You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/12/13 13:34:22 UTC
svn commit: r1550710 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/
Author: coheigea
Date: Fri Dec 13 12:34:22 2013
New Revision: 1550710
URL: http://svn.apache.org/r1550710
Log:
Fixed a failing streaming WS-Security test
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1550710&r1=1550709&r2=1550710&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java Fri Dec 13 12:34:22 2013
@@ -375,8 +375,7 @@ public abstract class AbstractStaxBindin
return new SecurePart(qname, Modifier.Element);
} else if (isRequestor()) {
// An Encrypted Token...just include it as is
- WSSConstants.Action actionToPerform = WSSConstants.CUSTOM_TOKEN;
- properties.addAction(actionToPerform);
+ properties.addAction(WSSConstants.CUSTOM_TOKEN);
}
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1550710&r1=1550709&r2=1550710&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java Fri Dec 13 12:34:22 2013
@@ -119,12 +119,17 @@ public class StaxAsymmetricBindingHandle
if (initiatorWrapper == null) {
initiatorWrapper = abinding.getInitiatorToken();
}
+ boolean customTokenAdded = false;
if (initiatorWrapper != null) {
assertTokenWrapper(initiatorWrapper);
AbstractToken initiatorToken = initiatorWrapper.getToken();
if (initiatorToken instanceof IssuedToken) {
SecurityToken sigTok = getSecurityToken();
addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
+
+ if (getProperties().getActions().contains(WSSConstants.CUSTOM_TOKEN)) {
+ customTokenAdded = true;
+ }
if (sigTok != null) {
storeSecurityToken(sigTok);
outboundTokens.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
@@ -218,6 +223,11 @@ public class StaxAsymmetricBindingHandle
}
doEncryption(encToken, enc, false);
+ // Reshuffle so that a IssuedToken is above a Signature that references it
+ if (customTokenAdded) {
+ properties.getActions().remove(WSSConstants.CUSTOM_TOKEN);
+ properties.getActions().add(WSSConstants.CUSTOM_TOKEN);
+ }
} catch (Exception e) {
String reason = e.getMessage();
LOG.log(Level.WARNING, "Sign before encryption failed due to : " + reason);
@@ -249,12 +259,18 @@ public class StaxAsymmetricBindingHandle
initiatorWrapper = abinding.getInitiatorToken();
}
+ boolean customTokenAdded = false;
if (initiatorWrapper != null) {
assertTokenWrapper(initiatorWrapper);
AbstractToken initiatorToken = initiatorWrapper.getToken();
if (initiatorToken instanceof IssuedToken) {
SecurityToken sigTok = getSecurityToken();
addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
+
+ if (getProperties().getActions().contains(WSSConstants.CUSTOM_TOKEN)) {
+ customTokenAdded = true;
+ }
+
if (sigTok != null) {
storeSecurityToken(sigTok);
outboundTokens.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
@@ -330,6 +346,12 @@ public class StaxAsymmetricBindingHandle
}
}
}
+
+ // Reshuffle so that a IssuedToken is above a Signature that references it
+ if (customTokenAdded) {
+ getProperties().getActions().remove(WSSConstants.CUSTOM_TOKEN);
+ getProperties().getActions().add(WSSConstants.CUSTOM_TOKEN);
+ }
} catch (Exception e) {
String reason = e.getMessage();
LOG.log(Level.WARNING, "Encrypt before signing failed due to : " + reason);
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1550710&r1=1550709&r2=1550710&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java Fri Dec 13 12:34:22 2013
@@ -158,6 +158,7 @@ public class StaxSymmetricBindingHandler
String tokenId = null;
SecurityToken tok = null;
+ boolean customTokenAdded = false;
if (encryptionToken instanceof KerberosToken) {
tok = getSecurityToken();
if (MessageUtils.isRequestor(message)) {
