You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/05/12 13:27:19 UTC
svn commit: r1102245 - in /webservices/wss4j/trunk/src:
main/java/org/apache/ws/security/message/WSSecEncrypt.java
main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
test/java/org/apache/ws/security/message/EncryptionPartsTest.java
Author: coheigea
Date: Thu May 12 11:27:19 2011
New Revision: 1102245
URL: http://svn.apache.org/viewvc?rev=1102245&view=rev
Log:
[WSS-284] - Improvements to wsse11:EncryptedHeader support
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java?rev=1102245&r1=1102244&r2=1102245&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java Thu May 12 11:27:19 2011
@@ -38,6 +38,7 @@ import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
@@ -297,7 +298,6 @@ public class WSSecEncrypt extends WSSecE
return doc;
}
-
/**
* Encrypt one or more parts or elements of the message.
*
@@ -319,8 +319,10 @@ public class WSSecEncrypt extends WSSecE
* @return Returns the updated <code>xenc:Reference</code> element
* @throws WSSecurityException
*/
- public Element encryptForRef(Element dataRef, List<WSEncryptionPart> references)
- throws WSSecurityException {
+ public Element encryptForRef(
+ Element dataRef,
+ List<WSEncryptionPart> references
+ ) throws WSSecurityException {
KeyInfo keyInfo = createKeyInfo();
List<String> encDataRefs =
@@ -389,7 +391,6 @@ public class WSSecEncrypt extends WSSecE
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), dataRef);
}
-
/**
* Perform encryption on the SOAP envelope.
* @param doc The document containing the SOAP envelope as document element
@@ -443,7 +444,7 @@ public class WSSecEncrypt extends WSSecE
for (Element elementToEncrypt : elementsToEncrypt) {
String id =
encryptElement(doc, elementToEncrypt, modifier, config, xmlCipher,
- secretKey, keyInfo);
+ secretKey, keyInfo);
encPart.setEncId(id);
encDataRef.add("#" + id);
}
@@ -481,6 +482,7 @@ public class WSSecEncrypt extends WSSecE
String xencEncryptedDataId =
config.getIdAllocator().createId("ED-", elementToEncrypt);
try {
+ String headerId = "";
if (modifier.equals("Header")) {
Element elem =
doc.createElementNS(
@@ -489,22 +491,21 @@ public class WSSecEncrypt extends WSSecE
WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
String wsuPrefix =
WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ headerId = config.getIdAllocator().createId("EH-", elementToEncrypt);
elem.setAttributeNS(
- WSConstants.WSU_NS, wsuPrefix + ":Id",
- config.getIdAllocator().createId("EH-", elementToEncrypt)
+ WSConstants.WSU_NS, wsuPrefix + ":Id", headerId
);
//
// Add the EncryptedHeader node to the element to be encrypted's parent
// (i.e. the SOAP header). Add the element to be encrypted to the Encrypted
// Header node as well
//
- elementToEncrypt.getParentNode().appendChild(elem);
- elementToEncrypt =
- (Element)elementToEncrypt.getParentNode().removeChild(elementToEncrypt);
- elementToEncrypt = (Element)elem.appendChild(elementToEncrypt);
+ Node parent = elementToEncrypt.getParentNode();
+ elementToEncrypt = (Element)parent.replaceChild(elem, elementToEncrypt);
+ elem.appendChild(elementToEncrypt);
NamedNodeMap map = elementToEncrypt.getAttributes();
- for (int i = 0 ; i < map.getLength() ; i++) {
+ for (int i = 0; i < map.getLength(); i++) {
Attr attr = (Attr)map.item(i);
if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
|| attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
@@ -556,16 +557,12 @@ public class WSSecEncrypt extends WSSecE
} else if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customReferenceValue)) {
SecurityTokenReference secToken = new SecurityTokenReference(document);
secToken.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
- secToken.setKeyIdentifier(
- WSConstants.WSS_SAML_KI_VALUE_TYPE, (encKeyIdDirectId ? "":"#") + encKeyId
- );
+ secToken.setKeyIdentifier(WSConstants.WSS_SAML_KI_VALUE_TYPE, encKeyId);
keyInfo.addUnknownElement(secToken.getElement());
} else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customReferenceValue)) {
SecurityTokenReference secToken = new SecurityTokenReference(document);
secToken.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
- secToken.setKeyIdentifier(
- WSConstants.WSS_SAML2_KI_VALUE_TYPE, (encKeyIdDirectId ? "":"#") + encKeyId
- );
+ secToken.setKeyIdentifier(WSConstants.WSS_SAML2_KI_VALUE_TYPE, encKeyId);
keyInfo.addUnknownElement(secToken.getElement());
} else if (securityTokenReference != null) {
Element tmpE = securityTokenReference.getElement();
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java?rev=1102245&r1=1102244&r2=1102245&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java Thu May 12 11:27:19 2011
@@ -243,6 +243,14 @@ public class ReferenceListProcessor impl
WSSecurityException.INVALID_SECURITY, "dataRef", new Object[] {dataRefURI}
);
}
+ if (encryptedDataElement.getLocalName().equals(WSConstants.ENCRYPTED_HEADER)
+ && encryptedDataElement.getNamespaceURI().equals(WSConstants.WSSE11_NS)) {
+ Node child = encryptedDataElement.getFirstChild();
+ while (child != null && child.getNodeType() != Node.ELEMENT_NODE) {
+ child = child.getNextSibling();
+ }
+ return (Element)child;
+ }
return encryptedDataElement;
}
@@ -297,11 +305,11 @@ public class ReferenceListProcessor impl
&& parent.getNamespaceURI().equals(WSConstants.WSSE11_NS)) {
Node decryptedHeader = parent.getFirstChild();
- Element decryptedHeaderClone = (Element)decryptedHeader.cloneNode(true);
- parent.getParentNode().appendChild(decryptedHeaderClone);
- parent.getParentNode().removeChild(parent);
- dataRef.setProtectedElement(decryptedHeaderClone);
- dataRef.setXpath(getXPath(decryptedHeaderClone));
+ Node soapHeader = parent.getParentNode();
+ soapHeader.replaceChild(decryptedHeader, parent);
+
+ dataRef.setProtectedElement((Element)decryptedHeader);
+ dataRef.setXpath(getXPath(decryptedHeader));
} else if (content) {
dataRef.setProtectedElement(encData);
dataRef.setXpath(getXPath(encData));
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java?rev=1102245&r1=1102244&r2=1102245&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java Thu May 12 11:27:19 2011
@@ -51,7 +51,9 @@ public class EncryptionPartsTest extends
private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
"<soapenv:Envelope xmlns:foo=\"urn:foo.bar\" xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" +
" <soapenv:Header>" +
+ " <foo:bar1>baz1</foo:bar1>" +
" <foo:foobar>baz</foo:foobar>" +
+ " <foo:bar2>baz2</foo:bar2>" +
" </soapenv:Header>" +
" <soapenv:Body>" +
" <ns1:testMethod xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\"></ns1:testMethod>" +