getEncryptedKeyElement();
this.setInsertionLocation(RampartUtil
- .insertSiblingAfter(rmd,
+ .insertSiblingAfterOrPrepend(rmd,
this.getInsertionLocation(),
encryptedKeyElement));
+
//Encrypt, get hold of the ref list and add it
refList = encr.encryptForInternalRef(null, encrParts);
-
+
//Add internal refs
encryptedKeyElement.appendChild(refList);
// RampartUtil.insertSiblingAfter(rmd,
@@ -467,11 +484,11 @@
this.sigDKTElement = RampartUtil.insertSiblingAfter(rmd,
this.getInsertionLocation(), dkSign.getdktElement());
this.setInsertionLocation(this.sigDKTElement);
-
+
this.setInsertionLocation(RampartUtil.insertSiblingAfter(rmd,
this.getInsertionLocation(), dkSign
.getSignatureElement()));
-
+
this.mainSigId = RampartUtil
.addWsuIdToElement((OMElement) dkSign
.getSignatureElement());
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java?view=diff&rev=541193&r1=541192&r2=541193
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java Wed May 23 22:49:59 2007
@@ -195,9 +195,12 @@
HashMap endSuppTokMap = null;
HashMap sgndEndSuppTokMap = null;
Vector sigParts = RampartUtil.getSignedParts(rmd);
- sigParts.add(new WSEncryptionPart(RampartUtil
+
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(RampartUtil
.addWsuIdToElement((OMElement) this.timestampElement)));
-
+ }
+
if(rmd.isInitiator()) {
// Now add the supporting tokens
@@ -346,9 +349,12 @@
HashMap endSuppTokMap = null;
HashMap sgndEndSuppTokMap = null;
Vector sigParts = RampartUtil.getSignedParts(rmd);
- sigParts.add(new WSEncryptionPart(RampartUtil
+
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(RampartUtil
.addWsuIdToElement((OMElement) this.timestampElement)));
-
+ }
+
if(rmd.isInitiator()) {
// Now add the supporting tokens
SupportingToken sgndSuppTokens = rpd.getSignedSupportingTokens();
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java?view=diff&rev=541193&r1=541192&r2=541193
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java Wed May 23 22:49:59 2007
@@ -55,9 +55,11 @@
log.debug("TransportBindingBuilder build invoked");
RampartPolicyData rpd = rmd.getPolicyData();
-
- addTimestamp(rmd);
+ if (rpd.isIncludeTimestamp()) {
+ addTimestamp(rmd);
+ }
+
/*
* Process Supporting tokens
*/
@@ -177,7 +179,9 @@
Vector sigParts = new Vector();
- sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
+ }
if(rpd.isTokenProtection()) {
sigParts.add(new WSEncryptionPart(encrKey.getBSTTokenId()));
@@ -211,7 +215,11 @@
sig.appendBSTElementToHeader(rmd.getSecHeader());
Vector sigParts = new Vector();
- sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
+
+ if(this.timestampElement != null ){
+ sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
+ }
+
if (rpd.isTokenProtection()
&& !Constants.INCLUDE_NEVER
.equals(token.getInclusion())) {
@@ -301,7 +309,9 @@
Vector sigParts = new Vector();
- sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
+ }
if(rpd.isTokenProtection() && tokenIncluded) {
sigParts.add(new WSEncryptionPart(id));
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?view=diff&rev=541193&r1=541192&r2=541193
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java Wed May 23 22:49:59 2007
@@ -16,6 +16,18 @@
package org.apache.rampart.util;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Hashtable;
+import java.util.Properties;
+import java.util.Vector;
+
+import javax.crypto.KeyGenerator;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.xml.namespace.QName;
+
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMAttribute;
import org.apache.axiom.om.OMElement;
@@ -59,18 +71,6 @@
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import javax.crypto.KeyGenerator;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.xml.namespace.QName;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Hashtable;
-import java.util.Properties;
-import java.util.Vector;
-
public class RampartUtil {
private static final String CRYPTO_PROVIDER = "org.apache.ws.security.crypto.provider";
@@ -763,4 +763,44 @@
return null;
}
+
+ /**
+ * If the child is present insert the element as a sibling after him.
+ *
+ * If the child is null, then prepend the element.
+ *
+ * @param rmd
+ * @param child
+ * @param elem - element mentioned above
+ * @return
+ */
+ public static Element insertSiblingAfterOrPrepend(RampartMessageData rmd, Element child, Element elem) {
+ Element retElem = null;
+ if(child != null){ // child is not null so insert sibling after
+ retElem = RampartUtil.insertSiblingAfter(rmd, child, elem);
+ }else{ //Prepend
+
+ Element secHeaderElem = rmd.getSecHeader().getSecurityHeader();
+ Node node = secHeaderElem.getOwnerDocument().importNode(
+ elem, true);
+ Element firstElem = (Element)secHeaderElem.getFirstChild();
+
+ if(firstElem == null){
+ retElem = (Element)secHeaderElem.appendChild(node);
+ }else{
+ if(firstElem.getOwnerDocument().equals(elem.getOwnerDocument())) {
+ ((OMElement)firstElem).insertSiblingBefore((OMElement)elem);
+ retElem = elem;
+ } else {
+ Element newSib = (Element)firstElem.getOwnerDocument().importNode(elem, true);
+ ((OMElement)firstElem).insertSiblingBefore((OMElement)newSib);
+ retElem = newSib;
+ }
+ }
+ }
+
+ return retElem;
+ }
+
+
}