You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2013/09/26 15:21:21 UTC
svn commit: r1526479 [1/3] - in /webservices/wss4j/trunk:
ws-security-common/src/main/java/org/apache/wss4j/common/
ws-security-dom/src/main/java/org/apache/wss4j/dom/
ws-security-dom/src/main/java/org/apache/wss4j/dom/action/
ws-security-dom/src/main/...
Author: coheigea
Date: Thu Sep 26 13:21:19 2013
New Revision: 1526479
URL: http://svn.apache.org/r1526479
Log:
Refactor of WSHandler "Action" configuration to allow per-Action configuration of keys/certificates/etc.
Added:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java
- copied, changed from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java
- copied, changed from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java
Removed:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomAction.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomHandler.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CallbackRefTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CustomActionProcessorTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureConfirmationTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureUTAliasTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/UseReqSigCertTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/WSHandlerGetPasswordTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptedDataInHeaderTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionCRLTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordEncryptorTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordTypeTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ReplayTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/RequireSignedEncryptedDataElementsTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/STRSignatureTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAlgorithmSuiteTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureCertTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureEncryptionTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignedBSTTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SymmetricSignatureTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTSignatureTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/processor/EncryptedKeyDataRefTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/processor/ReferenceListDataRefTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlReferenceTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenSVTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/EncDecryptionTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/SignatureCRLTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/SignatureCertConstaintsTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/saml/SAMLTokenReferenceTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/saml/SamlTokenDerivedTest.java
Added: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java (added)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common;
+
+
+/**
+ * This class encapsulates configuration for Encryption Actions.
+ */
+public class EncryptionActionToken extends SignatureEncryptionActionToken {
+
+ private boolean encSymmetricEncryptionKey = true;
+ private String mgfAlgorithm;
+ private String symmetricAlgorithm;
+ private String keyTransportAlgorithm;
+
+ public boolean isEncSymmetricEncryptionKey() {
+ return encSymmetricEncryptionKey;
+ }
+ public void setEncSymmetricEncryptionKey(boolean encSymmetricEncryptionKey) {
+ this.encSymmetricEncryptionKey = encSymmetricEncryptionKey;
+ }
+ public String getMgfAlgorithm() {
+ return mgfAlgorithm;
+ }
+ public void setMgfAlgorithm(String mgfAlgorithm) {
+ this.mgfAlgorithm = mgfAlgorithm;
+ }
+ public String getSymmetricAlgorithm() {
+ return symmetricAlgorithm;
+ }
+ public void setSymmetricAlgorithm(String symmetricAlgorithm) {
+ this.symmetricAlgorithm = symmetricAlgorithm;
+ }
+ public String getKeyTransportAlgorithm() {
+ return keyTransportAlgorithm;
+ }
+ public void setKeyTransportAlgorithm(String keyTransportAlgorithm) {
+ this.keyTransportAlgorithm = keyTransportAlgorithm;
+ }
+
+}
+
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java (from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java&r1=1525860&r2=1526479&rev=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java Thu Sep 26 13:21:19 2013
@@ -16,24 +16,30 @@
* specific language governing permissions and limitations
* under the License.
*/
+package org.apache.wss4j.common;
-package org.apache.wss4j.dom.action;
+import java.security.Key;
+import java.security.cert.X509Certificate;
-import org.w3c.dom.Document;
+import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.handler.WSHandler;
+
/**
- * Interface for all actions
+ * This interface encapsulates configuration for Actions. This allows a user to use specific keys
+ * for different actions, rather than to use the generic keys etc. configured on the request.
*/
-public interface Action {
+public interface SecurityActionToken {
+
+ String getUser();
+
+ Key getKey();
- void execute(
- WSHandler handler,
- int actionToDo,
- Document doc,
- RequestData reqData
- ) throws WSSecurityException;
+ X509Certificate getCertificate();
+
+ Crypto getCrypto() throws WSSecurityException;
+
+ String getCryptoProperties();
}
+
Added: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java (added)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common;
+
+
+/**
+ * This class encapsulates configuration for Signature Actions.
