You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2012/11/21 16:47:47 UTC
svn commit: r1412156 - in /webservices/wss4j/branches/1_6_x-fixes/src:
main/java/org/apache/ws/security/handler/
main/java/org/apache/ws/security/processor/
main/java/org/apache/ws/security/saml/ test/java/org/apache/ws/security/saml/
Author: coheigea
Date: Wed Nov 21 15:47:46 2012
New Revision: 1412156
URL: http://svn.apache.org/viewvc?rev=1412156&view=rev
Log:
[WSS-406] - Refining the previous commit a bit
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlAlgorithmSuiteTest.java
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java?rev=1412156&r1=1412155&r2=1412156&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java Wed Nov 21 15:47:46 2012
@@ -22,9 +22,7 @@ package org.apache.ws.security.handler;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.Collections;
import java.util.List;
-import java.util.Map;
import java.util.regex.Pattern;
import javax.security.auth.callback.CallbackHandler;
@@ -89,7 +87,7 @@ public class RequestData {
private Collection<Pattern> subjectDNPatterns = new ArrayList<Pattern>();
private boolean appendSignatureAfterTimestamp;
private AlgorithmSuite algorithmSuite;
- private Map<QName, AlgorithmSuite> algorithmSuiteMap = Collections.emptyMap();
+ private AlgorithmSuite samlAlgorithmSuite;
public void clear() {
soapConstants = null;
@@ -117,7 +115,7 @@ public class RequestData {
subjectDNPatterns.clear();
appendSignatureAfterTimestamp = false;
algorithmSuite = null;
- algorithmSuiteMap.clear();
+ samlAlgorithmSuite = null;
}
public Object getMsgContext() {
@@ -529,14 +527,6 @@ public class RequestData {
this.appendSignatureAfterTimestamp = appendSignatureAfterTimestamp;
}
- public Map<QName, AlgorithmSuite> getAlgorithmSuiteMap() {
- return algorithmSuiteMap;
- }
-
- public void setAlgorithmSuiteMap(Map<QName, AlgorithmSuite> algorithmSuiteMap) {
- this.algorithmSuiteMap = algorithmSuiteMap;
- }
-
public AlgorithmSuite getAlgorithmSuite() {
return algorithmSuite;
}
@@ -544,5 +534,13 @@ public class RequestData {
public void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
this.algorithmSuite = algorithmSuite;
}
+
+ public AlgorithmSuite getSamlAlgorithmSuite() {
+ return samlAlgorithmSuite;
+ }
+
+ public void setSamlAlgorithmSuite(AlgorithmSuite samlAlgorithmSuite) {
+ this.samlAlgorithmSuite = samlAlgorithmSuite;
+ }
}
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java?rev=1412156&r1=1412155&r2=1412156&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java Wed Nov 21 15:47:46 2012
@@ -539,13 +539,13 @@ public abstract class WSHandler {
}
protected void decodeAlgorithmSuite(RequestData reqData) throws WSSecurityException {
- AlgorithmSuite algorithmSuite = new AlgorithmSuite();
-
Object mc = reqData.getMsgContext();
- if (mc == null) {
+ if (mc == null || reqData.getAlgorithmSuite() != null) {
return;
}
+ AlgorithmSuite algorithmSuite = new AlgorithmSuite();
+
String signatureAlgorithm = getString(WSHandlerConstants.SIG_ALGO, mc);
if (signatureAlgorithm != null && !"".equals(signatureAlgorithm)) {
algorithmSuite.addSignatureMethod(signatureAlgorithm);
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java?rev=1412156&r1=1412155&r2=1412156&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java Wed Nov 21 15:47:46 2012
@@ -22,7 +22,6 @@ package org.apache.ws.security.processor
import org.apache.ws.security.SAMLTokenPrincipal;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSDocInfo;
-import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.AlgorithmSuite;
@@ -144,19 +143,13 @@ public class SAMLTokenProcessor implemen
}
// Check for compliance against the defined AlgorithmSuite
- AlgorithmSuite algorithmSuite = null;
- if (assertion.getSaml2() != null) {
- algorithmSuite = data.getAlgorithmSuiteMap().get(WSSecurityEngine.SAML2_TOKEN);
- } else {
- algorithmSuite = data.getAlgorithmSuiteMap().get(WSSecurityEngine.SAML_TOKEN);
- }
+ AlgorithmSuite algorithmSuite = data.getSamlAlgorithmSuite();
KeyInfo keyInfo = sig.getKeyInfo();
SAMLKeyInfo samlKeyInfo =
SAMLUtil.getCredentialFromKeyInfo(
keyInfo.getDOM(),
- data, docInfo, data.getWssConfig().isWsiBSPCompliant(),
- algorithmSuite
+ data, docInfo, data.getWssConfig().isWsiBSPCompliant()
);
if (algorithmSuite != null) {
