You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by me...@apache.org on 2005/03/09 23:33:46 UTC
cvs commit: ws-fx/wss4j/test/wssec TestWSSecurity10.java
meder 2005/03/09 14:33:46
Modified: wss4j/keys ca.db.index ca.db.serial cert.crt cert.pem
cert.req wss4j.keystore
wss4j/src/org/apache/ws/axis/security/conversation
ConversationServerHandler.java
wss4j/src/org/apache/ws/axis/security/trust/secconv/interop
SAML2SCTRequester.java
wss4j/src/org/apache/ws/security/conversation/message/token
RequestedProofToken.java
wss4j/src/org/apache/ws/security/message WSEncryptBody.java
WSSignEnvelope.java
wss4j/src/org/apache/ws/security/message/token
X509Security.java
wss4j/test/wssec TestWSSecurity10.java
Log:
Minor WS-I BSP compliance fix and regen of expired certs
Revision Changes Path
1.3 +5 -3 ws-fx/wss4j/keys/ca.db.index
Index: ca.db.index
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/keys/ca.db.index,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- ca.db.index 7 Mar 2004 10:34:59 -0000 1.2
+++ ca.db.index 9 Mar 2005 22:33:45 -0000 1.3
@@ -1,3 +1,5 @@
-V 050228105117Z 01 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=werner
-V 050228120029Z 02 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=wernerd
-V 050307093155Z 03 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=wernerdDSA
+E 050228105117Z 01 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=werner
+E 050228120029Z 02 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=wernerd
+E 050307093155Z 03 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=wernerdDSA
+V 060309222536Z 04 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=wernerdDSA
+V 060309223016Z 05 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=wernerd
1.3 +1 -1 ws-fx/wss4j/keys/ca.db.serial
Index: ca.db.serial
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/keys/ca.db.serial,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- ca.db.serial 7 Mar 2004 10:34:59 -0000 1.2
+++ ca.db.serial 9 Mar 2005 22:33:45 -0000 1.3
@@ -1 +1 @@
-04
+06
1.3 +4 -7 ws-fx/wss4j/keys/cert.crt
<<Binary file>>
1.3 +42 -69 ws-fx/wss4j/keys/cert.pem
Index: cert.pem
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/keys/cert.pem,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- cert.pem 7 Mar 2004 10:34:59 -0000 1.2
+++ cert.pem 9 Mar 2005 22:33:45 -0000 1.3
@@ -1,92 +1,65 @@
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 3 (0x3)
+ Serial Number: 5 (0x5)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=DE, ST=Bayern, L=Munich, O=Home, OU=Apache WSS4J, CN=Werner
Validity
- Not Before: Mar 7 09:31:55 2004 GMT
- Not After : Mar 7 09:31:55 2005 GMT
- Subject: C=DE, ST=Bayern, L=Munich, O=Apache, OU=WSS4J, CN=wernerdDSA
+ Not Before: Mar 9 22:30:16 2005 GMT
+ Not After : Mar 9 22:30:16 2006 GMT
+ Subject: C=DE, ST=Bayern, L=Munich, O=Apache, OU=WSS4J, CN=wernerd
Subject Public Key Info:
- Public Key Algorithm: dsaEncryption
- DSA Public Key:
- pub:
- 00:b1:0d:e9:65:0f:68:ec:6c:f0:10:af:c5:1c:42:
- 53:c0:43:0e:ee:66:5b:33:81:53:9f:87:a2:ef:05:
- 0e:1f:38:85:33:7e:9d:4b:d9:ba:ea:21:f4:a2:60:
- 9d:4b:b0:2a:d4:1f:5b:cb:9f:8d:d3:45:46:ef:07:
- 4c:a1:b9:2d:86:df:f0:81:6f:2a:36:37:b5:c3:8f:
- 4e:06:e7:87:06:1c:d6:aa:93:10:d8:d7:9b:57:9d:
- 2b:08:05:f5:8c:1a:fb:d2:64:dd:f4:d3:32:0f:72:
- e6:90:03:da:a5:19:60:54:90:be:d8:d7:58:3b:1d:
- 02:70:61:28:06:dd:c6:f3:45
- P:
- 00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
- e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
- 51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
- c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
- 6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
- 10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
- c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
- 54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
- f2:22:03:19:9d:d1:48:01:c7
- Q:
- 00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
- 84:0b:f0:58:1c:f5
- G:
- 00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
- 57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
- 07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
- 81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
- 32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
- ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
- f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
- a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
- 25:64:01:4c:3b:fe:cf:49:2a
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:c0:d2:bb:d4:e3:25:76:1b:6b:04:01:16:73:c2:
+ 01:5d:4e:af:96:26:69:e1:ea:eb:e1:85:4a:7b:77:
+ d3:1e:bb:69:5a:86:d5:9a:a4:ee:d0:21:e1:46:4d:
+ f5:ff:c6:88:99:34:fd:eb:f9:7f:21:8b:0c:10:06:
+ 9a:2c:c3:e5:4c:54:0e:4a:13:e8:3e:d9:f5:d8:b7:
+ 0c:32:b9:54:b3:70:17:9f:a1:50:bc:bc:6d:b6:f5:
+ ef:81:02:b2:0c:91:84:4b:ab:53:8e:39:3f:b9:8e:
+ a1:60:58:c3:4a:f4:00:04:56:bc:6a:ec:eb:b6:0e:
+ 3b:e4:0d:40:4d:88:b9:a8:27
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- 0A:0E:82:F4:FE:57:60:75:CA:81:4F:78:27:3F:92:78:53:28:FF:88
+ F6:2D:93:05:11:91:92:2F:5C:EC:34:41:71:9C:B0:C0:33:31:60:47
X509v3 Authority Key Identifier:
keyid:D0:C2:5B:D0:A4:D4:EB:05:FD:7C:4C:0E:A7:1E:2F:A0:CA:68:4F:3A
DirName:/C=DE/ST=Bayern/L=Munich/O=Home/OU=Apache WSS4J/CN=Werner
serial:00
Signature Algorithm: md5WithRSAEncryption
- 7a:23:9b:92:0b:95:82:da:5c:f7:e1:7b:1c:76:53:68:17:3d:
- af:ec:22:94:29:a0:56:5b:4a:24:b9:cb:a5:0d:09:f2:60:cc:
- 1d:48:94:ee:b5:48:f4:16:1c:6a:8c:c4:82:66:e6:05:63:54:
- 65:e6:71:de:20:f4:28:06:73:ea:a8:8b:d5:8a:a1:d9:07:98:
- a7:84:00:14:2d:aa:03:92:93:02:49:e5:4c:06:72:1e:cd:df:
- 98:21:f3:a3:fc:eb:86:5d:ea:ec:69:7b:99:a4:cb:d7:9c:e4:
- da:72:fe:f2:0a:d3:d4:96:a1:20:f5:96:c5:d9:81:52:f4:2a:
- 26:31
+ 8e:60:b3:4e:8d:5b:8f:28:b4:81:b6:74:27:fa:29:f3:eb:00:
+ b8:00:dc:46:df:19:72:b6:bb:25:e3:2a:c3:f0:69:e5:a8:18:
+ 72:07:f2:88:6f:a0:a7:e1:71:45:09:d5:a7:cb:05:59:61:54:
+ 5c:51:71:28:61:5e:00:3d:d9:17:93:fd:d1:33:f4:5a:fd:fe:
+ 48:78:77:f6:6a:ff:04:4c:b2:97:c7:3b:25:65:19:53:3d:6c:
+ a1:af:85:58:17:14:06:71:1b:64:1a:c4:7f:b9:66:5a:ef:9d:
+ 6c:cf:a7:5e:b8:7a:19:82:ff:ee:92:b7:eb:aa:86:18:d2:13:
+ 1e:de
-----BEGIN CERTIFICATE-----
-MIIESjCCA7OgAwIBAgIBAzANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEP
+MIIDLTCCApagAwIBAgIBBTANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUx
-FTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyMB4XDTA0MDMw
-NzA5MzE1NVoXDTA1MDMwNzA5MzE1NVowZTELMAkGA1UEBhMCREUxDzANBgNVBAgT
+FTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyMB4XDTA1MDMw
+OTIyMzAxNloXDTA2MDMwOTIyMzAxNlowYjELMAkGA1UEBhMCREUxDzANBgNVBAgT
BkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNV
-BAsTBVdTUzRKMRMwEQYDVQQDEwp3ZXJuZXJkRFNBMIIBuDCCASwGByqGSM44BAEw
-ggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2N
-WPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fn
-xqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUj
-C8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0H
-gmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuz
-pnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7P
-SSoDgYUAAoGBALEN6WUPaOxs8BCvxRxCU8BDDu5mWzOBU5+Hou8FDh84hTN+nUvZ