+ */
+public class SignatureActionToken extends SignatureEncryptionActionToken {
+
+ private String c14nAlgorithm;
+ private boolean includeSignatureToken = true;
+ private boolean useSingleCert = true;
+ private String signatureAlgorithm;
+
+ public String getC14nAlgorithm() {
+ return c14nAlgorithm;
+ }
+ public void setC14nAlgorithm(String c14nAlgorithm) {
+ this.c14nAlgorithm = c14nAlgorithm;
+ }
+ public boolean isIncludeSignatureToken() {
+ return includeSignatureToken;
+ }
+ public void setIncludeSignatureToken(boolean includeSignatureToken) {
+ this.includeSignatureToken = includeSignatureToken;
+ }
+ public boolean isUseSingleCert() {
+ return useSingleCert;
+ }
+ public void setUseSingleCert(boolean useSingleCert) {
+ this.useSingleCert = useSingleCert;
+ }
+ public String getSignatureAlgorithm() {
+ return signatureAlgorithm;
+ }
+ public void setSignatureAlgorithm(String signatureAlgorithm) {
+ this.signatureAlgorithm = signatureAlgorithm;
+ }
+
+}
+
Added: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java (added)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,137 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common;
+
+import java.security.Key;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.Loader;
+import org.w3c.dom.Element;
+
+/**
+ * This abstract class encapsulates configuration for Signature + Encryption Actions.
+ */
+public abstract class SignatureEncryptionActionToken implements SecurityActionToken {
+
+ private static final org.slf4j.Logger LOG =
+ org.slf4j.LoggerFactory.getLogger(SignatureEncryptionActionToken.class);
+
+ private X509Certificate certificate;
+ private Key key;
+ private String user;
+ private Element keyInfoElement;
+ private Crypto crypto;
+ private String keyIdentifier;
+ private int keyIdentifierId;
+ private String digestAlgorithm;
+ private List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+ private String optionalParts;
+ private String cryptoProperties;
+
+ public X509Certificate getCertificate() {
+ return certificate;
+ }
+ public void setCertificate(X509Certificate certificate) {
+ this.certificate = certificate;
+ }
+ public Key getKey() {
+ return key;
+ }
+ public void setKey(Key key) {
+ this.key = key;
+ }
+ public Element getKeyInfoElement() {
+ return keyInfoElement;
+ }
+ public void setKeyInfoElement(Element keyInfoElement) {
+ this.keyInfoElement = keyInfoElement;
+ }
+ public String getUser() {
+ return user;
+ }
+ public void setUser(String user) {
+ this.user = user;
+ }
+
+ public synchronized Crypto getCrypto() throws WSSecurityException {
+ if (crypto != null) {
+ return crypto;
+ }
+ if (cryptoProperties != null) {
+ ClassLoader classLoader = null;
+ try {
+ classLoader = Loader.getTCL();
+ } catch (Exception ex) {
+ // Ignore
+ LOG.debug(ex.getMessage(), ex);
+ }
+ Properties properties = CryptoFactory.getProperties(cryptoProperties, classLoader);
+ crypto =
+ CryptoFactory.getInstance(properties, classLoader, null);
+ }
+ return crypto;
+ }
+
+ public void setCrypto(Crypto crypto) {
+ this.crypto = crypto;
+ }
+ public String getKeyIdentifier() {
+ return keyIdentifier;
+ }
+ public void setKeyIdentifier(String keyIdentifier) {
+ this.keyIdentifier = keyIdentifier;
+ }
+ public String getDigestAlgorithm() {
+ return digestAlgorithm;
+ }
+ public void setDigestAlgorithm(String digestAlgorithm) {
+ this.digestAlgorithm = digestAlgorithm;
+ }
+ public String getOptionalParts() {
+ return optionalParts;
+ }
+ public void setOptionalParts(String optionalParts) {
+ this.optionalParts = optionalParts;
+ }
+ public int getKeyIdentifierId() {
+ return keyIdentifierId;
+ }
+ public void setKeyIdentifierId(int keyIdentifierId) {
+ this.keyIdentifierId = keyIdentifierId;
+ }
+ public List<WSEncryptionPart> getParts() {
+ return parts;
+ }
+ public void setParts(List<WSEncryptionPart> parts) {
+ this.parts = parts;
+ }
+ public String getCryptoProperties() {
