You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/04/04 11:06:49 UTC
[2/3] cxf git commit: CXF-7314 - Custom BinarySecurityTokens are not
used to set up the security context
CXF-7314 - Custom BinarySecurityTokens are not used to set up the security context
# Conflicts:
# rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c799670d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c799670d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c799670d
Branch: refs/heads/3.1.x-fixes
Commit: c799670d4bca30c7a1b316b378c8bfce90a7eeb7
Parents: e2fd915
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Apr 4 11:24:57 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Apr 4 12:05:45 2017 +0100
----------------------------------------------------------------------
.../DefaultWSS4JSecurityContextCreator.java | 29 +++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/c799670d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
index 7855d0e..2cbebd7 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
@@ -40,10 +40,11 @@ import org.apache.cxf.rt.security.utils.SecurityUtils;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.common.token.PKIPathSecurity;
+import org.apache.wss4j.common.token.X509Security;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
/**
* The default implementation to create a SecurityContext from a set of WSS4J processing results.
@@ -93,6 +94,7 @@ public class DefaultWSS4JSecurityContextCreator implements WSS4JSecurityContextC
List<WSSecurityEngineResult> foundResults = actionResults.get(resultPriority);
if (foundResults != null && !foundResults.isEmpty()) {
for (WSSecurityEngineResult result : foundResults) {
+<<<<<<< HEAD
final Object binarySecurity = result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
PublicKey publickey =
(PublicKey)result.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
@@ -107,12 +109,37 @@ public class DefaultWSS4JSecurityContextCreator implements WSS4JSecurityContextC
if (context != null) {
msg.put(SecurityContext.class, context);
return;
+=======
+
+ if (!skipResult(resultPriority, result)) {
+ SecurityContext context = createSecurityContext(msg, useJAASSubject, result);
+ if (context != null) {
+ msg.put(SecurityContext.class, context);
+ return;
+ }
+>>>>>>> d1b8ff6... CXF-7314 - Custom BinarySecurityTokens are not used to set up the security context
}
}
}
}
}
+<<<<<<< HEAD
+=======
+
+ private boolean skipResult(Integer resultPriority, WSSecurityEngineResult result) {
+ Object binarySecurity = result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
+ PublicKey publickey =
+ (PublicKey)result.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
+ X509Certificate cert =
+ (X509Certificate)result.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+
+ return resultPriority == WSConstants.BST
+ && (binarySecurity instanceof X509Security || binarySecurity instanceof PKIPathSecurity)
+ || resultPriority == WSConstants.SIGN && publickey == null && cert == null;
+ }
+
+>>>>>>> d1b8ff6... CXF-7314 - Custom BinarySecurityTokens are not used to set up the security context
protected SecurityContext createSecurityContext(
SoapMessage msg, boolean useJAASSubject, WSSecurityEngineResult wsResult
) {