-uuoh9KJgnUuwKtQfW8ufjdNFRu8HTKG5LYbf8IFvKjY3tcOPTgbnhwYc1qqTENjX
-m1edKwgF9Ywa+9Jk3fTTMg9y5pAD2qUZYFSQvtjXWDsdAnBhKAbdxvNFo4HuMIHr
-MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl
-cnRpZmljYXRlMB0GA1UdDgQWBBQKDoL0/ldgdcqBT3gnP5J4Uyj/iDCBkAYDVR0j
-BIGIMIGFgBTQwlvQpNTrBf18TA6nHi+gymhPOqFqpGgwZjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ0wCwYDVQQKEwRIb21l
-MRUwEwYDVQQLEwxBcGFjaGUgV1NTNEoxDzANBgNVBAMTBldlcm5lcoIBADANBgkq
-hkiG9w0BAQQFAAOBgQB6I5uSC5WC2lz34XscdlNoFz2v7CKUKaBWW0okuculDQny
-YMwdSJTutUj0FhxqjMSCZuYFY1Rl5nHeIPQoBnPqqIvViqHZB5inhAAULaoDkpMC
-SeVMBnIezd+YIfOj/OuGXersaXuZpMvXnOTacv7yCtPUlqEg9ZbF2YFS9ComMQ==
+BAsTBVdTUzRKMRAwDgYDVQQDEwd3ZXJuZXJkMIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDA0rvU4yV2G2sEARZzwgFdTq+WJmnh6uvhhUp7d9Meu2lahtWapO7Q
+IeFGTfX/xoiZNP3r+X8hiwwQBposw+VMVA5KE+g+2fXYtwwyuVSzcBefoVC8vG22
+9e+BArIMkYRLq1OOOT+5jqFgWMNK9AAEVrxq7Ou2DjvkDUBNiLmoJwIDAQABo4Hu
+MIHrMAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVk
+IENlcnRpZmljYXRlMB0GA1UdDgQWBBT2LZMFEZGSL1zsNEFxnLDAMzFgRzCBkAYD
+VR0jBIGIMIGFgBTQwlvQpNTrBf18TA6nHi+gymhPOqFqpGgwZjELMAkGA1UEBhMC
+REUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ0wCwYDVQQKEwRI
+b21lMRUwEwYDVQQLEwxBcGFjaGUgV1NTNEoxDzANBgNVBAMTBldlcm5lcoIBADAN
+BgkqhkiG9w0BAQQFAAOBgQCOYLNOjVuPKLSBtnQn+inz6wC4ANxG3xlytrsl4yrD
+8GnlqBhyB/KIb6Cn4XFFCdWnywVZYVRcUXEoYV4APdkXk/3RM/Ra/f5IeHf2av8E
+TLKXxzslZRlTPWyhr4VYFxQGcRtkGsR/uWZa751sz6deuHoZgv/ukrfrqoYY0hMe
+3g==
-----END CERTIFICATE-----
1.3 +10 -13 ws-fx/wss4j/keys/cert.req
Index: cert.req
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/keys/cert.req,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- cert.req 7 Mar 2004 10:34:59 -0000 1.2
+++ cert.req 9 Mar 2005 22:33:45 -0000 1.3
@@ -1,13 +1,10 @@
------BEGIN NEW CERTIFICATE REQUEST-----
-MIICajCCAigCAQAwZTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVu
-aWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNVBAsTBVdTUzRKMRMwEQYDVQQDEwp3ZXJuZXJkRFNB
-MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZp
-RV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fn
-xqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuE
-C/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJ
-FnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImo
-g9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBALEN6WUPaOxs8BCvxRxCU8BDDu5mWzOBU5+H
-ou8FDh84hTN+nUvZuuoh9KJgnUuwKtQfW8ufjdNFRu8HTKG5LYbf8IFvKjY3tcOPTgbnhwYc1qqT
-ENjXm1edKwgF9Ywa+9Jk3fTTMg9y5pAD2qUZYFSQvtjXWDsdAnBhKAbdxvNFoAAwCwYHKoZIzjgE
-AwUAAy8AMCwCFBzgnPf0vl4OE8Td6IXNPnpEEAH9AhQ0VbVmrH3mYnztGxYIIIirBb57IQ==
------END NEW CERTIFICATE REQUEST-----
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIIBojCCAQsCAQAwYjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVu
+aWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNVBAsTBVdTUzRKMRAwDgYDVQQDEwd3ZXJuZXJkMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA0rvU4yV2G2sEARZzwgFdTq+WJmnh6uvhhUp7d9Me
+u2lahtWapO7QIeFGTfX/xoiZNP3r+X8hiwwQBposw+VMVA5KE+g+2fXYtwwyuVSzcBefoVC8vG22
+9e+BArIMkYRLq1OOOT+5jqFgWMNK9AAEVrxq7Ou2DjvkDUBNiLmoJwIDAQABoAAwDQYJKoZIhvcN
+AQEEBQADgYEAXitF+SOajXdci6L/yhqwh/3e3Vsc4FXIme9qjhAIQlTnDSre+wwsg+Alig5zdOwR
+pbkObjEa2672N6nlebJ3HyRz2R/NqbgR3fn6I/SkrgTTXxpGfrLQ8e7UceDCDCkOeh1uHzkgY8Cu
+AuwXU+nGxeaoAzUl6X8JfKxHs+pmZGE=
+-----END NEW CERTIFICATE REQUEST-----
1.3 +17 -20 ws-fx/wss4j/keys/wss4j.keystore
<<Binary file>>
1.11 +376 -389 ws-fx/wss4j/src/org/apache/ws/axis/security/conversation/ConversationServerHandler.java
Index: ConversationServerHandler.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/axis/security/conversation/ConversationServerHandler.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- ConversationServerHandler.java 16 Oct 2004 07:40:08 -0000 1.10
+++ ConversationServerHandler.java 9 Mar 2005 22:33:45 -0000 1.11
@@ -1,31 +1,22 @@
/*
- * Copyright 2003-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
+* Copyright 2003-2004 The Apache Software Foundation.
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+*/
package org.apache.ws.axis.security.conversation;
-import java.io.ByteArrayOutputStream;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Stack;
-import java.util.Vector;
-
-import javax.xml.soap.SOAPHeader;
-import javax.xml.soap.SOAPHeaderElement;
-
import org.apache.axis.AxisFault;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
@@ -37,79 +28,75 @@
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSSConfig;
-
-import org.apache.ws.security.conversation.ConvEngineResult;
-import org.apache.ws.security.conversation.ConversationConstants;
-import org.apache.ws.security.conversation.ConversationEngine;
-import org.apache.ws.security.conversation.ConversationException;
-import org.apache.ws.security.conversation.ConversationManager;
-import org.apache.ws.security.conversation.ConversationSession;
-import org.apache.ws.security.conversation.ConversationUtil;
-import org.apache.ws.security.conversation.DerivedKeyCallbackHandler;
+import org.apache.ws.security.conversation.*;
import org.apache.ws.security.conversation.message.info.DerivedKeyInfo;
import org.apache.ws.security.conversation.message.token.SecurityContextToken;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.message.token.SecurityTokenReference;
-import org.apache.ws.security.trust.TrustEngine;
-import org.apache.ws.security.trust.WSTrustException;
import org.apache.ws.security.util.StringUtil;
import org.apache.ws.security.util.WSSecurityUtil;
-
import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
+
+import javax.xml.soap.SOAPHeader;
+import javax.xml.soap.SOAPHeaderElement;
+import java.io.ByteArrayOutputStream;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Stack;
+import java.util.Vector;
/**
* Serverside handler that implements WS-Secure Conversation for Axis.
*
*
* @author Dimuthu Leealarthne. (muthulee@yahoo.com)
- *
+ *
*/
public class ConversationServerHandler extends BasicHandler {
private static Log log =
- LogFactory.getLog(ConversationServerHandler.class.getName());
+ LogFactory.getLog(ConversationServerHandler.class.getName());
private boolean doDebug = false;
private static DerivedKeyCallbackHandler dkcbHandler =
- new DerivedKeyCallbackHandler();
+ new DerivedKeyCallbackHandler();
private static boolean isConfigured = false;
private SOAPConstants soapConstants = null;
-
- private HashMap configurator = new HashMap();
-
- private int[] actionsInt = null;
-
+
+ private HashMap configurator = new HashMap();
+
+ private int[] actionsInt = null;
+
private boolean isSessionInfoConfigured = false;
-
+
private boolean isInitTrustVerified = false;
-
+
private Vector sigParts=null;
private Vector encParts=null;
-
+
private int keyLen =-1;
-
+
public ConversationServerHandler() {
log.debug("ConversationServerHandler :: created");
}
-
+
static{
- org.apache.xml.security.Init.init();
+ org.apache.xml.security.Init.init();
}
- /**
- * Method inherited from the BasicHandler.
- * If in the request flow calls the doRequestMetod()
- * else calls the doResponse() method.
- *
- */
+ /**
+ * Method inherited from the BasicHandler.
+ * If in the request flow calls the doRequestMetod()
+ * else calls the doResponse() method.