+ return cryptoProperties;
+ }
+ public void setCryptoProperties(String cryptoProperties) {
+ this.cryptoProperties = cryptoProperties;
+ }
+}
+
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java (from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java&r1=1525860&r2=1526479&rev=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java Thu Sep 26 13:21:19 2013
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom;
+package org.apache.wss4j.common;
import org.w3c.dom.Element;
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java Thu Sep 26 13:21:19 2013
@@ -20,6 +20,7 @@
package org.apache.wss4j.dom.action;
import org.w3c.dom.Document;
+import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
@@ -31,7 +32,7 @@ public interface Action {
void execute(
WSHandler handler,
- int actionToDo,
+ SecurityActionToken actionToken,
Document doc,
RequestData reqData
) throws WSSecurityException;
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java Thu Sep 26 13:21:19 2013
@@ -24,6 +24,8 @@ import java.security.cert.X509Certificat
import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.EncryptionActionToken;
+import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.ext.WSPasswordCallback;
@@ -35,14 +37,23 @@ import org.apache.wss4j.dom.message.WSSe
import org.w3c.dom.Document;
public class EncryptionAction implements Action {
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
WSSecEncrypt wsEncrypt = new WSSecEncrypt(reqData.getWssConfig());
- if (reqData.getEncKeyId() != 0) {
- wsEncrypt.setKeyIdentifierType(reqData.getEncKeyId());
+ EncryptionActionToken encryptionToken = null;
+ if (actionToken instanceof EncryptionActionToken) {
+ encryptionToken = (EncryptionActionToken)actionToken;
}
- if (reqData.getEncKeyId() == WSConstants.EMBEDDED_KEYNAME) {
+ if (encryptionToken == null) {
+ encryptionToken = reqData.getEncryptionToken();
+ }
+
+ if (encryptionToken.getKeyIdentifierId() != 0) {
+ wsEncrypt.setKeyIdentifierType(encryptionToken.getKeyIdentifierId());
+ }
+ if (encryptionToken.getKeyIdentifierId() == WSConstants.EMBEDDED_KEYNAME) {
String encKeyName = handler.getString(WSHandlerConstants.ENC_KEY_NAME,
reqData.getMsgContext());
wsEncrypt.setEmbeddedKeyName(encKeyName);
@@ -53,50 +64,50 @@ public class EncryptionAction implements
reqData
);
WSPasswordCallback passwordCallback =
- handler.getPasswordCB(reqData.getEncUser(), actionToDo, callbackHandler, reqData);
+ handler.getPasswordCB(encryptionToken.getUser(), WSConstants.ENCR, callbackHandler, reqData);
byte[] embeddedKey = passwordCallback.getKey();
wsEncrypt.setKey(embeddedKey);
wsEncrypt.setDocument(doc);
}
- if (reqData.getEncSymmAlgo() != null) {
- wsEncrypt.setSymmetricEncAlgorithm(reqData.getEncSymmAlgo());
+ if (encryptionToken.getSymmetricAlgorithm() != null) {
+ wsEncrypt.setSymmetricEncAlgorithm(encryptionToken.getSymmetricAlgorithm());
}
- if (reqData.getEncKeyTransport() != null) {
- wsEncrypt.setKeyEnc(reqData.getEncKeyTransport());
+ if (encryptionToken.getKeyTransportAlgorithm() != null) {
+ wsEncrypt.setKeyEnc(encryptionToken.getKeyTransportAlgorithm());
}
- if (reqData.getEncDigestAlgorithm() != null) {
- wsEncrypt.setDigestAlgorithm(reqData.getEncDigestAlgorithm());
+ if (encryptionToken.getDigestAlgorithm() != null) {
+ wsEncrypt.setDigestAlgorithm(encryptionToken.getDigestAlgorithm());
}
- if (reqData.getEncMGFAlgorithm() != null) {
- wsEncrypt.setMGFAlgorithm(reqData.getEncMGFAlgorithm());
+ if (encryptionToken.getMgfAlgorithm() != null) {
+ wsEncrypt.setMGFAlgorithm(encryptionToken.getMgfAlgorithm());
}
- wsEncrypt.setUserInfo(reqData.getEncUser());
- wsEncrypt.setUseThisCert(reqData.getEncCert());
- Crypto crypto = reqData.getEncCrypto();
+ wsEncrypt.setUserInfo(encryptionToken.getUser());
+ wsEncrypt.setUseThisCert(encryptionToken.getCertificate());
+ Crypto crypto = encryptionToken.getCrypto();