@@ -166,6 +167,11 @@ public class StaxSymmetricBindingHandler
} else if (encryptionToken instanceof IssuedToken) {
tok = getSecurityToken();
addIssuedToken((IssuedToken)encryptionToken, tok, false, true);
+
+ if (getProperties().getActions().contains(WSSConstants.CUSTOM_TOKEN)) {
+ customTokenAdded = true;
+ }
+
if (tok == null && !isRequestor()) {
org.apache.xml.security.stax.securityToken.SecurityToken securityToken =
findInboundSecurityToken(WSSecurityEventConstants.SamlToken);
@@ -179,6 +185,7 @@ public class StaxSymmetricBindingHandler
WSSSecurityProperties properties = getProperties();
WSSConstants.Action actionToPerform = WSSConstants.CUSTOM_TOKEN;
properties.addAction(actionToPerform);
+ customTokenAdded = true;
} else if (tok == null && !isRequestor()) {
org.apache.xml.security.stax.securityToken.SecurityToken securityToken =
findInboundSecurityToken(WSSecurityEventConstants.SecurityContextToken);
@@ -257,7 +264,12 @@ public class StaxSymmetricBindingHandler
addSignatureConfirmation(sigParts);
doSignature(sigAbstractTokenWrapper, sigToken, tok, sigParts);
}
-
+ }
+
+ // Reshuffle so that a IssuedToken is above a Signature that references it
+ if (customTokenAdded) {
+ getProperties().getActions().remove(WSSConstants.CUSTOM_TOKEN);
+ getProperties().getActions().add(WSSConstants.CUSTOM_TOKEN);
}
} catch (RuntimeException ex) {
throw ex;
@@ -274,6 +286,7 @@ public class StaxSymmetricBindingHandler
try {
SecurityToken sigTok = null;
+ boolean customTokenAdded = false;
if (sigToken != null) {
if (sigToken instanceof KerberosToken) {
sigTok = getSecurityToken();
@@ -283,6 +296,11 @@ public class StaxSymmetricBindingHandler
} else if (sigToken instanceof IssuedToken) {
sigTok = getSecurityToken();
addIssuedToken((IssuedToken)sigToken, sigTok, false, true);
+
+ if (getProperties().getActions().contains(WSSConstants.CUSTOM_TOKEN)) {
+ customTokenAdded = true;
+ }
+
if (sigTok == null && !isRequestor()) {
org.apache.xml.security.stax.securityToken.SecurityToken securityToken =
findInboundSecurityToken(WSSecurityEventConstants.SamlToken);
@@ -296,6 +314,7 @@ public class StaxSymmetricBindingHandler
WSSSecurityProperties properties = getProperties();
WSSConstants.Action actionToPerform = WSSConstants.CUSTOM_TOKEN;
properties.addAction(actionToPerform);
+ customTokenAdded = true;
} else if (sigTok == null && !isRequestor()) {
org.apache.xml.security.stax.securityToken.SecurityToken securityToken =
findInboundSecurityToken(WSSecurityEventConstants.SecurityContextToken);
@@ -378,6 +397,12 @@ public class StaxSymmetricBindingHandler
}
AbstractTokenWrapper encrAbstractTokenWrapper = getEncryptionToken();
doEncryption(encrAbstractTokenWrapper, enc, false);
+
+ // Reshuffle so that a IssuedToken is above a Signature that references it
+ if (customTokenAdded) {
+ getProperties().getActions().remove(WSSConstants.CUSTOM_TOKEN);
+ getProperties().getActions().add(WSSConstants.CUSTOM_TOKEN);
+ }
} catch (Exception e) {
throw new Fault(e);
}
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java?rev=1550710&r1=1550709&r2=1550710&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java Fri Dec 13 12:34:22 2013
@@ -211,11 +211,7 @@ public class AsymmetricBindingTest exten
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
stsClient.setUseKeyCertificate(certs[0]);
- // TODO Streaming - The encrypted issued token is placed under the Signature
- // and hence an error is thrown on the receiving side
- if (!test.isStreaming()) {
- doubleIt(asymmetricSaml1EncryptedPort, 40);
- }
+ doubleIt(asymmetricSaml1EncryptedPort, 40);
((java.io.Closeable)asymmetricSaml1EncryptedPort).close();
bus.shutdown(true);