You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/03/02 17:33:11 UTC
svn commit: r1296293 [2/2] - in /webservices/wss4j/branches/swssf:
streaming-ws-policy/src/main/java/org/swssf/policy/
streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/
streaming-ws-policy/src/test/java/org/swssf/policy/test/ streamin...
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java Fri Mar 2 16:33:09 2012
@@ -24,11 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSecurityException;
import org.swssf.wss.securityEvent.OperationSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -54,7 +56,10 @@ public class SignedPartsTest extends Abs
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -88,10 +93,13 @@ public class SignedPartsTest extends Abs
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
headerPath.add(new QName("http://example.org", "a"));
@@ -115,7 +123,10 @@ public class SignedPartsTest extends Abs
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -142,14 +153,14 @@ public class SignedPartsTest extends Abs
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, null);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
try {
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
} catch (WSSecurityException e) {
Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
}
- signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
headerPath.add(new QName("http://example.org", "a"));
@@ -179,7 +190,10 @@ public class SignedPartsTest extends Abs
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -213,10 +227,13 @@ public class SignedPartsTest extends Abs
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
headerPath.add(new QName("http://example.org", "a"));
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java Fri Mar 2 16:33:09 2012
@@ -25,9 +25,12 @@ import org.swssf.wss.securityEvent.Opera
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.wss.securityEvent.SpnegoContextTokenSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -77,11 +80,14 @@ public class SpnegoContextTokenTest exte
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java Fri Mar 2 16:33:09 2012
@@ -25,11 +25,13 @@ import org.swssf.wss.ext.WSSecurityExcep
import org.swssf.wss.impl.securityToken.SecureConversationSecurityToken;
import org.swssf.wss.securityEvent.*;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -44,7 +46,6 @@ public class SymmetricBindingTest extend
"<sp:SymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
"<sp:IncludeTimestamp/>\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -74,14 +75,17 @@ public class SymmetricBindingTest extend
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
encryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
@@ -92,7 +96,7 @@ public class SymmetricBindingTest extend
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
policyEnforcer.doFinal();
@@ -103,7 +107,6 @@ public class SymmetricBindingTest extend
String policyString =
"<sp:SymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -136,7 +139,6 @@ public class SymmetricBindingTest extend
}
}
- /* todo:
@Test
public void testPolicyWrongProtectionOrder() throws Exception {
String policyString =
@@ -151,10 +153,18 @@ public class SymmetricBindingTest extend
"</sp:SymmetricBinding>";
PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
SecureConversationTokenSecurityEvent secureConversationTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
- secureConversationTokenSecurityEvent.setSecurityToken(new SecureConversationSecurityToken(null, null, null, "1", null));
- secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+ SecurityToken securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+ securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+ secureConversationTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
+ signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
+
OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
operationSecurityEvent.setOperation(new QName("definitions"));
try {
@@ -164,8 +174,6 @@ public class SymmetricBindingTest extend
Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
}
}
- */
-
@Test
public void testPolicySignatureNotEncrypted() throws Exception {
@@ -173,7 +181,6 @@ public class SymmetricBindingTest extend
"<sp:SymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
"<sp:IncludeTimestamp/>\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -195,7 +202,10 @@ public class SymmetricBindingTest extend
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, protectionOrder);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
@@ -218,7 +228,6 @@ public class SymmetricBindingTest extend
"<sp:SymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
"<sp:IncludeTimestamp/>\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -240,14 +249,17 @@ public class SymmetricBindingTest extend
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
encryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
@@ -258,7 +270,7 @@ public class SymmetricBindingTest extend
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
try {
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java Fri Mar 2 16:33:09 2012
@@ -25,11 +25,13 @@ import org.swssf.wss.ext.WSSecurityExcep
import org.swssf.wss.impl.securityToken.HttpsSecurityToken;
import org.swssf.wss.securityEvent.*;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -67,21 +69,24 @@ public class TransportBindingTest extend