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java?rev=1412156&r1=1412155&r2=1412156&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java Wed Nov 21 15:47:46 2012
@@ -201,7 +201,7 @@ public class SignatureProcessor implemen
// Check for compliance against the defined AlgorithmSuite
AlgorithmSuite algorithmSuite = data.getAlgorithmSuite();
- if (algorithmSuite != null ) {
+ if (algorithmSuite != null) {
AlgorithmSuiteValidator algorithmSuiteValidator = new
AlgorithmSuiteValidator(algorithmSuite);
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java?rev=1412156&r1=1412155&r2=1412156&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java Wed Nov 21 15:47:46 2012
@@ -235,8 +235,7 @@ public final class SAMLUtil {
Element keyInfoElement =
WSSecurityUtil.getDirectChildElement(sub, "KeyInfo", WSConstants.SIG_NS);
if (keyInfoElement != null) {
- return getCredentialFromKeyInfo(keyInfoElement, data, docInfo, bspCompliant,
- data.getAlgorithmSuiteMap().get(WSSecurityEngine.SAML_TOKEN));
+ return getCredentialFromKeyInfo(keyInfoElement, data, docInfo, bspCompliant);
}
}
@@ -281,23 +280,13 @@ public final class SAMLUtil {
Element keyInfoElement =
WSSecurityUtil.getDirectChildElement(sub, "KeyInfo", WSConstants.SIG_NS);
if (keyInfoElement != null) {
- return getCredentialFromKeyInfo(keyInfoElement, data, docInfo, bspCompliant,
- data.getAlgorithmSuiteMap().get(WSSecurityEngine.SAML2_TOKEN));
+ return getCredentialFromKeyInfo(keyInfoElement, data, docInfo, bspCompliant);
}
}
return null;
}
- public static SAMLKeyInfo getCredentialFromKeyInfo(
- Element keyInfoElement,
- RequestData data,
- WSDocInfo docInfo,
- boolean bspCompliant
- ) throws WSSecurityException {
- return getCredentialFromKeyInfo(keyInfoElement, data, docInfo, bspCompliant, null);
- }
-
/**
* This method returns a SAMLKeyInfo corresponding to the credential found in the
* KeyInfo (DOM Element) argument.
@@ -305,7 +294,6 @@ public final class SAMLUtil {
* @param data The RequestData instance used to obtain configuration
* @param docInfo A WSDocInfo instance
* @param bspCompliant Whether to process tokens in compliance with the BSP spec or not
- * @param algorithmSuite An AlgorithmSuite object to use
* @return The credential (as a SAMLKeyInfo object)
* @throws WSSecurityException
*/
@@ -313,8 +301,7 @@ public final class SAMLUtil {
Element keyInfoElement,
RequestData data,
WSDocInfo docInfo,
- boolean bspCompliant,
- AlgorithmSuite algorithmSuite
+ boolean bspCompliant
) throws WSSecurityException {
//
// First try to find an EncryptedKey, BinarySecret or a SecurityTokenReference via DOM
@@ -326,7 +313,7 @@ public final class SAMLUtil {
if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)) {
EncryptedKeyProcessor proc = new EncryptedKeyProcessor();
List<WSSecurityEngineResult> result =
- proc.handleToken((Element)node, data, docInfo, algorithmSuite);
+ proc.handleToken((Element)node, data, docInfo, data.getSamlAlgorithmSuite());
byte[] secret =
(byte[])result.get(0).get(
WSSecurityEngineResult.TAG_SECRET
@@ -347,6 +334,7 @@ public final class SAMLUtil {
Principal principal = strParser.getPrincipal();
// Check for compliance against the defined AlgorithmSuite
+ AlgorithmSuite algorithmSuite = data.getSamlAlgorithmSuite();
if (algorithmSuite != null && principal instanceof WSDerivedKeyTokenPrincipal) {
AlgorithmSuiteValidator algorithmSuiteValidator = new
AlgorithmSuiteValidator(algorithmSuite);
Modified: webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlAlgorithmSuiteTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlAlgorithmSuiteTest.java?rev=1412156&r1=1412155&r2=1412156&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlAlgorithmSuiteTest.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlAlgorithmSuiteTest.java Wed Nov 21 15:47:46 2012
@@ -205,13 +205,7 @@ public class SamlAlgorithmSuiteTest exte
WSSecurityEngine secEngine = new WSSecurityEngine();
RequestData data = new RequestData();
data.setSigCrypto(sigVerCrypto);
- Map<QName, AlgorithmSuite> algorithmSuiteMap = new HashMap<QName, AlgorithmSuite>();
- if (saml2) {
- algorithmSuiteMap.put(WSSecurityEngine.SAML2_TOKEN, algorithmSuite);
- } else {
- algorithmSuiteMap.put(WSSecurityEngine.SAML_TOKEN, algorithmSuite);
- }
- data.setAlgorithmSuiteMap(algorithmSuiteMap);
+ data.setSamlAlgorithmSuite(algorithmSuite);
return secEngine.processSecurityHeader(securityHeader, data);
}