You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2013/04/30 16:24:45 UTC
svn commit: r1477656 - in /cxf/branches/2.7.x-fixes:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/
services/sts/systests/basic/src/test/java/org/apache/c...
Author: dkulp
Date: Tue Apr 30 14:24:45 2013
New Revision: 1477656
URL: http://svn.apache.org/r1477656
Log:
Merged revisions 1477356 via git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1477356 | dkulp | 2013-04-29 17:32:10 -0400 (Mon, 29 Apr 2013) | 2 lines
[CXF-4977] Record the security context with the SCT token to be able to restore it during the real invokations
........
Modified:
cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java (original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java Tue Apr 30 14:24:45 2013
@@ -33,6 +33,7 @@ import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
+import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.service.Service;
import org.apache.cxf.service.invoker.Invoker;
import org.apache.cxf.service.model.BindingOperationInfo;
@@ -264,13 +265,20 @@ final class NegotiationUtils {
(SecurityContextToken)wser.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getIdentifier());
- byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
- if (secret != null) {
- SecurityToken token = new SecurityToken(tok.getIdentifier());
- token.setToken(tok.getElement());
- token.setSecret(secret);
- token.setTokenType(tok.getTokenType());
- getTokenStore(message).add(token);
+ SecurityToken token = getTokenStore(message).getToken(tok.getIdentifier());
+ if (token == null) {
+ byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
+ if (secret != null) {
+ token = new SecurityToken(tok.getIdentifier());
+ token.setToken(tok.getElement());
+ token.setSecret(secret);
+ token.setTokenType(tok.getTokenType());
+ getTokenStore(message).add(token);
+ }
+ }
+ final SecurityContext sc = token.getSecurityContext();
+ if (sc != null) {
+ message.put(SecurityContext.class, sc);
}
return true;
}
Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java (original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java Tue Apr 30 14:24:45 2013
@@ -35,6 +35,7 @@ import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
+import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.staxutils.W3CDOMStreamWriter;
import org.apache.cxf.ws.addressing.AddressingProperties;
import org.apache.cxf.ws.addressing.JAXWSAConstants;
@@ -274,9 +275,16 @@ class SecureConversationInInterceptor ex
byte[] secret = writeProofToken(prefix, namespace, writer, clientEntropy, keySize);
token.setSecret(secret);
+
+ SecurityContext sc = exchange.getInMessage().get(SecurityContext.class);
+ if (sc != null) {
+ token.setSecurityContext(sc);
+ }
+
((TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
.getProperty(TokenStore.class.getName())).add(token);
+
writer.writeEndElement();
if (STSUtils.WST_NS_05_12.equals(namespace)) {
writer.writeEndElement();
Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java (original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java Tue Apr 30 14:24:45 2013
@@ -30,6 +30,7 @@ import java.util.Properties;
import org.w3c.dom.Element;
import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.staxutils.W3CDOMStreamWriter;
import org.apache.ws.security.WSConstants;
@@ -134,6 +135,10 @@ public class SecurityToken implements Se
* The principal of this SecurityToken
*/
private transient Principal principal;
+ /**
+ * The SecurityContext originally associated with this token
+ */
+ private transient SecurityContext securityContext;
public SecurityToken() {
@@ -489,4 +494,20 @@ public class SecurityToken implements Se
return principal;
}
+ /**
+ * Set the SecurityContext associated with this SecurityToken
+ * @param securityContext the SecurityContext associated with this SecurityToken
+ */
+ public void setSecurityContext(SecurityContext securityContext) {
+ this.securityContext = securityContext;
+ }
+
+ /**
+ * Get the SecurityContext associated with this SecurityToken
+ * @return the SecurityContext associated with this SecurityToken
+ */
+ public SecurityContext getSecurityContext() {
+ return securityContext;
+ }
+
}
Modified: cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java (original)
+++ cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java Tue Apr 30 14:24:45 2013
@@ -159,7 +159,6 @@ public class SymmetricBindingTest extend
}
@org.junit.Test
- @org.junit.Ignore
public void testUsernameTokenSAML2SecureConversation() throws Exception {
SpringBusFactory bf = new SpringBusFactory();