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
requiredElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
requiredElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
@@ -143,7 +148,10 @@ public class TransportBindingTest extend
httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
@@ -182,14 +190,17 @@ public class TransportBindingTest extend
httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
encryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
@@ -200,7 +211,7 @@ public class TransportBindingTest extend
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java Fri Mar 2 16:33:09 2012
@@ -29,11 +29,14 @@ import org.swssf.wss.securityEvent.Opera
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.wss.securityEvent.UsernameTokenSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.Date;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -92,11 +95,14 @@ public class UsernameTokenTest extends A
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
@@ -158,11 +164,14 @@ public class UsernameTokenTest extends A
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java Fri Mar 2 16:33:09 2012
@@ -26,10 +26,13 @@ import org.swssf.wss.securityEvent.Opera
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.wss.securityEvent.X509TokenSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -80,11 +83,14 @@ public class X509TokenTest extends Abstr
recipientX509TokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientX509TokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
@@ -138,11 +144,14 @@ public class X509TokenTest extends Abstr
recipientX509TokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientX509TokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/WSSDocumentContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/WSSDocumentContextImpl.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/WSSDocumentContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/WSSDocumentContextImpl.java Fri Mar 2 16:33:09 2012
@@ -23,7 +23,7 @@ import org.swssf.wss.ext.WSSDocumentCont
import org.swssf.xmlsec.impl.DocumentContextImpl;
import javax.xml.namespace.QName;
-import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -67,14 +67,13 @@ public class WSSDocumentContextImpl exte
@Override
protected WSSDocumentContextImpl clone() throws CloneNotSupportedException {
- super.clone();
WSSDocumentContextImpl documentContext = new WSSDocumentContextImpl();
- List<QName> subPath = new ArrayList<QName>();
+ List<QName> subPath = new LinkedList<QName>();
subPath.addAll(this.getPath());
documentContext.setEncoding(this.getEncoding());
documentContext.setPath(subPath);
documentContext.setInSecurityHeader(isInSecurityHeader());
- documentContext.setContentTypeDeque(getContentTypeDeque());
+ documentContext.setContentTypeMap(getContentTypeMap());
return documentContext;
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java Fri Mar 2 16:33:09 2012
@@ -61,12 +61,12 @@ public class DecryptInputProcessor exten
&& ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPBody()) {
//soap:body content encryption counts as EncryptedPart
EncryptedPartSecurityEvent encryptedPartSecurityEvent =
- new EncryptedPartSecurityEvent(securityToken, true, isInSignedContent(inputProcessorChain));
+ new EncryptedPartSecurityEvent(securityToken, true, inputProcessorChain.getDocumentContext().getProtectionOrder());
encryptedPartSecurityEvent.setElementPath(parentElementPath);
((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(encryptedPartSecurityEvent);
} else {
ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent =
- new ContentEncryptedElementSecurityEvent(securityToken, true, isInSignedContent(inputProcessorChain));
+ new ContentEncryptedElementSecurityEvent(securityToken, true, inputProcessorChain.getDocumentContext().getProtectionOrder());
contentEncryptedElementSecurityEvent.setElementPath(parentElementPath);
((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(contentEncryptedElementSecurityEvent);
}
@@ -83,7 +83,6 @@ public class DecryptInputProcessor exten
securityToken);
}
- //todo remove me?
@Override
protected void handleSecurityToken(SecurityToken securityToken, SecurityContext securityContext,
EncryptedDataType encryptedDataType) throws XMLSecurityException {
@@ -129,22 +128,15 @@ public class DecryptInputProcessor exten
if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3
&& ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPHeader()) {
EncryptedPartSecurityEvent encryptedPartSecurityEvent =
- new EncryptedPartSecurityEvent(securityToken, true, isInSignedContent(inputProcessorChain));
+ new EncryptedPartSecurityEvent(securityToken, true, inputProcessorChain.getDocumentContext().getProtectionOrder());
encryptedPartSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(encryptedPartSecurityEvent);
} else {
EncryptedElementSecurityEvent encryptedElementSecurityEvent =
- new EncryptedElementSecurityEvent(securityToken, true, isInSignedContent(inputProcessorChain));
+ new EncryptedElementSecurityEvent(securityToken, true, inputProcessorChain.getDocumentContext().getProtectionOrder());
encryptedElementSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(encryptedElementSecurityEvent);
}
}
}
-
- public static boolean isInSignedContent(InputProcessorChain inputProcessorChain) {
- //todo. Also todo: ProtectionOrderAssertionState
- //how can we find out if a signature is done over plaintext or over ciphertext.