+ *
+ */
public void invoke(MessageContext msg) throws AxisFault {
log.debug("ConversationServerHandler :: invoked");
-
+
if (msg.getPastPivot())
doResponse(msg);
else
@@ -120,38 +107,38 @@
* Called in the request flow of the request.
* Method looks for a SecurityToken in the SOAP envelope.
* Process the header.
- *
+ *
* @param msg
* @throws AxisFault
*/
private void doRequest(MessageContext msg) throws AxisFault {
- if(!isSessionInfoConfigured){
- initSessionInfo();
- isSessionInfoConfigured = true;
- }
-
-
+ if(!isSessionInfoConfigured){
+ initSessionInfo();
+ isSessionInfoConfigured = true;
+ }
+
+
Document doc = null;
Message message = msg.getCurrentMessage();
-
+
// Get the soap message as a Docuemnt
SOAPPart sPart = (org.apache.axis.SOAPPart) message.getSOAPPart();
try {
doc =
- ((org.apache.axis.message.SOAPEnvelope) sPart.getEnvelope())
+ ((org.apache.axis.message.SOAPEnvelope) sPart.getEnvelope())
.getAsDocument();
} catch (Exception e) {
e.printStackTrace();
}
-
+
// if((this.configurator = (HashMap)msg.getProperty("PolicyObject"))==null){
// log.debug("ConversationServerHandler :: I am configuring");
// initSessionInfo(); // load values to this.configurator from wsdd
// }
-
- soapConstants = WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+
+ soapConstants = WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
ConversationEngine eng = new ConversationEngine(this.configurator);
-
+
// try {
// boolean trustEngineResult = false;
// if(!isInitTrustVerified){
@@ -166,7 +153,7 @@
// }
// isInitTrustVerified = true;
// }
-// }
+// }
// if(trustEngineResult){
// //getUUID and proof of possession
// //add it to the derived key token
@@ -175,59 +162,59 @@
// // TODO Auto-generated catch block
// e2.printStackTrace();
// }
-
-
-
+
+
+
try {
Vector results = eng.processSecConvHeader(doc, "", dkcbHandler, (String)this.configurator.get(WSHandlerConstants.PW_CALLBACK_CLASS));
- ConvEngineResult convResult = null;
- String uuid = "";
-
- /*put the actions into a stack to obtain LIFO behavior
- * Rational for using the stack;
- *
- * Consider "Signature Encrypt"
- * Then the ConvEngine Results will be in the order "Encrypt Signature"
- * i.e. ConvEngine reusult containing ConvEngineResult.ENCRYPT_DERIVED_KEY
- * will be before ConvEngineResult.SIGN_DERIVED_KEY
- *
- * Hense I need to read actions in the order of Last in First out - the stack
- *
- * This is same for "Encrypt Signature" visa versa.
- */
- Stack stk = new Stack();
- for(int i=0; i<actionsInt.length ; i++){
- stk.push(new Integer(actionsInt[i]));
- }
- int act = -1;
- boolean rstr = false;
- for(int i=0; i<results.size(); i++){
- convResult=(ConvEngineResult)results.get(i);
-
- switch(convResult.getAction()){
-
- case ConvEngineResult.SECURITY_TOKEN_RESPONSE :
- log.debug("ConversationServerHandler :: Found RSTR result");
- uuid = convResult.getUuid();
- rstr = true;
- break;
-
- case ConvEngineResult.ENCRYPT_DERIVED_KEY :
- log.debug("ConversationServerHandler :: Found dk_encrypt result");
+ ConvEngineResult convResult = null;
+ String uuid = "";
+
+ /*put the actions into a stack to obtain LIFO behavior
+ * Rational for using the stack;
+ *
+ * Consider "Signature Encrypt"
+ * Then the ConvEngine Results will be in the order "Encrypt Signature"
+ * i.e. ConvEngine reusult containing ConvEngineResult.ENCRYPT_DERIVED_KEY
+ * will be before ConvEngineResult.SIGN_DERIVED_KEY
+ *
+ * Hense I need to read actions in the order of Last in First out - the stack
+ *
+ * This is same for "Encrypt Signature" visa versa.
+ */
+ Stack stk = new Stack();
+ for(int i=0; i<actionsInt.length ; i++){
+ stk.push(new Integer(actionsInt[i]));
+ }
+ int act = -1;
+ boolean rstr = false;
+ for(int i=0; i<results.size(); i++){
+ convResult=(ConvEngineResult)results.get(i);
+
+ switch(convResult.getAction()){
+
+ case ConvEngineResult.SECURITY_TOKEN_RESPONSE :
+ log.debug("ConversationServerHandler :: Found RSTR result");
+ uuid = convResult.getUuid();
+ rstr = true;
+ break;
+
+ case ConvEngineResult.ENCRYPT_DERIVED_KEY :
+ log.debug("ConversationServerHandler :: Found dk_encrypt result");
// if(stk.isEmpty()){
// throw new AxisFault("Action mismatch");
// }
-//
+//
// act =((Integer)stk.pop()).intValue();
// if(act == ConversationConstants.DK_ENCRYPT){
// //fine do nothing
// }else{
// throw new AxisFault("Mismatch action order");
// }
- break;
-
- case ConvEngineResult.SIGN_DERIVED_KEY :
- log.debug("ConversationServerHandler :: Found dk_sign result");
+ break;
+
+ case ConvEngineResult.SIGN_DERIVED_KEY :
+ log.debug("ConversationServerHandler :: Found dk_sign result");
// if(stk.isEmpty()){
// throw new AxisFault("Action mismatch");
// }
@@ -237,51 +224,51 @@
// }else{
// throw new AxisFault("Mismatch action order");
// }
- break;
-
- case ConvEngineResult.SCT :
- log.debug("ConversationServerHandler :: Found SCT result");
- uuid = convResult.getUuid();
- break;
-
- }
- }
-
- if(uuid.equals("")||(uuid==null)){
- //throw new AxisFault("ConversationServerHandler :: Cannot find Session.");
- }else{
- msg.setProperty(ConversationConstants.IDENTIFIER,uuid);
- }
-
-//
+ break;
+
+ case ConvEngineResult.SCT :
+ log.debug("ConversationServerHandler :: Found SCT result");
+ uuid = convResult.getUuid();
+ break;
+
+ }
+ }
+
+ if(uuid.equals("")||(uuid==null)){
+ //throw new AxisFault("ConversationServerHandler :: Cannot find Session.");
+ }else{
+ msg.setProperty(ConversationConstants.IDENTIFIER,uuid);
+ }
+
+//
// if(!rstr){
// if(!stk.isEmpty()){
// throw new AxisFault("Action mismatch. Required action missing");
// }
// }
-
-
+
+
} catch (ConversationException e1) {
e1.printStackTrace();
throw new AxisFault("CovnersationServerHandler :: "+e1.getMessage());
}
-
+
// Replace sPart with the new sPart.
ByteArrayOutputStream os = new ByteArrayOutputStream();
XMLUtils.outputDOM(doc, os, true);
String osStr = os.toString();
sPart.setCurrentMessage(osStr, SOAPPart.FORM_STRING);
-
+
//Following sets the headers as processed.
SOAPHeader sHeader = null;
try {
sHeader = message.getSOAPEnvelope().getHeader();
} catch (Exception ex) {
throw new AxisFault(
- "ConversatonServerHandler: cannot get SOAP header after security processing",
- ex);
+ "ConversatonServerHandler: cannot get SOAP header after security processing",
+ ex);
}
String actor = null;
Iterator headers = sHeader.examineHeaderElements(actor);
@@ -290,41 +277,41 @@
while (headers.hasNext()) {
SOAPHeaderElement hE = (SOAPHeaderElement) headers.next();
if (hE.getLocalName().equals(WSConstants.WSSE_LN)
- && hE.getNamespaceURI().equals(WSConstants.WSSE_NS)) {
+ && hE.getNamespaceURI().equals(WSConstants.WSSE_NS)) {
headerElement = hE;
break;
}
}
(
- (
+ (
org
- .apache
- .axis
- .message
- .SOAPHeaderElement) headerElement)
- .setProcessed(
- true);
-
- msg.setProperty(ConvHandlerConstants.DK_CB_HANDLER,dkcbHandler);
+ .apache
+ .axis
+ .message
+ .SOAPHeaderElement) headerElement)
+ .setProcessed(
+ true);
+
+ msg.setProperty(ConvHandlerConstants.DK_CB_HANDLER,dkcbHandler);
} //do request
- /**
- * This method is called in the response.
- * This method should
- * 1) Add derived keys to the message as required.
- * 2) Sign/encrypt as required.
- *
- * @param msgContext
- * @throws AxisFault
- */
+ /**
+ * This method is called in the response.
+ * This method should
+ * 1) Add derived keys to the message as required.
+ * 2) Sign/encrypt as required.
