You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/01/12 16:45:28 UTC
svn commit: r1058200 - in
/cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security:
policy/interceptors/ trust/ wss4j/policyhandlers/
Author: coheigea
Date: Wed Jan 12 15:45:27 2011
New Revision: 1058200
URL: http://svn.apache.org/viewvc?rev=1058200&view=rev
Log:
[CXF-3236] - Port to wss4j-1.6-fixes branch.
Modified:
cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Modified: cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1058200&r1=1058199&r2=1058200&view=diff
==============================================================================
--- cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Wed Jan 12 15:45:27 2011
@@ -19,6 +19,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
+import java.security.Principal;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
@@ -47,6 +48,8 @@ import org.apache.cxf.ws.security.trust.
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.ws.security.CustomTokenPrincipal;
+import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
@@ -214,15 +217,10 @@ public class IssuedTokenInterceptorProvi
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null) {
for (WSHandlerResult rResult : results) {
- List<WSSecurityEngineResult> wsSecEngineResults =
- rResult.getResults();
-
- for (int j = 0; j < wsSecEngineResults.size(); j++) {
- //WSSecurityEngineResult wser =
- // (WSSecurityEngineResult) wsSecEngineResults.get(j);
- //Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- //how to find if it's due to an IssuedToken?
+ SecurityToken token = findIssuedToken(rResult.getResults());
+ if (token != null) {
found = true;
+ message.getExchange().put(SecurityConstants.TOKEN, token);
}
}
}
@@ -237,5 +235,34 @@ public class IssuedTokenInterceptorProvi
}
}
}
+
+ private SecurityToken findIssuedToken(
+ List<WSSecurityEngineResult> wsSecEngineResults
+ ) {
+ for (WSSecurityEngineResult wser : wsSecEngineResults) {
+ Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
+ if (actInt.intValue() == WSConstants.SIGN) {
+ Principal principal =
+ (Principal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
+ if (principal instanceof CustomTokenPrincipal) {
+ CustomTokenPrincipal customPrincipal =
+ (CustomTokenPrincipal)principal;
+ byte[] secretKey =
+ (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
+ if (secretKey != null) {
+ SecurityToken token =
+ new SecurityToken(
+ customPrincipal.getName(),
+ (java.util.Date)null,
+ (java.util.Date)null
+ );
+ token.setSecret(secretKey);
+ return token;
+ }
+ }
+ }
+ }
+ return null;
+ }
}
}
Modified: cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1058200&r1=1058199&r2=1058200&view=diff
==============================================================================
--- cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java (original)
+++ cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java Wed Jan 12 15:45:27 2011
@@ -889,7 +889,7 @@ public class STSClient implements Config
proc.handleToken(child, null, createCrypto(true), createHandler(), docInfo, null);
secret =
(byte[])result.get(0).get(
- WSSecurityEngineResult.TAG_DECRYPTED_KEY
+ WSSecurityEngineResult.TAG_SECRET
);
} catch (IOException e) {
throw new TrustException("ENCRYPTED_KEY_ERROR", LOG, e);
Modified: cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java?rev=1058200&r1=1058199&r2=1058200&view=diff
==============================================================================
--- cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java (original)
+++ cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java Wed Jan 12 15:45:27 2011
@@ -489,7 +489,7 @@ public class AsymmetricBindingHandler ex
*/
for (WSSecurityEngineResult wser : wsSecEngineResults) {
Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- byte[] decryptedKey = (byte[])wser.get(WSSecurityEngineResult.TAG_DECRYPTED_KEY);
+ byte[] decryptedKey = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
if (actInt.intValue() == WSConstants.ENCR && decryptedKey != null) {
return decryptedKey;
}
Modified: cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1058200&r1=1058199&r2=1058200&view=diff
==============================================================================
--- cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java (original)
+++ cxf/branches/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java Wed Jan 12 15:45:27 2011
@@ -770,7 +770,7 @@ public class SymmetricBindingHandler ext
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok = new SecurityToken(encryptedKeyID, created, expires);
- tempTok.setSecret((byte[])wser.get(WSSecurityEngineResult.TAG_DECRYPTED_KEY));
+ tempTok.setSecret((byte[])wser.get(WSSecurityEngineResult.TAG_SECRET));
tempTok.setSHA1(getSHA1((byte[])wser
.get(WSSecurityEngineResult.TAG_ENCRYPTED_EPHEMERAL_KEY)));
tokenStore.add(tempTok);