- //problem contentEncryptedElements, the signature occurs always firstly...
- return false;
- }
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java Fri Mar 2 16:33:09 2012
@@ -99,18 +99,18 @@ public class SignatureReferenceVerifyInp
inputProcessorChain.addProcessor(internalSignatureReferenceVerifier);
}
getProcessedReferences().add(referenceType);
- inputProcessorChain.getDocumentContext().setIsInSignedContent();
+ inputProcessorChain.getDocumentContext().setIsInSignedContent(inputProcessorChain.getProcessors().indexOf(internalSignatureReferenceVerifier), internalSignatureReferenceVerifier);
//fire a SecurityEvent:
if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3
&& ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPHeader()) {
SignedPartSecurityEvent signedPartSecurityEvent =
- new SignedPartSecurityEvent(getSecurityToken(), true);
+ new SignedPartSecurityEvent(getSecurityToken(), true, inputProcessorChain.getDocumentContext().getProtectionOrder());
signedPartSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(signedPartSecurityEvent);
} else {
SignedElementSecurityEvent signedElementSecurityEvent =
- new SignedElementSecurityEvent(getSecurityToken(), true);
+ new SignedElementSecurityEvent(getSecurityToken(), true, inputProcessorChain.getDocumentContext().getProtectionOrder());
signedElementSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(signedElementSecurityEvent);
}
@@ -229,8 +229,8 @@ public class SignatureReferenceVerifyInp
throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN);
}
SecurityTokenReference securityTokenReference = (SecurityTokenReference) securityToken;
- //todo analyse and fix me: the following statement is problematic
- //todo a workaround is implemented in DocumentContext().unsetIsInSignedContent();
+ //todo analyse and fix me: the following statement could be problematic
+ inputProcessorChain.getDocumentContext().setIsInSignedContent(inputProcessorChain.getProcessors().indexOf(this), this);
this.setStartElement(securityTokenReference.getXmlEvents().getLast().asStartElement().getName());
Iterator<XMLEvent> xmlEventIterator = securityTokenReference.getXmlEvents().descendingIterator();
while (xmlEventIterator.hasNext()) {
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java Fri Mar 2 16:33:09 2012
@@ -19,6 +19,7 @@
package org.swssf.wss.securityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import javax.xml.namespace.QName;
import java.util.LinkedList;
@@ -33,13 +34,13 @@ public class ContentEncryptedElementSecu
private List<QName> pathElements; //parent element
private boolean encrypted;
private SecurityToken securityToken;
- private boolean signedContent;
+ private List<XMLSecurityConstants.ContentType> protectionOrder;
- public ContentEncryptedElementSecurityEvent(SecurityToken securityToken, boolean encrypted, boolean signedContent) {
+ public ContentEncryptedElementSecurityEvent(SecurityToken securityToken, boolean encrypted, List<XMLSecurityConstants.ContentType> protectionOrder) {
super(Event.ContentEncrypted);
this.securityToken = securityToken;
this.encrypted = encrypted;
- this.signedContent = signedContent;
+ this.protectionOrder = protectionOrder;
}
public List<QName> getElementPath() {
@@ -66,11 +67,11 @@ public class ContentEncryptedElementSecu
this.securityToken = securityToken;
}
- public boolean isSignedContent() {
- return signedContent;
+ public List<XMLSecurityConstants.ContentType> getProtectionOrder() {
+ return protectionOrder;
}
- public void setSignedContent(boolean signedContent) {
- this.signedContent = signedContent;
+ public void setProtectionOrder(List<XMLSecurityConstants.ContentType> protectionOrder) {
+ this.protectionOrder = protectionOrder;
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java Fri Mar 2 16:33:09 2012
@@ -19,6 +19,7 @@
package org.swssf.wss.securityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import javax.xml.namespace.QName;
import java.util.LinkedList;
@@ -33,13 +34,13 @@ public class EncryptedElementSecurityEve
private List<QName> elementPath;
private boolean encrypted;
private SecurityToken securityToken;