+ *
+ * @param msg
+ * @throws AxisFault
+ */
private void doResponse(MessageContext msg) throws AxisFault {
-
- if(!isSessionInfoConfigured){
- initSessionInfo();
- isSessionInfoConfigured = true;
- }
-
- //System.out.println("Doing response .... ");
+
+ if(!isSessionInfoConfigured){
+ initSessionInfo();
+ isSessionInfoConfigured = true;
+ }
+
+ //System.out.println("Doing response .... ");
Document doc = null;
Message message = msg.getCurrentMessage();
String uuid, identifier;
@@ -332,12 +319,12 @@
SOAPPart sPart = (org.apache.axis.SOAPPart) message.getSOAPPart();
try {
- if ((doc = (Document) msg.getProperty(WSHandlerConstants.SND_SECURITY))
- == null) {
- doc =
- ((org.apache.axis.message.SOAPEnvelope) sPart.getEnvelope())
- .getAsDocument();
- }
+ if ((doc = (Document) msg.getProperty(WSHandlerConstants.SND_SECURITY))
+ == null) {
+ doc =
+ ((org.apache.axis.message.SOAPEnvelope) sPart.getEnvelope())
+ .getAsDocument();
+ }
} catch (Exception e) {
e.printStackTrace();
throw new AxisFault("CovnersationServerHandler :: "+e.getMessage());
@@ -345,239 +332,239 @@
//get the uuid
uuid = (String) msg.getProperty(ConversationConstants.IDENTIFIER);
-
+
if (uuid == null) {
- //TODO :: throw exception
+ //TODO :: throw exception
System.out.println("UUID NULl line :: 346");
}
-
-
- try {
- ConversationSession session = dkcbHandler.getSession(uuid);
-
- if(session.isAddBase2Message()){
- //add the relavent SCT
- Element securityHeader =
- WSSecurityUtil.findWsseSecurityHeaderBlock(WSSConfig.getDefaultWSConfig(),
- doc,
- doc.getDocumentElement(),
- true);
- WSSecurityUtil.appendChildElement(
- doc,
- securityHeader,
- (new SecurityContextToken(doc, uuid)).getElement());
- }
-
- ConversationManager manager = new ConversationManager();
-
- for (int i = 0; i < this.actionsInt.length; i++) {
-
- // Derrive the token
- SecurityTokenReference stRef2Base = null;
- if(session.getRef2Base()==null){
- //do nothing
- }else{
- stRef2Base = new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),doc);
- Reference ref = new Reference(WSSConfig.getDefaultWSConfig(),doc);
- Reference oldRef = session.getRef2Base();
-
- ref.setURI(oldRef.getURI());
- ref.setValueType(oldRef.getValueType());
- stRef2Base.setReference(ref);
- }
- DerivedKeyInfo dkInfo =
- manager.createDerivedKeyToken(doc, uuid, dkcbHandler,stRef2Base, keyLen);
-
- String genID = dkInfo.getId();
- SecurityTokenReference stRef =
- dkInfo.getSecTokRef2DkToken();
-
- if (actionsInt[i] == ConversationConstants.DK_ENCRYPT) {
- manager.performDK_ENCR(
- ConversationUtil.generateIdentifier(uuid, genID),
- "",
- true,
- doc,
- stRef,
- dkcbHandler, this.encParts, (String)this.configurator.get(ConvHandlerConstants.DK_ENC_ALGO));
-
- } else if(actionsInt[i]==ConversationConstants.DK_SIGN){
- //TODO
- manager.performDK_Sign(doc, dkcbHandler, uuid, dkInfo,this.sigParts);
- }
-
- manager.addDkToken(doc,dkInfo);
-
- }
- } catch (ConversationException e1) {
- e1.printStackTrace();
- throw new AxisFault(
- "ConversationClientHandler ::" + e1.getMessage());
- }
-
- //set it as current message
- ByteArrayOutputStream os = new ByteArrayOutputStream();
- XMLUtils.outputDOM(doc, os, true);
- String osStr = os.toString();
- sPart.setCurrentMessage(osStr, SOAPPart.FORM_STRING);
+
+
+ try {
+ ConversationSession session = dkcbHandler.getSession(uuid);
+
+ if(session.isAddBase2Message()){
+ //add the relavent SCT
+ Element securityHeader =
+ WSSecurityUtil.findWsseSecurityHeaderBlock(WSSConfig.getDefaultWSConfig(),
+ doc,
+ doc.getDocumentElement(),
+ true);
+ WSSecurityUtil.appendChildElement(
+ doc,
+ securityHeader,
+ (new SecurityContextToken(doc, uuid)).getElement());
+ }
+
+ ConversationManager manager = new ConversationManager();
+
+ for (int i = 0; i < this.actionsInt.length; i++) {
+
+ // Derrive the token
+ SecurityTokenReference stRef2Base = null;
+ if(session.getRef2Base()==null){
+ //do nothing
+ }else{
+ stRef2Base = new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),doc);
+ Reference ref = new Reference(WSSConfig.getDefaultWSConfig(),doc);
+ Reference oldRef = session.getRef2Base();
+
+ ref.setURI(oldRef.getURI());
+ ref.setValueType(oldRef.getValueType());
+ stRef2Base.setReference(ref);
+ }
+ DerivedKeyInfo dkInfo =
+ manager.createDerivedKeyToken(doc, uuid, dkcbHandler,stRef2Base, keyLen);
+
+ String genID = dkInfo.getId();
+ SecurityTokenReference stRef =
+ dkInfo.getSecTokRef2DkToken();
+
+ if (actionsInt[i] == ConversationConstants.DK_ENCRYPT) {
+ manager.performDK_ENCR(
+ ConversationUtil.generateIdentifier(uuid, genID),
+ "",
+ true,
+ doc,
+ stRef,
+ dkcbHandler, this.encParts, (String)this.configurator.get(ConvHandlerConstants.DK_ENC_ALGO));
+
+ } else if(actionsInt[i]==ConversationConstants.DK_SIGN){
+ //TODO
+ manager.performDK_Sign(doc, dkcbHandler, uuid, dkInfo,this.sigParts);
+ }
+
+ manager.addDkToken(doc,dkInfo);
+
+ }
+ } catch (ConversationException e1) {
+ e1.printStackTrace();
+ throw new AxisFault(
+ "ConversationClientHandler ::" + e1.getMessage());
+ }
+
+ //set it as current message
+ ByteArrayOutputStream os = new ByteArrayOutputStream();
+ XMLUtils.outputDOM(doc, os, true);
+ String osStr = os.toString();
+ sPart.setCurrentMessage(osStr, SOAPPart.FORM_STRING);
} //doResponse
-/**
- * Conversation parameters are read from the wsdd file.
- * When WS-Policy is implemented, these parameters should be
- * configurable using policy components.
- *
- * @throws AxisFault
- */
- /**
- * Reads configeration parameters from the wsdd file.
- * @throws AxisFault
- */
-private void initSessionInfo() throws AxisFault {
- /**
- * Default values for a session. These will be overriden by WSDD file parameters.
- */
- this.configurator = new HashMap();
- String tmpStr;
- if ((tmpStr = (String) getOption(ConvHandlerConstants.KEY_FREQ))
- != null) {
- log.debug("Key Frequency is set ::" + tmpStr);
- this.configurator.put(
- ConvHandlerConstants.KEY_FREQ,
- new Integer(tmpStr));
- }
-
- if ((tmpStr = (String) getOption(ConvHandlerConstants.DK_ACTION))
- != null) {
- log.debug("Derived Key Action is read ::" + tmpStr);
- String[] action = StringUtil.split(tmpStr, ' ');
- actionsInt = new int[action.length];
-
- for (int i = 0; i < action.length; i++) {
- if ((action[i]).equalsIgnoreCase("Signature")) {
- actionsInt[i] = ConversationConstants.DK_SIGN;
- } else if ((action[i]).equalsIgnoreCase("Encrypt")) {
- actionsInt[i] = ConversationConstants.DK_ENCRYPT;
- }
- }
-
- }
-
- if ((tmpStr =
- (String) getOption(ConvHandlerConstants.SEVER_PROP_FILE))
- != null) {
- this.configurator.put(ConvHandlerConstants.SEVER_PROP_FILE, tmpStr);
- }
-
-
- if ((tmpStr =
- (String) getOption(ConvHandlerConstants.KEY_LEGNTH))
- != null) {
- log.debug("Key Frequency is set ::" + tmpStr);
- this.keyLen=Integer.parseInt(tmpStr);
- this.configurator.put(ConvHandlerConstants.KEY_LEGNTH, new Long(tmpStr));
- }
-
-
- if ((tmpStr =
- (String) getOption(WSHandlerConstants.PW_CALLBACK_CLASS))
- != null) {
- this.configurator.put(WSHandlerConstants.PW_CALLBACK_CLASS, tmpStr);
- }else{
- log.debug("Set the pass word call back class.");
- }
-
- if ((tmpStr =
- (String) getOption(WSHandlerConstants.SIGNATURE_PARTS))
- != null) {
- this.sigParts = new Vector();
- this.splitEncParts(tmpStr,sigParts);
- }
-
- if ((tmpStr =(String) getOption(WSHandlerConstants.ENCRYPTION_PARTS))
- != null) {
- this.encParts = new Vector();
- this.splitEncParts(tmpStr,encParts);
- }
-
-
-
- if((tmpStr =(String) getOption(WSHandlerConstants.DEC_PROP_FILE))!= null) {
- this.configurator.put(WSHandlerConstants.DEC_PROP_FILE, tmpStr);
- System.out.println("Decryption properties read");
- }
-
- if((tmpStr =(String) getOption(ConvHandlerConstants.DK_ENC_ALGO))!= null) {
- this.configurator.put(ConvHandlerConstants.DK_ENC_ALGO, tmpStr);
- }
-
-
-
-
+ /**
+ * Conversation parameters are read from the wsdd file.
