You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by sh...@apache.org on 2010/12/21 14:06:19 UTC
svn commit: r1051483 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/policy/
rampart-core/src/main/java/org/apache/rampart/util/
rampart-policy/src/main/java/org/apache/ws/secpolicy/model/
rampart-policy/src/m...
Author: shankar
Date: Tue Dec 21 13:06:19 2010
New Revision: 1051483
URL: http://svn.apache.org/viewvc?rev=1051483&view=rev
Log:
Applying patch from RAMPART-119
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java
axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SignedPartsBuilder.java
axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SignedPartsBuilder.java
Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java?rev=1051483&r1=1051482&r2=1051483&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java Tue Dec 21 13:06:19 2010
@@ -233,6 +233,7 @@ public class RampartPolicyBuilder {
if (sep.isSignedParts()) {
rpd.setSignBody(sep.isBody());
rpd.setSignAttachments(sep.isAttachments());
+ rpd.setSignAllHeaders(sep.isSignAllHeaders());
rpd.setSignBodyOptional(sep.isOptional());
rpd.setSignAttachmentsOptional(sep.isOptional());
while (it.hasNext()) {
Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java?rev=1051483&r1=1051482&r2=1051483&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java Tue Dec 21 13:06:19 2010
@@ -107,6 +107,8 @@ public class RampartPolicyData {
private boolean encryptAttachmentsOptional;
+ private boolean signAllHeaders;
+
private Vector signedParts = new Vector();
private Vector signedElements = new Vector();
@@ -926,6 +928,14 @@ public class RampartPolicyData {
public MTOMAssertion getMTOMAssertion(){
return mtomAssertion;
}
+
+ public boolean isSignAllHeaders() {
+ return signAllHeaders;
+ }
+
+ public void setSignAllHeaders(boolean signAllHeaders) {
+ this.signAllHeaders = signAllHeaders;
+ }
public boolean isMTOMSerialize(){
if(mtomAssertion == null){
Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?rev=1051483&r1=1051482&r2=1051483&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java Tue Dec 21 13:06:19 2010
@@ -881,6 +881,19 @@ public class RampartUtil {
public static Vector getSignedParts(RampartMessageData rmd) {
RampartPolicyData rpd = rmd.getPolicyData();
SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
+
+ //"signAllHeaders" indicates that all the headers should be signed.
+ if (rpd.isSignAllHeaders()) {
+ Iterator childHeaders = envelope.getHeader().getChildElements();
+ while (childHeaders.hasNext()) {
+ OMElement hb = (OMElement) childHeaders.next();
+ if (!(hb.getLocalName().equals(WSConstants.WSSE_LN)
+ && hb.getNamespace().getNamespaceURI().equals(WSConstants.WSSE_NS))) {
+ rpd.addSignedPart(hb.getNamespace().getNamespaceURI(),hb.getLocalName());
+ }
+ }
+ }
+
return getPartsAndElements(true, envelope, rpd.isSignBody()
&& !rpd.isSignBodyOptional(), rpd.getSignedParts(), rpd
.getSignedElements(), rpd.getDeclaredNamespaces());
Modified: axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java?rev=1051483&r1=1051482&r2=1051483&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java Tue Dec 21 13:06:19 2010
@@ -37,6 +37,16 @@ public class SignedEncryptedParts extend
private ArrayList headers = new ArrayList();
private boolean signedParts;
+
+ private boolean signAllHeaders;
+
+ public boolean isSignAllHeaders() {
+ return signAllHeaders;
+ }
+
+ public void setSignAllHeaders(boolean signAllHeaders) {
+ this.signAllHeaders = signAllHeaders;
+ }
public SignedEncryptedParts(boolean signedParts, int version) {
this.signedParts = signedParts;
Modified: axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SignedPartsBuilder.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SignedPartsBuilder.java?rev=1051483&r1=1051482&r2=1051483&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SignedPartsBuilder.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SignedPartsBuilder.java Tue Dec 21 13:06:19 2010
@@ -42,7 +42,13 @@ public class SignedPartsBuilder implemen
for (Iterator iterator = element.getChildElements(); iterator.hasNext();) {
processElement((OMElement) iterator.next(), signedEncryptedParts);
}
-
+
+ // Presense of <sp:SignedParts/> enforces the requirement for sign body and all the header blocks
+ if(!element.getChildren().hasNext()){
+ signedEncryptedParts.setBody(true);
+ signedEncryptedParts.setSignAllHeaders(true);
+ }
+
return signedEncryptedParts;
}
Modified: axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SignedPartsBuilder.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SignedPartsBuilder.java?rev=1051483&r1=1051482&r2=1051483&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SignedPartsBuilder.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SignedPartsBuilder.java Tue Dec 21 13:06:19 2010
@@ -44,6 +44,12 @@ public class SignedPartsBuilder implemen
signedEncryptedParts.setOptional((new Boolean(isOptional.getAttributeValue())
.booleanValue()));
}
+
+ //presense of <sp:SignedParts/> enforces the requirement for sign body and all the header blocks
+ if(!element.getChildren().hasNext()){
+ signedEncryptedParts.setBody(true);
+ signedEncryptedParts.setSignAllHeaders(true);
+ }
return signedEncryptedParts;
}