- private boolean signedContent;
+ private List<XMLSecurityConstants.ContentType> protectionOrder;
- public EncryptedElementSecurityEvent(SecurityToken securityToken, boolean encrypted, boolean signedContent) {
+ public EncryptedElementSecurityEvent(SecurityToken securityToken, boolean encrypted, List<XMLSecurityConstants.ContentType> protectionOrder) {
super(Event.EncryptedElement);
this.securityToken = securityToken;
this.encrypted = encrypted;
- this.signedContent = signedContent;
+ this.protectionOrder = protectionOrder;
}
public List<QName> getElementPath() {
@@ -66,11 +67,11 @@ public class EncryptedElementSecurityEve
this.securityToken = securityToken;
}
- public boolean isSignedContent() {
- return signedContent;
+ public List<XMLSecurityConstants.ContentType> getProtectionOrder() {
+ return protectionOrder;
}
- public void setSignedContent(boolean signedContent) {
- this.signedContent = signedContent;
+ public void setProtectionOrder(List<XMLSecurityConstants.ContentType> protectionOrder) {
+ this.protectionOrder = protectionOrder;
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java Fri Mar 2 16:33:09 2012
@@ -19,6 +19,7 @@
package org.swssf.wss.securityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import javax.xml.namespace.QName;
import java.util.LinkedList;
@@ -33,13 +34,13 @@ public class EncryptedPartSecurityEvent
private List<QName> elementPath;
private boolean encrypted;
private SecurityToken securityToken;
- private boolean signedContent;
+ private List<XMLSecurityConstants.ContentType> protectionOrder;
- public EncryptedPartSecurityEvent(SecurityToken securityToken, boolean encrypted, boolean signedContent) {
+ public EncryptedPartSecurityEvent(SecurityToken securityToken, boolean encrypted, List<XMLSecurityConstants.ContentType> protectionOrder) {
super(Event.EncryptedPart);
this.securityToken = securityToken;
this.encrypted = encrypted;
- this.signedContent = signedContent;
+ this.protectionOrder = protectionOrder;
}
public List<QName> getElementPath() {
@@ -66,11 +67,11 @@ public class EncryptedPartSecurityEvent
this.securityToken = securityToken;
}
- public boolean isSignedContent() {
- return signedContent;
+ public List<XMLSecurityConstants.ContentType> getProtectionOrder() {
+ return protectionOrder;
}
- public void setSignedContent(boolean signedContent) {
- this.signedContent = signedContent;
+ public void setProtectionOrder(List<XMLSecurityConstants.ContentType> protectionOrder) {
+ this.protectionOrder = protectionOrder;
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedElementSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedElementSecurityEvent.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedElementSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedElementSecurityEvent.java Fri Mar 2 16:33:09 2012
@@ -19,6 +19,7 @@
package org.swssf.wss.securityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import javax.xml.namespace.QName;
import java.util.LinkedList;
@@ -31,13 +32,15 @@ import java.util.List;
public class SignedElementSecurityEvent extends SecurityEvent {
private List<QName> elementPath;
- private SecurityToken securityToken;
private boolean signed;
+ private SecurityToken securityToken;
+ private List<XMLSecurityConstants.ContentType> protectionOrder;
- public SignedElementSecurityEvent(SecurityToken securityToken, boolean signed) {
+ public SignedElementSecurityEvent(SecurityToken securityToken, boolean signed, List<XMLSecurityConstants.ContentType> protectionOrder) {
super(Event.SignedElement);
- this.securityToken = securityToken;
this.signed = signed;
+ this.securityToken = securityToken;
+ this.protectionOrder = protectionOrder;
}
public List<QName> getElementPath() {
@@ -63,4 +66,12 @@ public class SignedElementSecurityEvent
public void setSigned(boolean signed) {
this.signed = signed;
}
+
+ public List<XMLSecurityConstants.ContentType> getProtectionOrder() {
+ return protectionOrder;
+ }
+
+ public void setProtectionOrder(List<XMLSecurityConstants.ContentType> protectionOrder) {
+ this.protectionOrder = protectionOrder;
+ }