+ * When WS-Policy is implemented, these parameters should be
+ * configurable using policy components.
+ *
+ * @throws AxisFault
+ */
+ /**
+ * Reads configeration parameters from the wsdd file.
+ * @throws AxisFault
+ */
+ private void initSessionInfo() throws AxisFault {
+ /**
+ * Default values for a session. These will be overriden by WSDD file parameters.
+ */
+ this.configurator = new HashMap();
+ String tmpStr;
+ if ((tmpStr = (String) getOption(ConvHandlerConstants.KEY_FREQ))
+ != null) {
+ log.debug("Key Frequency is set ::" + tmpStr);
+ this.configurator.put(
+ ConvHandlerConstants.KEY_FREQ,
+ new Integer(tmpStr));
+ }
+
+ if ((tmpStr = (String) getOption(ConvHandlerConstants.DK_ACTION))
+ != null) {
+ log.debug("Derived Key Action is read ::" + tmpStr);
+ String[] action = StringUtil.split(tmpStr, ' ');
+ actionsInt = new int[action.length];
+
+ for (int i = 0; i < action.length; i++) {
+ if ((action[i]).equalsIgnoreCase("Signature")) {
+ actionsInt[i] = ConversationConstants.DK_SIGN;
+ } else if ((action[i]).equalsIgnoreCase("Encrypt")) {
+ actionsInt[i] = ConversationConstants.DK_ENCRYPT;
+ }
+ }
+
+ }
+
+ if ((tmpStr =
+ (String) getOption(ConvHandlerConstants.SEVER_PROP_FILE))
+ != null) {
+ this.configurator.put(ConvHandlerConstants.SEVER_PROP_FILE, tmpStr);
+ }
+
+
+ if ((tmpStr =
+ (String) getOption(ConvHandlerConstants.KEY_LEGNTH))
+ != null) {
+ log.debug("Key Frequency is set ::" + tmpStr);
+ this.keyLen=Integer.parseInt(tmpStr);
+ this.configurator.put(ConvHandlerConstants.KEY_LEGNTH, new Long(tmpStr));
+ }
+
+
+ if ((tmpStr =
+ (String) getOption(WSHandlerConstants.PW_CALLBACK_CLASS))
+ != null) {
+ this.configurator.put(WSHandlerConstants.PW_CALLBACK_CLASS, tmpStr);
+ }else{
+ log.debug("Set the pass word call back class.");
+ }
+
+ if ((tmpStr =
+ (String) getOption(WSHandlerConstants.SIGNATURE_PARTS))
+ != null) {
+ this.sigParts = new Vector();
+ this.splitEncParts(tmpStr,sigParts);
+ }
+
+ if ((tmpStr =(String) getOption(WSHandlerConstants.ENCRYPTION_PARTS))
+ != null) {
+ this.encParts = new Vector();
+ this.splitEncParts(tmpStr,encParts);
+ }
+
+
+
+ if((tmpStr =(String) getOption(WSHandlerConstants.DEC_PROP_FILE))!= null) {
+ this.configurator.put(WSHandlerConstants.DEC_PROP_FILE, tmpStr);
+ System.out.println("Decryption properties read");
+ }
+
+ if((tmpStr =(String) getOption(ConvHandlerConstants.DK_ENC_ALGO))!= null) {
+ this.configurator.put(ConvHandlerConstants.DK_ENC_ALGO, tmpStr);
+ }
+
+
+
+
+
+ }
+
-}
-
-
/**
* Extracted from the class <code>org.apache.ws.axis.security.WSDoAllSender.java</code>.
- *
+ *
* @param tmpS
* @param encryptParts
* @throws AxisFault
*/
- private void splitEncParts(String tmpS, Vector encryptParts)
- throws AxisFault {
-
- WSEncryptionPart encPart = null;
- String[] rawParts = StringUtil.split(tmpS, ';');
-
- for (int i = 0; i < rawParts.length; i++) {
- String[] partDef = StringUtil.split(rawParts[i], '}');
-
- if (partDef.length == 1) {
- if (doDebug) {
- log.debug("single partDef: '" + partDef[0] + "'");
- }
- encPart =
- new WSEncryptionPart(
- partDef[0].trim(),
- soapConstants.getEnvelopeURI(),
- "Content");
- } else if (partDef.length == 3) {
- String mode = partDef[0].trim();
- if (mode.length() <= 1) {
- mode = "Content";
- } else {
- mode = mode.substring(1);
- }
- String nmSpace = partDef[1].trim();
- if (nmSpace.length() <= 1) {
- nmSpace = soapConstants.getEnvelopeURI();
- } else {
- nmSpace = nmSpace.substring(1);
- }
- String element = partDef[2].trim();
- if (doDebug) {
- log.debug(
- "partDefs: '"
- + mode
- + "' ,'"
- + nmSpace
- + "' ,'"
- + element
- + "'");
- }
- encPart = new WSEncryptionPart(element, nmSpace, mode);
- } else {
- throw new AxisFault(
- "WSDoAllSender: wrong part definition: " + tmpS);
- }
- encryptParts.add(encPart);
- }
- }
-
-
+ private void splitEncParts(String tmpS, Vector encryptParts)
+ throws AxisFault {
+
+ WSEncryptionPart encPart = null;
+ String[] rawParts = StringUtil.split(tmpS, ';');
+
+ for (int i = 0; i < rawParts.length; i++) {
+ String[] partDef = StringUtil.split(rawParts[i], '}');
+
+ if (partDef.length == 1) {
+ if (doDebug) {
+ log.debug("single partDef: '" + partDef[0] + "'");
+ }
+ encPart =
+ new WSEncryptionPart(
+ partDef[0].trim(),
+ soapConstants.getEnvelopeURI(),
+ "Content");
+ } else if (partDef.length == 3) {
+ String mode = partDef[0].trim();
+ if (mode.length() <= 1) {
+ mode = "Content";
+ } else {
+ mode = mode.substring(1);
+ }
+ String nmSpace = partDef[1].trim();
+ if (nmSpace.length() <= 1) {
+ nmSpace = soapConstants.getEnvelopeURI();
+ } else {
+ nmSpace = nmSpace.substring(1);
+ }
+ String element = partDef[2].trim();
+ if (doDebug) {
+ log.debug(
+ "partDefs: '"
+ + mode
+ + "' ,'"
+ + nmSpace
+ + "' ,'"
+ + element
+ + "'");
+ }
+ encPart = new WSEncryptionPart(element, nmSpace, mode);
+ } else {
+ throw new AxisFault(
+ "WSDoAllSender: wrong part definition: " + tmpS);
+ }
+ encryptParts.add(encPart);
+ }
+ }
+
+
}
1.2 +243 -243 ws-fx/wss4j/src/org/apache/ws/axis/security/trust/secconv/interop/SAML2SCTRequester.java
Index: SAML2SCTRequester.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/axis/security/trust/secconv/interop/SAML2SCTRequester.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- SAML2SCTRequester.java 16 Oct 2004 08:07:10 -0000 1.1
+++ SAML2SCTRequester.java 9 Mar 2005 22:33:45 -0000 1.2
@@ -1,19 +1,19 @@
/*
- * Copyright 2003-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
+* Copyright 2003-2004 The Apache Software Foundation.
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+*/
package org.apache.ws.axis.security.trust.secconv.interop;
@@ -105,111 +105,111 @@
Document doc = null;
Element sAMLElement = null;
Document docRes = null;
-
-
- private String serviceViaTCMPMon= null;
- private String realIPAddressReal = null;
- private String realServiceAddress = null;
-
+
+
+ private String serviceViaTCMPMon= null;
+ private String realIPAddressReal = null;
+ private String realServiceAddress = null;
+
public void peformRST(Hashtable options) {
/* Actions :: Things that should be done for interop.
- *
- * 1) Set addressing stuff - msgid, action, to, timestamp, body - DONE
- *
- * 2) Create the message body, with the following.
- * -Token type
- * -Request type
- * -Applies to
- * -Entropy with binary secret.
- * *******************************************
- */
+ *
+ * 1) Set addressing stuff - msgid, action, to, timestamp, body - DONE
+ *
+ * 2) Create the message body, with the following.
+ * -Token type
+ * -Request type
+ * -Applies to
+ * -Entropy with binary secret.
