You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/08/22 18:24:54 UTC
svn commit: r1160322 - in
/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy:
SP11Constants.java SP12Constants.java SPConstants.java
builders/SpnegoContextTokenBuilder.java model/SpnegoContextToken.java
Author: coheigea
Date: Mon Aug 22 16:24:54 2011
New Revision: 1160322
URL: http://svn.apache.org/viewvc?rev=1160322&view=rev
Log:
[CXF-3635] - Added SPNEGO model + policy builder
Added:
cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SpnegoContextToken.java
Modified:
cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java
cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java?rev=1160322&r1=1160321&r2=1160322&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java (original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java Mon Aug 22 16:24:54 2011
@@ -108,6 +108,9 @@ public final class SP11Constants extends
public static final QName KERBEROS_TOKEN = new QName(SP11Constants.SP_NS,
SPConstants.KERBEROS_TOKEN, SP11Constants.SP_PREFIX);
+ public static final QName SPNEGO_CONTEXT_TOKEN = new QName(SP11Constants.SP_NS,
+ SPConstants.SPNEGO_CONTEXT_TOKEN, SP11Constants.SP_PREFIX);
+
public static final QName WSS_USERNAME_TOKEN10 = new QName(SP11Constants.SP_NS,
SPConstants.USERNAME_TOKEN10 , SP11Constants.SP_PREFIX);
@@ -390,6 +393,9 @@ public final class SP11Constants extends
public QName getKerberosToken() {
return KERBEROS_TOKEN;
}
+ public QName getSpnegoContextToken() {
+ return SPNEGO_CONTEXT_TOKEN;
+ }
public QName getX509Token() {
return X509_TOKEN;
}
Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java?rev=1160322&r1=1160321&r2=1160322&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java (original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java Mon Aug 22 16:24:54 2011
@@ -130,6 +130,9 @@ public final class SP12Constants extends
public static final QName KERBEROS_TOKEN = new QName(SP12Constants.SP_NS,
SPConstants.KERBEROS_TOKEN, SP12Constants.SP_PREFIX);
+ public static final QName SPNEGO_CONTEXT_TOKEN = new QName(SP12Constants.SP_NS,
+ SPConstants.SPNEGO_CONTEXT_TOKEN, SP12Constants.SP_PREFIX);
+
public static final QName KEYVALUE_TOKEN = new QName(SP12Constants.SP_NS,
SPConstants.KEYVALUE_TOKEN ,
SP12Constants.SP_PREFIX);
@@ -452,6 +455,9 @@ public final class SP12Constants extends
public QName getKerberosToken() {
return KERBEROS_TOKEN;
}
+ public QName getSpnegoContextToken() {
+ return SPNEGO_CONTEXT_TOKEN;
+ }
public QName getKeyValueToken() {
return KEYVALUE_TOKEN;
}
Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java?rev=1160322&r1=1160321&r2=1160322&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java (original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java Mon Aug 22 16:24:54 2011
@@ -127,6 +127,8 @@ public abstract class SPConstants {
public static final String SAML_TOKEN = "SamlToken";
public static final String KERBEROS_TOKEN = "KerberosToken";
+
+ public static final String SPNEGO_CONTEXT_TOKEN = "SpnegoContextToken";
public static final String KEYVALUE_TOKEN = "KeyValueToken";
@@ -456,6 +458,7 @@ public abstract class SPConstants {
public abstract QName getUserNameToken();
public abstract QName getSamlToken();
public abstract QName getKerberosToken();
+ public abstract QName getSpnegoContextToken();
public abstract QName getX509Token();
public abstract QName getSupportingTokens();
Added: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java?rev=1160322&view=auto
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java (added)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java Mon Aug 22 16:24:54 2011
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.policy.builders;
+
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.ws.policy.PolicyAssertion;
+import org.apache.cxf.ws.policy.PolicyBuilder;
+import org.apache.cxf.ws.policy.PolicyConstants;
+import org.apache.cxf.ws.security.policy.SP11Constants;
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.model.SpnegoContextToken;
+
+import org.apache.neethi.AssertionBuilderFactory;
+import org.apache.neethi.Constants;
+import org.apache.neethi.builders.AssertionBuilder;
+
+/**
+ *
+ */
+public class SpnegoContextTokenBuilder implements AssertionBuilder<Element> {
+
+ PolicyBuilder builder;
+ public SpnegoContextTokenBuilder(PolicyBuilder b) {
+ builder = b;
+ }
+ public QName[] getKnownElements() {
+ return new QName[]{SP11Constants.SPNEGO_CONTEXT_TOKEN, SP12Constants.SPNEGO_CONTEXT_TOKEN};
+ }
+
+ public PolicyAssertion build(Element element, AssertionBuilderFactory factory)
+ throws IllegalArgumentException {
+ SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
+ ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
+
+ SpnegoContextToken spnegoContextToken = new SpnegoContextToken(consts);
+ spnegoContextToken.setOptional(PolicyConstants.isOptional(element));
+ spnegoContextToken.setIgnorable(PolicyConstants.isIgnorable(element));
+
+ String attribute = DOMUtils.getAttribute(element, consts.getIncludeToken());
+ if (attribute == null) {
+ throw new IllegalArgumentException("SpnegoContextToken doesn't contain "
+ + "any sp:IncludeToken attribute");
+ }
+
+ String inclusionValue = attribute.trim();
+
+ spnegoContextToken.setInclusion(consts.getInclusionFromAttributeValue(inclusionValue));
+
+ Element elem = DOMUtils.getFirstElement(element);
+ while (elem != null) {
+ QName qn = DOMUtils.getElementQName(elem);
+ if (Constants.isPolicyElement(qn)) {
+ if (DOMUtils.getFirstChildWithName(elem, consts.getNamespace(),
+ SPConstants.REQUIRE_DERIVED_KEYS) != null) {
+ spnegoContextToken.setDerivedKeys(true);
+ } else if (DOMUtils.getFirstChildWithName(elem,
+ SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS) != null) {
+ spnegoContextToken.setImpliedDerivedKeys(true);
+ } else if (DOMUtils.getFirstChildWithName(elem,
+ SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS) != null) {
+ spnegoContextToken.setExplicitDerivedKeys(true);
+ }
+ } else if (consts.getNamespace().equals(qn.getNamespaceURI())
+ && SPConstants.ISSUER.equals(qn.getLocalPart())) {
+ spnegoContextToken.setIssuerEpr(DOMUtils.getFirstElement(elem));
+ }
+ elem = DOMUtils.getNextElement(elem);
+ }
+ return spnegoContextToken;
+ }
+
+}
Added: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SpnegoContextToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SpnegoContextToken.java?rev=1160322&view=auto
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SpnegoContextToken.java (added)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SpnegoContextToken.java Mon Aug 22 16:24:54 2011
@@ -0,0 +1,139 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.policy.model;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.staxutils.StaxUtils;
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
+
+/**
+ * Model class for SpnegoContextToken
+ */
+public class SpnegoContextToken extends Token {
+
+ private Element issuerEpr;
+
+ public SpnegoContextToken(SPConstants version) {
+ super(version);
+ }
+
+ public QName getName() {
+ return SP12Constants.INSTANCE.getKerberosToken();
+ }
+
+ /**
+ * @return Returns the issuerEpr.
+ */
+ public Element getIssuerEpr() {
+ return issuerEpr;
+ }
+
+ /**
+ * @param issuerEpr The issuerEpr to set.
+ */
+ public void setIssuerEpr(Element issuerEpr) {
+ this.issuerEpr = issuerEpr;
+ }
+
+
+ public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ QName name = constants.getSpnegoContextToken();
+ String localname = name.getLocalPart();
+ String namespaceURI = name.getNamespaceURI();
+ String prefix;
+
+ String writerPrefix = writer.getPrefix(namespaceURI);
+
+ if (writerPrefix == null) {
+ prefix = name.getPrefix();
+ writer.setPrefix(prefix, namespaceURI);
+ } else {
+ prefix = writerPrefix;
+ }
+
+ // <sp:SpnegoContextToken>
+ writer.writeStartElement(prefix, localname, namespaceURI);
+
+ if (writerPrefix == null) {
+ // xmlns:sp=".."
+ writer.writeNamespace(prefix, namespaceURI);
+ }
+
+ String inclusion;
+
+ inclusion = constants.getAttributeValueFromInclusion(getInclusion());
+
+ if (inclusion != null) {
+ writer.writeAttribute(prefix, namespaceURI, SPConstants.ATTR_INCLUDE_TOKEN, inclusion);
+ }
+
+ if (issuerEpr != null) {
+ // <sp:Issuer>
+ writer.writeStartElement(prefix, SPConstants.ISSUER, namespaceURI);
+
+ StaxUtils.copy(issuerEpr, writer);
+
+ writer.writeEndElement();
+ }
+
+ if (isDerivedKeys()) {
+
+ String wspNamespaceURI = SPConstants.POLICY.getNamespaceURI();
+
+ String wspPrefix;
+
+ String wspWriterPrefix = writer.getPrefix(wspNamespaceURI);
+
+ if (wspWriterPrefix == null) {
+ wspPrefix = SPConstants.POLICY.getPrefix();
+ writer.setPrefix(wspPrefix, wspNamespaceURI);
+
+ } else {
+ wspPrefix = wspWriterPrefix;
+ }
+
+ // <wsp:Policy>
+ writer.writeStartElement(wspPrefix, SPConstants.POLICY.getLocalPart(), wspNamespaceURI);
+
+ if (wspWriterPrefix == null) {
+ // xmlns:wsp=".."
+ writer.writeNamespace(wspPrefix, wspNamespaceURI);
+ }
+
+ if (isDerivedKeys()) {
+ // <sp:RequireDerivedKeys />
+ writer.writeEmptyElement(prefix, SPConstants.REQUIRE_DERIVED_KEYS, namespaceURI);
+ }
+
+ // </wsp:Policy>
+ writer.writeEndElement();
+ }
+
+ // </sp:SpnegoContextToken>
+ writer.writeEndElement();
+ }
+
+
+}