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedPartSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedPartSecurityEvent.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedPartSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedPartSecurityEvent.java Fri Mar 2 16:33:09 2012
@@ -19,6 +19,7 @@
package org.swssf.wss.securityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import javax.xml.namespace.QName;
import java.util.LinkedList;
@@ -33,11 +34,13 @@ public class SignedPartSecurityEvent ext
private List<QName> elementPath;
private boolean signed;
private SecurityToken securityToken;
+ private List<XMLSecurityConstants.ContentType> protectionOrder;
- public SignedPartSecurityEvent(SecurityToken securityToken, boolean signed) {
+ public SignedPartSecurityEvent(SecurityToken securityToken, boolean signed, List<XMLSecurityConstants.ContentType> protectionOrder) {
super(Event.SignedPart);
- this.securityToken = securityToken;
this.signed = signed;
+ this.securityToken = securityToken;
+ this.protectionOrder = protectionOrder;
}
public List<QName> getElementPath() {
@@ -48,6 +51,14 @@ public class SignedPartSecurityEvent ext
this.elementPath = new LinkedList<QName>(elementPath);
}
+ public List<XMLSecurityConstants.ContentType> getProtectionOrder() {
+ return protectionOrder;
+ }
+
+ public void setProtectionOrder(List<XMLSecurityConstants.ContentType> protectionOrder) {
+ this.protectionOrder = protectionOrder;
+ }
+
public boolean isSigned() {
return signed;
}
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java Fri Mar 2 16:33:09 2012
@@ -19,8 +19,8 @@
package org.swssf.xmlsec.ext;
import javax.xml.namespace.QName;
-import java.util.Deque;
import java.util.List;
+import java.util.Map;
/**
* This class holds per document, context informations
@@ -33,26 +33,26 @@ public interface DocumentContext {
/**
* @return The Encoding of the Document
*/
- public String getEncoding();
+ String getEncoding();
/**
* Adds a Element to the path
*
* @param qName The QName of the path element
*/
- public void addPathElement(QName qName);
+ void addPathElement(QName qName);
/**
* Removes a element from the path
*
* @return the removed element
*/
- public QName removePathElement();
+ QName removePathElement();
/**
* @return The actual path in the xml
*/
- public List<QName> getPath();
+ List<QName> getPath();
/**
* Returns the parent element of the actual eventtype
@@ -60,43 +60,44 @@ public interface DocumentContext {
* @param eventType current event type
* @return the name of the parent element
*/
- public List<QName> getParentElementPath(int eventType);
+ List<QName> getParentElementPath(int eventType);
/**
* @return The current level in the document
*/
- public int getDocumentLevel();
+ int getDocumentLevel();
/**
* Indicates if we currently stay in an encrypted content
*/
- public void setIsInEncryptedContent();
+ void setIsInEncryptedContent(int index, Object object);
/**
* unset when we leave the encrypted content
*/
- public void unsetIsInEncryptedContent();
+ void unsetIsInEncryptedContent(Object object);
/**
* @return true if we currently stay in encrypted content
*/
- public boolean isInEncryptedContent();
+ boolean isInEncryptedContent();
/**
* Indicates if we currently stay in a signed content
*/
- public void setIsInSignedContent();
+ void setIsInSignedContent(int index, Object object);
/**
* unset when we leave the signed content
*/
- public void unsetIsInSignedContent();
+ void unsetIsInSignedContent(Object object);
/**
* @return true if we currently stay in signed content
*/
- public boolean isInSignedContent();
+ boolean isInSignedContent();
+ List<XMLSecurityConstants.ContentType> getProtectionOrder();
- public Deque<XMLSecurityConstants.ContentType> getContentTypeDeque();
+ Map<Integer, XMLSecurityConstants.ContentType> getContentTypeMap();
}
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java Fri Mar 2 16:33:09 2012
@@ -22,10 +22,7 @@ import org.swssf.xmlsec.ext.DocumentCont
import org.swssf.xmlsec.ext.XMLSecurityConstants;
import javax.xml.namespace.QName;
-import java.util.Collections;