+ * *******************************************
+ */
try {
System.out.println(
- "****************** in SAML2SCT requestor *******");
+ "****************** in SAML2SCT requestor *******");
Service service = new Service();
call = (Call) service.createCall();
env = new SOAPEnvelope();
-
- //creating addressing headers
+
+ //creating addressing headers
String msgIdValue = "uuid:"+UUIdGeneratorFactory.createUUIdGenerator( AxisUUIdGenerator.class ).generateUUId();
MessageID msgid = new MessageID(new URI(msgIdValue));
Action action =
- new Action(
- new URI("http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT"));
+ new Action(
+ new URI("http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT"));
System.out.println(this.realServiceAddress);
To to = new To(new URI(this.realServiceAddress));
- Address add = new Address("http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous");
- ReplyTo rep = new ReplyTo(add);
-
- SOAPHeaderElement sheaderEle = msgid.toSOAPHeaderElement(env,null);
- sheaderEle.setMustUnderstand(true);
-
- SOAPHeaderElement sheaderEle2=action.toSOAPHeaderElement(env, null);
- sheaderEle2.setMustUnderstand(true);
-
- SOAPHeaderElement sheaderEle3= to.toSOAPHeaderElement(env, null);
- sheaderEle3.setMustUnderstand(true);
-
- SOAPHeaderElement sheaderEle4= rep.toSOAPHeaderElement(env, null);
- sheaderEle4.setMustUnderstand(true);
-
- //////// end of addressing headers
-
-
+ Address add = new Address("http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous");
+ ReplyTo rep = new ReplyTo(add);
+
+ SOAPHeaderElement sheaderEle = msgid.toSOAPHeaderElement(env,null);
+ sheaderEle.setMustUnderstand(true);
+
+ SOAPHeaderElement sheaderEle2=action.toSOAPHeaderElement(env, null);
+ sheaderEle2.setMustUnderstand(true);
+
+ SOAPHeaderElement sheaderEle3= to.toSOAPHeaderElement(env, null);
+ sheaderEle3.setMustUnderstand(true);
+
+ SOAPHeaderElement sheaderEle4= rep.toSOAPHeaderElement(env, null);
+ sheaderEle4.setMustUnderstand(true);
+
+ //////// end of addressing headers
+
+
call.getMessageContext().setMessage(new Message(env));
-
+
doc = env.getAsDocument();
-
+
// create the RST
RequestSecurityToken reqSecTok = new RequestSecurityToken(doc);
TokenType tokenType = new TokenType(doc);
tokenType.setValue(
- "http://schemas.xmlsoap.org/ws/2004/04/security/sc/sct");
-
+ "http://schemas.xmlsoap.org/ws/2004/04/security/sc/sct");
+
reqSecTok.addToken(tokenType.getElement());
RequestType requestType = new RequestType(doc);
requestType.setValue(TrustConstants.ISSUE_SECURITY_TOKEN);
- //"http://schemas.xmlsoap.org/security/trust/Issue");
+ //"http://schemas.xmlsoap.org/security/trust/Issue");
reqSecTok.addToken(requestType.getElement());
//appliesTo
AppliesTo appliesTo = new AppliesTo(doc);
//TODO :: Remove hardcoding
EndpointReference epr =
- new EndpointReference(this.realServiceAddress);//"http://131.107.72.15/Service/Service.ashx");
+ new EndpointReference(this.realServiceAddress);//"http://131.107.72.15/Service/Service.ashx");
appliesTo.setAnyElement(epr.toDOM(doc));
reqSecTok.addToken(appliesTo.getElement());
- //Entropy and binary secreat
-
- KeyGenerator keyGen = KeyGenerator.getInstance("2.16.840.1.101.3.4.1.2");
- SecretKey key = keyGen.generateKey();
-
+ //Entropy and binary secreat
+
+ KeyGenerator keyGen = KeyGenerator.getInstance("2.16.840.1.101.3.4.1.2");
+ SecretKey key = keyGen.generateKey();
+
BinarySecret binSec = new BinarySecret(doc);
binSec.setTypeAttribute(BinarySecret.NONCE_VAL);
binSec.setBinarySecretValue(Base64.encode(key.getEncoded()));
- // binSec.setBinarySecretValue(ConversationUtil.generateNonce(16));
+ // binSec.setBinarySecretValue(ConversationUtil.generateNonce(16));
Entropy entropy = new Entropy(doc);
entropy.setBinarySecret(binSec);
reqSecTok.addToken(entropy.getElement());
Element body =
- (Element) doc.getElementsByTagNameNS(
- env.getNamespaceURI(),
- "Body").item(
- 0);
+ (Element) doc.getElementsByTagNameNS(
+ env.getNamespaceURI(),
+ "Body").item(
+ 0);
WSSecurityUtil.appendChildElement(
- doc,
- body,
- reqSecTok.getElement());
+ doc,
+ body,
+ reqSecTok.getElement());
- // System.out.println(
- // DOM2Writer.nodeToString((Node) doc.getDocumentElement(), true));
+ // System.out.println(
+ // DOM2Writer.nodeToString((Node) doc.getDocumentElement(), true));
} catch (MalformedURIException e) {
//TODO Auto-generated catch block
@@ -221,104 +221,104 @@
}
public void createSecurityHeader(
- DerivedKeyCallbackHandler dkcbHandler,
- String uuid)
- throws WSTrustException {
+ DerivedKeyCallbackHandler dkcbHandler,
+ String uuid)
+ throws WSTrustException {
/*
- * Things to do :
- * Add two derived Key Tokens.
- * HMAC signature over msgid,action, to, timestamp, body ** sx1
- * Encrypt the signature element and body with sx2
- * Add the SAML token.
- * Add the Timestamp.
- */
+ * Things to do :
+ * Add two derived Key Tokens.
+ * HMAC signature over msgid,action, to, timestamp, body ** sx1
+ * Encrypt the signature element and body with sx2
+ * Add the SAML token.
+ * Add the Timestamp.
+ */
//creating the reference to add two derived key tokens to the SAMLToken
try {
-
- //Add Timestamp
- WSAddTimestamp timeStampBuilder = new WSAddTimestamp("", false);
- // add the Timestamp to the SOAP Enevelope
- timeStampBuilder.build(doc, 300); // time in seconds. 5 minutes
-
- // Add Saml Token
- WSSAddSAMLToken builder = new WSSAddSAMLToken();
- builder.build(doc, saml);
+
+ //Add Timestamp
+ WSAddTimestamp timeStampBuilder = new WSAddTimestamp("", false);
+ // add the Timestamp to the SOAP Enevelope
+ timeStampBuilder.build(doc, 300); // time in seconds. 5 minutes
+
+ // Add Saml Token
+ WSSAddSAMLToken builder = new WSSAddSAMLToken();
+ builder.build(doc, saml);
SecurityTokenReference secTokRef =
- new SecurityTokenReference(WSSConfig.getDefaultWSConfig(), doc);
+ new SecurityTokenReference(WSSConfig.getDefaultWSConfig(), doc);
Reference ref = new Reference(WSSConfig.getDefaultWSConfig(), doc);
- // ref.setValueType(
- // "http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID");
- // ref.setURI(saml.getId());
- // secTokRef.setReference(ref);
- secTokRef.setSAMLKeyIdentifier(saml.getId()); //Changed 05-10-2004 to add the KeyIdentifier element
+ // ref.setValueType(
+ // "http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID");
+ // ref.setURI(saml.getId());
+ // secTokRef.setReference(ref);
+ secTokRef.setSAMLKeyIdentifier(saml.getId()); //Changed 05-10-2004 to add the KeyIdentifier element
ConversationManager man = new ConversationManager();
System.out.println("Fix NOOOOOOOOWWWWWWW");
- // dkcbHandler.setDerivedKeyLength(uuid, 16);
+ // dkcbHandler.setDerivedKeyLength(uuid, 16);
dkcbHandler.setLabelForSession(
- uuid,
- "WS-SecureConversationWS-SecureConversatin");
-
- /*
- <wsse:SecurityTokenReference>
- <wsse:Reference
- ValueType='http://www.docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertion-1.0'
- URI='uuid:8f8a6868-cb87-4d90-8f5d-f6efdb6a83f4' />
- </wsse:SecurityTokenReference>
+ uuid,
+ "WS-SecureConversationWS-SecureConversatin");
+
+ /*
+ <wsse:SecurityTokenReference>
+ <wsse:Reference
+ ValueType='http://www.docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertion-1.0'
+ URI='uuid:8f8a6868-cb87-4d90-8f5d-f6efdb6a83f4' />
+ </wsse:SecurityTokenReference>
*/
//Create the above segment
SecurityTokenReference encSTR2Assertion = new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),doc);
- // Reference ref2Assertion = new Reference(WSSConfig.getDefaultWSConfig(),doc);
- // ref2Assertion.setValueType("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID");
- // ref2Assertion.setURI(this.saml.getId());
- // encSTR2Assertion.setReference(ref2Assertion);
- encSTR2Assertion.setSAMLKeyIdentifier(this.saml.getId());
-
- // Create the above segment
- SecurityTokenReference sigSTR2Assertion = new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),(Element)encSTR2Assertion.getElement().cloneNode(true));
- //TODO :: Find out cloneNode what is true ?