boolean enableRevocation = Boolean.valueOf(handler.getStringOption(WSHandlerConstants.ENABLE_REVOCATION));
if (enableRevocation && crypto != null) {
CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(reqData.getEncUser());
+ cryptoType.setAlias(encryptionToken.getUser());
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
if (certs != null && certs.length > 0) {
crypto.verifyTrust(certs, enableRevocation);
}
}
- if (reqData.getEncryptParts().size() > 0) {
- wsEncrypt.setParts(reqData.getEncryptParts());
+ if (encryptionToken.getParts().size() > 0) {
+ wsEncrypt.setParts(encryptionToken.getParts());
}
- if (!reqData.getEncryptSymmetricEncryptionKey()) {
+ if (!encryptionToken.isEncSymmetricEncryptionKey()) {
CallbackHandler callbackHandler =
handler.getPasswordCallbackHandler(reqData);
WSPasswordCallback passwordCallback =
- handler.getPasswordCB(reqData.getEncUser(), actionToDo, callbackHandler, reqData);
+ handler.getPasswordCB(encryptionToken.getUser(), WSConstants.ENCR, callbackHandler, reqData);
wsEncrypt.setEphemeralKey(passwordCallback.getKey());
- wsEncrypt.setEncryptSymmKey(reqData.getEncryptSymmetricEncryptionKey());
+ wsEncrypt.setEncryptSymmKey(encryptionToken.isEncSymmetricEncryptionKey());
}
try {
- wsEncrypt.build(doc, reqData.getEncCrypto(), reqData.getSecHeader());
+ wsEncrypt.build(doc, encryptionToken.getCrypto(), reqData.getSecHeader());
} catch (WSSecurityException e) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty", e, "Error during encryption: ");
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java Thu Sep 26 13:21:19 2013
@@ -21,17 +21,19 @@ package org.apache.wss4j.dom.action;
import javax.security.auth.callback.CallbackHandler;
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
+import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
import org.apache.wss4j.dom.handler.WSHandlerConstants;
import org.apache.wss4j.dom.saml.WSSecSignatureSAML;
-
import org.w3c.dom.Document;
public class SAMLTokenSignedAction implements Action {
@@ -39,7 +41,8 @@ public class SAMLTokenSignedAction imple
private static org.slf4j.Logger log =
org.slf4j.LoggerFactory.getLogger(SAMLTokenSignedAction.class);
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
Crypto crypto = null;
/*
@@ -92,20 +95,28 @@ public class SAMLTokenSignedAction imple
CallbackHandler callbackHandler =
handler.getPasswordCallbackHandler(reqData);
WSPasswordCallback passwordCallback =
- handler.getPasswordCB(reqData.getUsername(), actionToDo, callbackHandler, reqData);
+ handler.getPasswordCB(reqData.getUsername(), WSConstants.ST_SIGNED, callbackHandler, reqData);
wsSign.setUserInfo(reqData.getUsername(), passwordCallback.getPassword());
- if (reqData.getSigKeyId() != 0) {
- wsSign.setKeyIdentifierType(reqData.getSigKeyId());
+ SignatureActionToken signatureToken = null;
+ if (actionToken instanceof SignatureActionToken) {
+ signatureToken = (SignatureActionToken)actionToken;
+ }
+ if (signatureToken == null) {
+ signatureToken = reqData.getSignatureToken();
+ }
+
+ if (signatureToken.getKeyIdentifierId() != 0) {
+ wsSign.setKeyIdentifierType(signatureToken.getKeyIdentifierId());
}
- if (reqData.getSigAlgorithm() != null) {
- wsSign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+ if (signatureToken.getSignatureAlgorithm() != null) {
+ wsSign.setSignatureAlgorithm(signatureToken.getSignatureAlgorithm());
}
- if (reqData.getSigDigestAlgorithm() != null) {
- wsSign.setDigestAlgo(reqData.getSigDigestAlgorithm());
+ if (signatureToken.getDigestAlgorithm() != null) {
+ wsSign.setDigestAlgo(signatureToken.getDigestAlgorithm());
}
- if (reqData.getSignatureC14nAlgorithm() != null) {
- wsSign.setSigCanonicalization(reqData.getSignatureC14nAlgorithm());
+ if (signatureToken.getC14nAlgorithm() != null) {
+ wsSign.setSigCanonicalization(signatureToken.getC14nAlgorithm());
}
/*
@@ -114,8 +125,8 @@ public class SAMLTokenSignedAction imple
* If not set WSSecSignatureSAML
* defaults to only sign the body.