-import java.util.Deque;
-import java.util.LinkedList;
-import java.util.List;
+import java.util.*;
/**
* A concrete DocumentContext Implementation
@@ -35,9 +32,10 @@ import java.util.List;
*/
public class DocumentContextImpl implements DocumentContext, Cloneable {
- private static final QName nullElement = new QName("", "");
private List<QName> path = new LinkedList<QName>();
private String encoding;
+ private Map<Integer, XMLSecurityConstants.ContentType> contentTypeMap = new TreeMap<Integer, XMLSecurityConstants.ContentType>();
+ private Map<Object, Integer> processorToIndexMap = new HashMap<Object, Integer>();
public String getEncoding() {
return encoding;
@@ -75,53 +73,55 @@ public class DocumentContextImpl impleme
return this.path.size();
}
- Deque<XMLSecurityConstants.ContentType> contentTypeDeque = new LinkedList<XMLSecurityConstants.ContentType>();
-
- public synchronized void setIsInEncryptedContent() {
- contentTypeDeque.push(XMLSecurityConstants.ContentType.ENCRYPTION);
+ public synchronized void setIsInEncryptedContent(int index, Object key) {
+ contentTypeMap.put(index, XMLSecurityConstants.ContentType.ENCRYPTION);
+ processorToIndexMap.put(key, index);
}
- public synchronized void unsetIsInEncryptedContent() {
- if (!contentTypeDeque.isEmpty()) {
- contentTypeDeque.pop();
- }
+ public synchronized void unsetIsInEncryptedContent(Object key) {
+ Integer index = processorToIndexMap.remove(key);
+ contentTypeMap.remove(index);
}
public boolean isInEncryptedContent() {
- return contentTypeDeque.contains(XMLSecurityConstants.ContentType.ENCRYPTION);
+ return contentTypeMap.containsValue(XMLSecurityConstants.ContentType.ENCRYPTION);
}
- public synchronized void setIsInSignedContent() {
- contentTypeDeque.push(XMLSecurityConstants.ContentType.SIGNATURE);
+ public synchronized void setIsInSignedContent(int index, Object key) {
+ contentTypeMap.put(index, XMLSecurityConstants.ContentType.SIGNATURE);
+ processorToIndexMap.put(key, index);
}
- public synchronized void unsetIsInSignedContent() {
- if (!contentTypeDeque.isEmpty()) {
- contentTypeDeque.pop();
- }
+ public synchronized void unsetIsInSignedContent(Object key) {
+ Integer index = processorToIndexMap.remove(key);
+ contentTypeMap.remove(index);
}
public boolean isInSignedContent() {
- return contentTypeDeque.contains(XMLSecurityConstants.ContentType.SIGNATURE);
+ return contentTypeMap.containsValue(XMLSecurityConstants.ContentType.SIGNATURE);
+ }
+
+ @Override
+ public List<XMLSecurityConstants.ContentType> getProtectionOrder() {
+ return new LinkedList<XMLSecurityConstants.ContentType>(contentTypeMap.values());
}
- public Deque<XMLSecurityConstants.ContentType> getContentTypeDeque() {
- return contentTypeDeque;
+ public Map<Integer, XMLSecurityConstants.ContentType> getContentTypeMap() {
+ return Collections.unmodifiableMap(contentTypeMap);
}
- protected void setContentTypeDeque(Deque<XMLSecurityConstants.ContentType> contentTypeDeque) {
- this.contentTypeDeque.addAll(contentTypeDeque);
+ protected void setContentTypeMap(Map<Integer, XMLSecurityConstants.ContentType> contentTypeMap) {
+ this.contentTypeMap.putAll(contentTypeMap);
}
@Override
protected DocumentContextImpl clone() throws CloneNotSupportedException {
- super.clone();
DocumentContextImpl documentContext = new DocumentContextImpl();
List<QName> subPath = new LinkedList<QName>();
subPath.addAll(this.path);
documentContext.setEncoding(this.encoding);
documentContext.setPath(subPath);
- documentContext.setContentTypeDeque(getContentTypeDeque());
+ documentContext.setContentTypeMap(getContentTypeMap());
return documentContext;
}
}
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java Fri Mar 2 16:33:09 2012
@@ -174,7 +174,6 @@ public abstract class AbstractDecryptInp
}
processedReferences.add(referenceType);
- inputProcessorChain.getDocumentContext().setIsInEncryptedContent();
//the following logic reads the encryptedData structure and doesn't pass them further
//through the chain
@@ -271,6 +270,8 @@ public abstract class AbstractDecryptInp
//add the new created EventReader processor to the chain.
