You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/02/05 13:15:52 UTC
svn commit: r1564731 - in /cxf/branches/2.7.x-fixes:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/
systests/ws-security/src/test/resources/org/apache/cxf...
Author: coheigea
Date: Wed Feb 5 12:15:51 2014
New Revision: 1564731
URL: http://svn.apache.org/r1564731
Log:
Another EncryptBeforeSigning fix
Conflicts:
systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl
systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client.xml
systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server.xml
systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/stax-server.xml
Modified:
cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
cxf/branches/2.7.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java
cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl
cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml
cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml
Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1564731&r1=1564730&r2=1564731&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java (original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java Wed Feb 5 12:15:51 2014
@@ -262,7 +262,7 @@ public class SymmetricBindingHandler ext
this.addDerivedKeyElement(secondRefList);
} else if (!secondEncrParts.isEmpty()) {
//Encrypt, get hold of the ref list and add it
- secondRefList = ((WSSecEncrypt)encr).encryptForRef(null, encrParts);
+ secondRefList = ((WSSecEncrypt)encr).encryptForRef(null, secondEncrParts);
this.addDerivedKeyElement(secondRefList);
}
}
Modified: cxf/branches/2.7.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java?rev=1564731&r1=1564730&r2=1564731&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java (original)
+++ cxf/branches/2.7.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java Wed Feb 5 12:15:51 2014
@@ -443,6 +443,29 @@ public class X509TokenTest extends Abstr
}
@org.junit.Test
+ public void testSymmetricUsernameToken() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = X509TokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = X509TokenTest.class.getResource("DoubleItX509.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSymmetricUsernameTokenPort");
+ DoubleItPortType x509Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(x509Port, PORT);
+
+ x509Port.doubleIt(25);
+
+ ((java.io.Closeable)x509Port).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testSymmetricProtectTokens() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
Modified: cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl?rev=1564731&r1=1564730&r2=1564731&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl (original)
+++ cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl Wed Feb 5 12:15:51 2014
@@ -296,6 +296,24 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
+ <wsdl:binding name="DoubleItSymmetricUsernameTokenBinding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItSymmetricUsernameTokenPolicy"/>
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction=""/>
+ <wsdl:input>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault"/>
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
<wsdl:binding name="DoubleItSymmetricProtectTokensBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItSymmetricProtectTokensPolicy" />
<soap:binding style="document"
@@ -514,6 +532,9 @@
binding="tns:DoubleItAsymmetricUsernameTokenBinding">
<soap:address location="http://localhost:9001/DoubleItX509AsymmetricUsernameToken" />
</wsdl:port>
+ <wsdl:port name="DoubleItSymmetricUsernameTokenPort" binding="tns:DoubleItSymmetricUsernameTokenBinding">
+ <soap:address location="http://localhost:9001/DoubleItX509SymmetricUsernameToken"/>
+ </wsdl:port>
<wsdl:port name="DoubleItSymmetricProtectTokensPort"
binding="tns:DoubleItSymmetricProtectTokensBinding">
<soap:address location="http://localhost:9001/DoubleItX509SymmetricProtect" />
@@ -1086,6 +1107,49 @@
</wsp:ExactlyOne>
</wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItSymmetricUsernameTokenPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token11/>
+ <sp:RequireThumbprintReference/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ <sp:EncryptBeforeSigning/>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EncryptedSupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken11/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:EncryptedSupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
<wsp:Policy wsu:Id="DoubleItSymmetricProtectTokensPolicy">
<wsp:ExactlyOne>
<wsp:All>
Modified: cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml?rev=1564731&r1=1564730&r2=1564731&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml (original)
+++ cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml Wed Feb 5 12:15:51 2014
@@ -266,6 +266,17 @@
</jaxws:properties>
</jaxws:client>
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSymmetricUsernameTokenPort" createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.encryption.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.username" value="alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSymmetricProtectTokensPort"
createdFromAPI="true">
<jaxws:properties>
Modified: cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml?rev=1564731&r1=1564730&r2=1564731&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml (original)
+++ cxf/branches/2.7.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml Wed Feb 5 12:15:51 2014
@@ -430,6 +430,15 @@
</jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SymmetricUsernameToken" address="http://localhost:${testutil.ports.Server}/DoubleItX509SymmetricUsernameToken" serviceName="s:DoubleItService" endpointName="s:DoubleItSymmetricUsernameTokenPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ <entry key="ws-security.signature.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/bob.properties"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
<jaxws:endpoint
id="SymmetricProtectTokens"
address="http://localhost:${testutil.ports.Server}/DoubleItX509SymmetricProtect"