- //new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),doc);
-// Reference SigRef2Assertion = new Reference(WSSConfig.getDefaultWSConfig(),doc);
+ // Reference ref2Assertion = new Reference(WSSConfig.getDefaultWSConfig(),doc);
+ // ref2Assertion.setValueType("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID");
+ // ref2Assertion.setURI(this.saml.getId());
+ // encSTR2Assertion.setReference(ref2Assertion);
+ encSTR2Assertion.setSAMLKeyIdentifier(this.saml.getId());
+
+ // Create the above segment
+ SecurityTokenReference sigSTR2Assertion = new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),(Element)encSTR2Assertion.getElement().cloneNode(true));
+ //TODO :: Find out cloneNode what is true ?
+ //new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),doc);
+// Reference SigRef2Assertion = new Reference(WSSConfig.getDefaultWSConfig(),doc);
// SigRef2Assertion.setValueType("http://www.docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertion-1.0");
// SigRef2Assertion.setURI(this.saml.getId());
// SigSTR2Assertion.setReference(SigRef2Assertion);
-//
+//
// Add 2 derivedKeyTokens
DerivedKeyInfo sigDkInfo =
- man.createDerivedKeyToken(doc, uuid, dkcbHandler, sigSTR2Assertion, 16);
+ man.createDerivedKeyToken(doc, uuid, dkcbHandler, sigSTR2Assertion, 16);
DerivedKeyInfo encDkInfo =
- man.createDerivedKeyToken(doc, uuid, dkcbHandler, encSTR2Assertion, 16);
-
+ man.createDerivedKeyToken(doc, uuid, dkcbHandler, encSTR2Assertion, 16);
+
if(encDkInfo.getSecurityTokenReference()==null){
- System.out.println("Ok null big problem Fix NOWWWWWWWWWWWW");
+ System.out.println("Ok null big problem Fix NOWWWWWWWWWWWW");
}
-
+
//6)HMAC signature over msgid,action, to, timestamp, body ** sx1
WSEncryptionPart msgidP =
- new WSEncryptionPart(
- Constants.MESSAGE_ID,
- Constants.NS_URI_ADDRESSING,
- "Content");
+ new WSEncryptionPart(
+ Constants.MESSAGE_ID,
+ Constants.NS_URI_ADDRESSING,
+ "Content");
WSEncryptionPart actionP =
- new WSEncryptionPart(
- Constants.ACTION,
- Constants.NS_URI_ADDRESSING,
- "Content");
+ new WSEncryptionPart(
+ Constants.ACTION,
+ Constants.NS_URI_ADDRESSING,
+ "Content");
WSEncryptionPart toP =
- new WSEncryptionPart(
- Constants.TO,
- Constants.NS_URI_ADDRESSING,
- "Content");
+ new WSEncryptionPart(
+ Constants.TO,
+ Constants.NS_URI_ADDRESSING,
+ "Content");
WSEncryptionPart timestampP =
- new WSEncryptionPart(
- "Timestamp",
- "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd",
- "Content");
+ new WSEncryptionPart(
+ "Timestamp",
+ "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd",
+ "Content");
WSEncryptionPart bodyP =
- new WSEncryptionPart("Body", env.getNamespaceURI(), "Content");
+ new WSEncryptionPart("Body", env.getNamespaceURI(), "Content");
Vector vec = new Vector();
vec.add(msgidP);
@@ -326,17 +326,17 @@
vec.add(toP);
vec.add(timestampP);
vec.add(bodyP);
-
-
+
+
man.performDK_Sign(doc, dkcbHandler, uuid, sigDkInfo, vec);
-
+
/* Steps encrypt the body and the signature.
- * 1) Fist create the SecurityTokenReference to the Derived Key
- * 2) Setup the part vector
- * 3) set up the user
- *
- * We can now call the method.
- */
+ * 1) Fist create the SecurityTokenReference to the Derived Key
+ * 2) Setup the part vector
+ * 3) set up the user
+ *
+ * We can now call the method.
+ */
//step 1
// SecurityTokenReference secRef = new SecurityTokenReference(WSSConfig.getDefaultWSConfig(),doc);
@@ -347,51 +347,51 @@
SecurityTokenReference secRef = encDkInfo.getSecTokRef2DkToken();
//setp 2
-
- /*
- * We cannot do the below.
- * WSEncryptionPart bodyEle =
- * new WSEncryptionPart("Body", env.getNamespaceURI(), "Element");
- * The error is :
- * org.xml.sax.SAXException: No custom elements allowed at top level until after the <body> tag
- */
-
+
+ /*
+ * We cannot do the below.
+ * WSEncryptionPart bodyEle =
+ * new WSEncryptionPart("Body", env.getNamespaceURI(), "Element");
+ * The error is :
+ * org.xml.sax.SAXException: No custom elements allowed at top level until after the <body> tag
+ */
+
WSEncryptionPart signature =
- new WSEncryptionPart(
- "Signature",
- "http://www.w3.org/2000/09/xmldsig#",
- "Element");
-
- WSEncryptionPart bodyContent =
- new WSEncryptionPart(
- "RequestSecurityToken",
- TrustConstants.WST_NS,
- "Element");
-
-
- Vector encPart = new Vector();
- //encPart.add(signature);
- encPart.add(bodyContent);
-
+ new WSEncryptionPart(
+ "Signature",
+ "http://www.w3.org/2000/09/xmldsig#",
+ "Element");
+
+ WSEncryptionPart bodyContent =
+ new WSEncryptionPart(
+ "RequestSecurityToken",
+ TrustConstants.WST_NS,
+ "Element");
+
+
+ Vector encPart = new Vector();
+ //encPart.add(signature);
+ encPart.add(bodyContent);
+
String encUsr =
- ConversationUtil.generateIdentifier(uuid, encDkInfo.getId());
+ ConversationUtil.generateIdentifier(uuid, encDkInfo.getId());
man.performDK_ENCR(
- encUsr,
- "",
- true,
- doc,
- secRef,
- dkcbHandler,
- encPart, "http://www.w3.org/2001/04/xmlenc#aes128-cbc");
- // http://131.107.72.15/Service/Service.ashx
-
-
- man.addDkToken(doc,sigDkInfo);
- man.addDkToken(doc,encDkInfo);
- System.out.println(serviceViaTCMPMon);
+ encUsr,
+ "",
+ true,
+ doc,
+ secRef,
+ dkcbHandler,
+ encPart, "http://www.w3.org/2001/04/xmlenc#aes128-cbc");
+ // http://131.107.72.15/Service/Service.ashx
+
+
+ man.addDkToken(doc,sigDkInfo);
+ man.addDkToken(doc,encDkInfo);
+ System.out.println(serviceViaTCMPMon);
call.setTargetEndpointAddress(new URL(this.serviceViaTCMPMon));//"http://localhost:8084/Service/Service.ashx"));
-
+
ByteArrayOutputStream os = new ByteArrayOutputStream();
XMLUtils.outputDOM(doc, os, true);
Message message = call.getMessageContext().getCurrentMessage();
@@ -399,18 +399,18 @@
SOAPPart sPart = (org.apache.axis.SOAPPart) message.getSOAPPart();
sPart.setCurrentMessage(os.toByteArray(), SOAPPart.FORM_BYTES);
call.setProperty(ConvHandlerConstants.DK_CB_HANDLER, dkcbHandler);
-
+
call.setClientHandlers(null, new ConversationClientHandler(dkcbHandler));
-
+
SOAPEnvelope resp = call.invoke(sPart.getAsSOAPEnvelope());
-
+
try {
this.docRes = resp.getAsDocument();
} catch (Exception e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
}
-
+
//System.out.println("Ok signature is done....");
//System.out.println(DOM2Writer.nodeToString((Node) doc.getDocumentElement(), true));
@@ -419,12 +419,12 @@
e.printStackTrace();
} catch (AxisFault e1) {
// TODO Auto-generated catch block
- e1.printStackTrace();
+ e1.printStackTrace();
} catch (MalformedURLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}catch(WSSecurityException e){
-
+
}
//7)Encryption.
