You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2013/10/10 14:49:10 UTC
svn commit: r1530948 -
/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java
Author: coheigea
Date: Thu Oct 10 12:49:10 2013
New Revision: 1530948
URL: http://svn.apache.org/r1530948
Log:
Minor change to derived key referencing
Modified:
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java?rev=1530948&r1=1530947&r2=1530948&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java Thu Oct 10 12:49:10 2013
@@ -41,6 +41,7 @@ import org.apache.xml.security.stax.secu
import javax.crypto.spec.SecretKeySpec;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
+
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.cert.X509Certificate;
@@ -264,7 +265,9 @@ public class DerivedKeyTokenOutputProces
} else if (derivedKeyTokenReference == WSSConstants.DerivedKeyTokenReference.EncryptedKey
|| WSSecurityTokenConstants.KeyIdentifier_EncryptedKeySha1Identifier.equals(keyIdentifier)) {
attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_WSS_ENC_KEY_VALUE_TYPE));
- }
+ } else if (WSSecurityTokenConstants.KerberosToken.equals(securityToken.getTokenType())) {
+ attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_GSS_Kerberos5_AP_REQ));
+ }
createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, false, attributes);
X509Certificate[] x509Certificates = securityToken.getKeyWrappingToken().getX509Certificates();
@@ -279,11 +282,16 @@ public class DerivedKeyTokenOutputProces
WSSUtils.createX509SubjectKeyIdentifierStructure(this, outputProcessorChain, x509Certificates);
} else if (WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier.equals(keyIdentifier)) {
WSSUtils.createX509KeyIdentifierStructure(this, outputProcessorChain, x509Certificates);
+ } else if (WSSecurityTokenConstants.KeyIdentifier_KerberosSha1Identifier.equals(keyIdentifier)) {
+ String identifier = securityToken.getSha1Identifier();
+ WSSUtils.createKerberosSha1IdentifierStructure(this, outputProcessorChain, identifier);
} else if (WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier.equals(keyIdentifier)) {
WSSUtils.createThumbprintKeyIdentifierStructure(this, outputProcessorChain, x509Certificates);
} else if (WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference.equals(keyIdentifier)) {
String valueType;
- if (useSingleCertificate) {
+ if (WSSecurityTokenConstants.KerberosToken.equals(securityToken.getTokenType())) {
+ valueType = WSSConstants.NS_GSS_Kerberos5_AP_REQ;
+ } else if (useSingleCertificate) {
valueType = WSSConstants.NS_X509_V3_TYPE;
} else {
valueType = WSSConstants.NS_X509PKIPathv1;