You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/06/14 17:46:24 UTC
svn commit: r1493127 - in
/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security:
SecurityConstants.java wss4j/PolicyBasedWSS4JOutInterceptor.java
wss4j/WSS4JInInterceptor.java
Author: coheigea
Date: Fri Jun 14 15:46:24 2013
New Revision: 1493127
URL: http://svn.apache.org/r1493127
Log:
Fixing build
Conflicts:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1493127&r1=1493126&r2=1493127&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Fri Jun 14 15:46:24 2013
@@ -71,6 +71,12 @@ public final class SecurityConstants {
*/
public static final String ENCRYPT_USERNAME = "ws-security.encryption.username";
+ /**
+ * The actor or role name of the wsse:Security header. If this parameter
+ * is omitted, the actor name is not set.
+ */
+ public static final String ACTOR = "ws-security.actor";
+
//
// Callback class and Crypto properties
//
@@ -416,7 +422,15 @@ public final class SecurityConstants {
* c) A CallbackHandler object to use to obtain the token
*/
public static final String STS_TOKEN_ON_BEHALF_OF = "ws-security.sts.token.on-behalf-of";
-
+
+ /**
+ * Set this to "false" in order to remove the SOAP mustUnderstand header from security headers generated based on
+ * a WS-SecurityPolicy.
+ *
+ * The default value is "true" which included the SOAP mustUnderstand header.
+ */
+ public static final String MUST_UNDERSTAND = "ws-security.must-understand";
+
//
// Internal tags
//
@@ -428,7 +442,7 @@ public final class SecurityConstants {
static {
Set<String> s = new HashSet<String>(Arrays.asList(new String[] {
- USERNAME, PASSWORD, SIGNATURE_USERNAME, ENCRYPT_USERNAME,
+ USERNAME, PASSWORD, SIGNATURE_USERNAME, ENCRYPT_USERNAME, ACTOR,
CALLBACK_HANDLER, SAML_CALLBACK_HANDLER, SIGNATURE_PROPERTIES,
SIGNATURE_CRYPTO, ENCRYPT_PROPERTIES, ENCRYPT_CRYPTO,
VALIDATE_TOKEN, ENABLE_REVOCATION, ALWAYS_ENCRYPT_UT, IS_BSP_COMPLIANT,
@@ -443,7 +457,7 @@ public final class SecurityConstants {
STS_TOKEN_DO_CANCEL, CACHE_ISSUED_TOKEN_IN_ENDPOINT,
DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS, STS_TOKEN_CRYPTO,
STS_TOKEN_PROPERTIES, STS_TOKEN_USERNAME, STS_TOKEN_ACT_AS, STS_TOKEN_ON_BEHALF_OF,
- TOKEN, TOKEN_ID
+ TOKEN, TOKEN_ID, MUST_UNDERSTAND
}));
ALL_PROPERTIES = Collections.unmodifiableSet(s);
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java?rev=1493127&r1=1493126&r2=1493127&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java Fri Jun 14 15:46:24 2013
@@ -35,6 +35,7 @@ import org.apache.cxf.binding.soap.saaj.
import org.apache.cxf.common.i18n.Message;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.phase.PhaseInterceptor;
@@ -96,8 +97,11 @@ public class PolicyBasedWSS4JOutIntercep
Collection<AssertionInfo> ais;
SOAPMessage saaj = message.getContent(SOAPMessage.class);
- boolean mustUnderstand = true;
- String actor = null;
+ boolean mustUnderstand =
+ MessageUtils.getContextualBoolean(
+ message, SecurityConstants.MUST_UNDERSTAND, true
+ );
+ String actor = (String)message.getContextualProperty(SecurityConstants.ACTOR);
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1493127&r1=1493126&r2=1493127&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java Fri Jun 14 15:46:24 2013
@@ -236,6 +236,9 @@ public class WSS4JInInterceptor extends
int doAction = WSSecurityUtil.decodeAction(action, actions);
String actor = (String)getOption(WSHandlerConstants.ACTOR);
+ if (actor == null) {
+ actor = (String)msg.getContextualProperty(SecurityConstants.ACTOR);
+ }
reqData.setCallbackHandler(getCallback(reqData, doAction, utWithCallbacks));