You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2012/10/16 09:55:43 UTC
svn commit: r1398689 - in /cxf/branches/2.6.x-fixes: ./
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
Author: asoldano
Date: Tue Oct 16 07:55:43 2012
New Revision: 1398689
URL: http://svn.apache.org/viewvc?rev=1398689&view=rev
Log:
Merged revisions 1398052 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1398052 | asoldano | 2012-10-14 12:58:27 +0200 (Sun, 14 Oct 2012) | 2 lines
[CXF-4561] Allow disabling WSI-BSP compliance in UsernameTokenInterceptor
........
Modified:
cxf/branches/2.6.x-fixes/ (props changed)
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Merged /cxf/trunk:r1398052
Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java?rev=1398689&r1=1398688&r2=1398689&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java Tue Oct 16 07:55:43 2012
@@ -170,6 +170,7 @@ public class UsernameTokenInterceptor ex
protected WSUsernameTokenPrincipal getPrincipal(Element tokenElement, final SoapMessage message)
throws WSSecurityException {
+ boolean bspCompliant = isWsiBSPCompliant(message);
boolean utWithCallbacks =
MessageUtils.getContextualBoolean(message, SecurityConstants.VALIDATE_TOKEN, true);
if (utWithCallbacks) {
@@ -188,21 +189,23 @@ public class UsernameTokenInterceptor ex
return (Validator)validator;
}
};
- data.setWssConfig(WSSConfig.getNewInstance());
+ WSSConfig config = WSSConfig.getNewInstance();
+ config.setWsiBSPCompliant(bspCompliant);
+ data.setWssConfig(config);
List<WSSecurityEngineResult> results =
p.handleToken(tokenElement, data, wsDocInfo);
return (WSUsernameTokenPrincipal)results.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
} else {
- WSUsernameTokenPrincipal principal = parseTokenAndCreatePrincipal(tokenElement);
+ WSUsernameTokenPrincipal principal = parseTokenAndCreatePrincipal(tokenElement, bspCompliant);
WSS4JTokenConverter.convertToken(message, principal);
return principal;
}
}
- protected WSUsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement)
+ protected WSUsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant)
throws WSSecurityException {
org.apache.ws.security.message.token.UsernameToken ut =
- new org.apache.ws.security.message.token.UsernameToken(tokenElement);
+ new org.apache.ws.security.message.token.UsernameToken(tokenElement, false, bspCompliant);
WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(ut.getName(), ut.isHashed());
principal.setNonce(ut.getNonce());
@@ -213,6 +216,12 @@ public class UsernameTokenInterceptor ex
return principal;
}
+ protected boolean isWsiBSPCompliant(final SoapMessage message) {
+ String bspc = (String)message.getContextualProperty(SecurityConstants.IS_BSP_COMPLIANT);
+ // Default to WSI-BSP compliance enabled
+ return !("false".equals(bspc) || "0".equals(bspc));
+ }
+
protected SecurityContext createSecurityContext(final Principal p, Subject subject) {
return new DefaultSecurityContext(p, subject);
}