You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/05/12 15:17:38 UTC

[3/3] cxf git commit: [CXF-6400] - Make ws-security.callback-handler optional for generating a WS-Security signature

[CXF-6400] - Make ws-security.callback-handler optional for generating a WS-Security signature


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a64265c2
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a64265c2
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a64265c2

Branch: refs/heads/master
Commit: a64265c29be124e9bffb46eb35a68b3504860c3a
Parents: 4b489ff
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue May 12 11:33:05 2015 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue May 12 14:17:32 2015 +0100

----------------------------------------------------------------------
 .../policyhandlers/AbstractBindingBuilder.java    | 18 +++++++++++++++---
 .../policyhandlers/TransportBindingHandler.java   |  3 ---
 2 files changed, 15 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/a64265c2/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 1e85cc1..94e68bd 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -921,18 +921,30 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         return id;
     }
     
-    public String getPassword(String userName, Assertion info, int usage) {
+    protected String getPassword(String userName, Assertion info, int usage) {
         //Then try to get the password from the given callback handler
         Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message);
         CallbackHandler handler = null;
         try {
             handler = SecurityUtils.getCallbackHandler(o);
             if (handler == null) {
-                unassertPolicy(info, "No callback handler and no password available");
+                // Don't unassert for signature as we might get the password from the crypto properties
+                if (usage == WSPasswordCallback.SIGNATURE) {
+                    LOG.info("No CallbackHandler available to retrieve a password. We will now try the crypto "
+                             + "properties file for a private password");
+                } else {
+                    unassertPolicy(info, "No callback handler and no password available");
+                }
                 return null;
             }
         } catch (Exception ex) {
-            unassertPolicy(info, "No callback handler and no password available");
+            // Don't unassert for signature as we might get the password from the crypto properties
+            if (usage == WSPasswordCallback.SIGNATURE) {
+                LOG.info("No CallbackHandler available to retrieve a password. We will now try the crypto "
+                         + "properties file for a private password");
+            } else {
+                unassertPolicy(info, "No callback handler and no password available");
+            }
             return null;
         }
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/a64265c2/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
index 34e2c56..12b111b 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
@@ -571,9 +571,6 @@ public class TransportBindingHandler extends AbstractBindingBuilder {
                 uname = (String)SecurityUtils.getSecurityPropertyValue(userNameKey, message);
             }
             String password = getPassword(uname, token, WSPasswordCallback.SIGNATURE);
-            if (password == null) {
-                password = "";
-            }
             sig.setUserInfo(uname, password);
             sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAsymmetricSignature());
         } else {