@@ -433,8 +433,8 @@
//call.invoke();
}
-
-
+
+
/**
* @return
*/
@@ -505,47 +505,47 @@
docRes = document;
}
- /**
- * @return
- */
- public String getRealIPAddressReal() {
- return realIPAddressReal;
- }
-
- /**
- * @return
- */
- public String getRealServiceAddress() {
- return realServiceAddress;
- }
-
-
- /**
- * @param string
- */
- public void setRealIPAddressReal(String string) {
- realIPAddressReal = string;
- }
-
- /**
- * @param string
- */
- public void setRealServiceAddress(String string) {
- realServiceAddress = string;
- }
-
- /**
- * @return
- */
- public String getServiceViaTCMPMon() {
- return serviceViaTCMPMon;
- }
-
- /**
- * @param string
- */
- public void setServiceViaTCMPMon(String string) {
- serviceViaTCMPMon = string;
- }
+ /**
+ * @return
+ */
+ public String getRealIPAddressReal() {
+ return realIPAddressReal;
+ }
+
+ /**
+ * @return
+ */
+ public String getRealServiceAddress() {
+ return realServiceAddress;
+ }
+
+
+ /**
+ * @param string
+ */
+ public void setRealIPAddressReal(String string) {
+ realIPAddressReal = string;
+ }
+
+ /**
+ * @param string
+ */
+ public void setRealServiceAddress(String string) {
+ realServiceAddress = string;
+ }
+
+ /**
+ * @return
+ */
+ public String getServiceViaTCMPMon() {
+ return serviceViaTCMPMon;
+ }
+
+ /**
+ * @param string
+ */
+ public void setServiceViaTCMPMon(String string) {
+ serviceViaTCMPMon = string;
+ }
}
1.9 +4 -3 ws-fx/wss4j/src/org/apache/ws/security/conversation/message/token/RequestedProofToken.java
Index: RequestedProofToken.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/conversation/message/token/RequestedProofToken.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- RequestedProofToken.java 7 Feb 2005 18:52:44 -0000 1.8
+++ RequestedProofToken.java 9 Mar 2005 22:33:45 -0000 1.9
@@ -328,13 +328,14 @@
break;
case WSConstants.BST_DIRECT_REFERENCE:
- Reference ref = new Reference(WSSConfig.getDefaultWSConfig(), doc);
- ref.setURI("#" + certUri);
- secToken.setReference(ref);
BinarySecurity bstToken = null;
bstToken = new X509Security(WSSConfig.getDefaultWSConfig(), doc);
((X509Security) bstToken).setX509Certificate(remoteCert);
bstToken.setID(certUri);
+ Reference ref = new Reference(WSSConfig.getDefaultWSConfig(), doc);
+ ref.setURI("#" + certUri);
+ ref.setValueType(bstToken.getValueType());
+ secToken.setReference(ref);
// WSSecurityUtil.prependChildElement(
// doc,
// wsseSecurity,
1.29 +2 -1 ws-fx/wss4j/src/org/apache/ws/security/message/WSEncryptBody.java
Index: WSEncryptBody.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/message/WSEncryptBody.java,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- WSEncryptBody.java 7 Feb 2005 19:18:29 -0000 1.28
+++ WSEncryptBody.java 9 Mar 2005 22:33:45 -0000 1.29
@@ -413,11 +413,12 @@
case WSConstants.BST_DIRECT_REFERENCE:
Reference ref = new Reference(wssConfig, doc);
ref.setURI("#" + certUri);
- secToken.setReference(ref);
BinarySecurity bstToken = null;
bstToken = new X509Security(wssConfig, doc);
((X509Security) bstToken).setX509Certificate(remoteCert);
bstToken.setID(certUri);
+ ref.setValueType(bstToken.getValueType());
+ secToken.setReference(ref);
WSSecurityUtil.prependChildElement(doc,
wsseSecurity,
bstToken.getElement(),
1.23 +3 -1 ws-fx/wss4j/src/org/apache/ws/security/message/WSSignEnvelope.java
Index: WSSignEnvelope.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/message/WSSignEnvelope.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- WSSignEnvelope.java 29 Dec 2004 02:04:54 -0000 1.22
+++ WSSignEnvelope.java 9 Mar 2005 22:33:45 -0000 1.23
@@ -420,7 +420,6 @@
case WSConstants.BST_DIRECT_REFERENCE:
Reference ref = new Reference(wssConfig, doc);
ref.setURI("#" + certUri);
- secRef.setReference(ref);
BinarySecurity bstToken = null;
if (!useSingleCert) {
bstToken = new PKIPathSecurity(wssConfig, doc);
@@ -431,6 +430,8 @@
bstToken = new X509Security(wssConfig, doc);
((X509Security) bstToken).setX509Certificate(certs[0]);
}
+ ref.setValueType(bstToken.getValueType());
+ secRef.setReference(ref);
bstToken.setID(certUri);
WSSecurityUtil.prependChildElement(doc,
securityHeader,
@@ -786,6 +787,7 @@
WSSecurityUtil.prependChildElement(doc, securityHeader,
bstToken.getElement(), false);
wsDocInfo.setBst(bstToken.getElement());
+ ref.setValueType(bstToken.getValueType());
} else {
ref.setURI("#" + assertion.getId());
ref.setValueType(WSConstants.WSS_SAML_NS
1.11 +2 -2 ws-fx/wss4j/src/org/apache/ws/security/message/token/X509Security.java
Index: X509Security.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/message/token/X509Security.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- X509Security.java 9 Aug 2004 17:53:45 -0000 1.10
+++ X509Security.java 9 Mar 2005 22:33:46 -0000 1.11
@@ -85,7 +85,7 @@
*
* @return the X509 certificate converted from the base 64 encoded
* element data
- * @throws GeneralSecurityException
+ * @throws WSSecurityException
*/
public X509Certificate getX509Certificate(Crypto crypto) throws WSSecurityException {
if (cachedCert != null) {
@@ -109,7 +109,7 @@
* node of the element
*
* @param cert the X509 certificate to store in the element
- * @throws CertificateEncodingException
+ * @throws WSSecurityException
*/
public void setX509Certificate(X509Certificate cert)
throws WSSecurityException {
1.3 +21 -26 ws-fx/wss4j/test/wssec/TestWSSecurity10.java
Index: TestWSSecurity10.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/test/wssec/TestWSSecurity10.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- TestWSSecurity10.java 9 Aug 2004 17:49:58 -0000 1.2
+++ TestWSSecurity10.java 9 Mar 2005 22:33:46 -0000 1.3
@@ -16,23 +16,11 @@
*/
package wssec;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.PrintWriter;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
-
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
-import org.apache.axis.SOAPPart;
import org.apache.axis.client.AxisClient;
import org.apache.axis.configuration.NullProvider;
import org.apache.axis.message.SOAPEnvelope;
@@ -51,16 +39,23 @@
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.message.token.SecurityTokenReference;
import org.apache.ws.security.util.WSSecurityUtil;
-
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.PrintWriter;
+
/**
* TestCase10 for testing HMAC_SHA1 in wss4j.
* Based on TestCase9.
- *
+ *
* The objective of this TestCase is to test the HMAC_SHA1 signature.
- *
+ *
* @author Dimuthu Leelarathne. (muthulee@yahoo.com)
*/
public class TestWSSecurity10 extends TestCase implements CallbackHandler {
@@ -84,7 +79,7 @@
/**
* TestWSSecurity constructor
* <p/>
- *
+ *
* @param name name of the test
*/
public TestWSSecurity10(String name) {
@@ -94,7 +89,7 @@
/**
* JUnit suite
* <p/>
- *
+ *
* @return a junit test suite
*/
public static Test suite() {
@@ -104,7 +99,7 @@
/**
* Main method
* <p/>
- *
+ *
* @param args command line args
*/
// public static void main(String[] args) {
@@ -114,7 +109,7 @@
/**
* Setup method
* <p/>
- *
+ *
* @throws Exception Thrown when there is a problem in setup
*/
protected void setUp() throws Exception {
@@ -126,7 +121,7 @@
/**
* Constructs a soap envelope
* <p/>
- *
+ *
* @return soap envelope
* @throws Exception if there is any problem constructing the soap envelope
*/
@@ -141,7 +136,7 @@
* Test that encrypts and signs a WS-Security envelope, then performs
* verification and decryption.
* <p/>
- *
+ *
* @throws Exception Thrown when there is any problem in signing, encryption,
* decryption, or verification
*/
@@ -172,7 +167,7 @@
builder.build(doc, username, password);
//Step 2
- // I should add wsu:Id here but I am not adding it since
+ // I should add wsu:Id here but I am not adding it since
Element usrEle =
(Element) (doc
.getElementsByTagNameNS(WSConstants.WSSE_NS, "UsernameToken")
@@ -180,7 +175,7 @@
String idValue = "1234";
usrEle.setAttribute("Id", idValue);
- //Step 3 ::
+ //Step 3 ::
Reference ref = new Reference(WSSConfig.getDefaultWSConfig(), doc);
ref.setURI("#" + idValue);
ref.setValueType("UsernameToken");
@@ -210,7 +205,7 @@
*/
Message signedMsg = (Message) AxisUtil.toSOAPMessage(encDoc);
-
+
XMLUtils.PrettyElementToWriter(signedMsg.getSOAPEnvelope().getAsDOM(), new PrintWriter(System.out));
log.info("Encryption Done\n");
// verifyEMBED_SECURITY_TOKEN_REF(signedMsg.getSOAPEnvelope().getAsDocument());
@@ -219,8 +214,8 @@
/**
* Verifies the soap envelope
* <p/>
- *
- * @param doc
+ *
+ * @param doc
* @throws Exception Thrown when there is a problem in verification
*/
private void verifyEMBED_SECURITY_TOKEN_REF(Document doc)