inputProcessorChain.addProcessor(decryptedEventReaderInputProcessor);
+ inputProcessorChain.getDocumentContext().setIsInEncryptedContent(inputProcessorChain.getProcessors().indexOf(decryptedEventReaderInputProcessor), decryptedEventReaderInputProcessor);
+
//when an exception in the decryption thread occurs, we want to forward them:
receiverThread.setUncaughtExceptionHandler(decryptedEventReaderInputProcessor);
@@ -381,11 +382,11 @@ public abstract class AbstractDecryptInp
XMLSecurityProperties securityProperties, SecurePart.Modifier encryptionModifier,
boolean encryptedHeader, List<ComparableNamespace>[] namespaceList,
List<ComparableAttribute>[] attributeList,
- AbstractDecryptInputProcessor decryptInputProcessor,
+ AbstractDecryptInputProcessor abstractDecryptInputProcessor,
SecurityToken securityToken
) {
super(securityProperties);
- getAfterProcessors().add(decryptInputProcessor);
+ getAfterProcessors().add(abstractDecryptInputProcessor);
this.encryptionModifier = encryptionModifier;
rootElementProcessed = encryptionModifier != SecurePart.Modifier.Element;
this.encryptedHeader = encryptedHeader;
@@ -460,7 +461,7 @@ public abstract class AbstractDecryptInp
}
while (!(endEvent.isEndElement() && endEvent.asEndElement().getName().equals(endElement)));
- inputProcessorChain.getDocumentContext().unsetIsInEncryptedContent();
+ inputProcessorChain.getDocumentContext().unsetIsInEncryptedContent(this);
//...fetch the next (unencrypted) event
if (headerEvent) {
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java Fri Mar 2 16:33:09 2012
@@ -97,7 +97,8 @@ public abstract class AbstractSignatureR
inputProcessorChain.addProcessor(internalSignatureReferenceVerifier);
}
processedReferences.add(referenceType);
- inputProcessorChain.getDocumentContext().setIsInSignedContent();
+ inputProcessorChain.getDocumentContext().setIsInSignedContent(
+ inputProcessorChain.getProcessors().indexOf(internalSignatureReferenceVerifier), internalSignatureReferenceVerifier);
}
}
return xmlEvent;
@@ -132,7 +133,6 @@ public abstract class AbstractSignatureR
public class InternalSignatureReferenceVerifier extends AbstractInputProcessor {
private ReferenceType referenceType;
-
private Transformer transformer;
private DigestOutputStream digestOutputStream;
private OutputStream bufferedDigestOutputStream;
@@ -140,7 +140,10 @@ public abstract class AbstractSignatureR
private int elementCounter = 0;
private boolean finished = false;
- public InternalSignatureReferenceVerifier(XMLSecurityProperties securityProperties, InputProcessorChain inputProcessorChain, ReferenceType referenceType, QName startElement) throws XMLSecurityException {
+ public InternalSignatureReferenceVerifier(
+ XMLSecurityProperties securityProperties, InputProcessorChain inputProcessorChain,
+ ReferenceType referenceType, QName startElement) throws XMLSecurityException {
+
super(securityProperties);
this.setStartElement(startElement);
this.setReferenceType(referenceType);
@@ -221,7 +224,7 @@ public abstract class AbstractSignatureR
throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, "digestVerificationFailed", getReferenceType().getURI());
}
inputProcessorChain.removeProcessor(this);
- inputProcessorChain.getDocumentContext().unsetIsInSignedContent();
+ inputProcessorChain.getDocumentContext().unsetIsInSignedContent(this);
setFinished(true);
}
}