*/
- if (reqData.getSignatureParts().size() > 0) {
- wsSign.setParts(reqData.getSignatureParts());
+ if (signatureToken.getParts().size() > 0) {
+ wsSign.setParts(signatureToken.getParts());
}
try {
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java Thu Sep 26 13:21:19 2013
@@ -21,6 +21,7 @@ package org.apache.wss4j.dom.action;
import javax.security.auth.callback.CallbackHandler;
+import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.SAMLCallback;
@@ -33,7 +34,8 @@ import org.w3c.dom.Document;
public class SAMLTokenUnsignedAction implements Action {
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
WSSecSAMLToken builder = new WSSecSAMLToken(reqData.getWssConfig());
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java Thu Sep 26 13:21:19 2013
@@ -23,10 +23,12 @@ import java.util.List;
import javax.security.auth.callback.CallbackHandler;
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
import org.apache.wss4j.dom.message.WSSecSignature;
@@ -35,35 +37,45 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
public class SignatureAction implements Action {
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
CallbackHandler callbackHandler = reqData.getCallbackHandler();
if (callbackHandler == null) {
callbackHandler = handler.getPasswordCallbackHandler(reqData);
}
+
+ SignatureActionToken signatureToken = null;
+ if (actionToken instanceof SignatureActionToken) {
+ signatureToken = (SignatureActionToken)actionToken;
+ }
+ if (signatureToken == null) {
+ signatureToken = reqData.getSignatureToken();
+ }
+
WSPasswordCallback passwordCallback =
- handler.getPasswordCB(reqData.getSignatureUser(), actionToDo, callbackHandler, reqData);
+ handler.getPasswordCB(signatureToken.getUser(), WSConstants.SIGN, callbackHandler, reqData);
WSSecSignature wsSign = new WSSecSignature(reqData.getWssConfig());
- if (reqData.getSigKeyId() != 0) {
- wsSign.setKeyIdentifierType(reqData.getSigKeyId());
+ if (signatureToken.getKeyIdentifierId() != 0) {
+ wsSign.setKeyIdentifierType(signatureToken.getKeyIdentifierId());
}
- if (reqData.getSigAlgorithm() != null) {
- wsSign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+ if (signatureToken.getSignatureAlgorithm() != null) {
+ wsSign.setSignatureAlgorithm(signatureToken.getSignatureAlgorithm());
}
- if (reqData.getSigDigestAlgorithm() != null) {
- wsSign.setDigestAlgo(reqData.getSigDigestAlgorithm());
+ if (signatureToken.getDigestAlgorithm() != null) {
+ wsSign.setDigestAlgo(signatureToken.getDigestAlgorithm());
}
- if (reqData.getSignatureC14nAlgorithm() != null) {
- wsSign.setSigCanonicalization(reqData.getSignatureC14nAlgorithm());
+ if (signatureToken.getC14nAlgorithm() != null) {
+ wsSign.setSigCanonicalization(signatureToken.getC14nAlgorithm());
}
- wsSign.setIncludeSignatureToken(reqData.isIncludeSignatureToken());
+ wsSign.setIncludeSignatureToken(signatureToken.isIncludeSignatureToken());
- wsSign.setUserInfo(reqData.getSignatureUser(), passwordCallback.getPassword());
- wsSign.setUseSingleCertificate(reqData.isUseSingleCert());
- if (reqData.getSignatureParts().size() > 0) {
- wsSign.setParts(reqData.getSignatureParts());
+ wsSign.setUserInfo(signatureToken.getUser(), passwordCallback.getPassword());
+ wsSign.setUseSingleCertificate(signatureToken.isUseSingleCert());
+ if (signatureToken.getParts().size() > 0) {
+ wsSign.setParts(signatureToken.getParts());
}
if (passwordCallback.getKey() != null) {
@@ -71,11 +83,11 @@ public class SignatureAction implements
}
try {
- wsSign.prepare(doc, reqData.getSigCrypto(), reqData.getSecHeader());
+ wsSign.prepare(doc, signatureToken.getCrypto(), reqData.getSecHeader());
Element siblingElementToPrepend = null;
boolean signBST = false;
- for (WSEncryptionPart part : reqData.getSignatureParts()) {
+ for (WSEncryptionPart part : signatureToken.getParts()) {
if ("STRTransform".equals(part.getName()) && part.getId() == null) {
part.setId(wsSign.getSecurityTokenReferenceURI());
} else if (reqData.isAppendSignatureAfterTimestamp()
@@ -108,7 +120,7 @@ public class SignatureAction implements
wsSign.prependBSTElementToHeader(reqData.getSecHeader());
}
List<javax.xml.crypto.dsig.Reference> referenceList =
- wsSign.addReferencesToSign(reqData.getSignatureParts(), reqData.getSecHeader());
+ wsSign.addReferencesToSign(signatureToken.getParts(), reqData.getSecHeader());
if (signBST ||
reqData.isAppendSignatureAfterTimestamp() && siblingElementToPrepend == null) {
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java Thu Sep 26 13:21:19 2013
@@ -20,8 +20,10 @@
package org.apache.wss4j.dom.action;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
@@ -39,7 +41,8 @@ public class SignatureConfirmationAction
org.slf4j.LoggerFactory.getLogger(SignatureConfirmationAction.class);
@SuppressWarnings("unchecked")
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
if (log.isDebugEnabled()) {
log.debug("Perform Signature confirmation");
@@ -72,7 +75,11 @@ public class SignatureConfirmationAction
// prepare a SignatureConfirmation token
//
WSSecSignatureConfirmation wsc = new WSSecSignatureConfirmation(reqData.getWssConfig());
- List<WSEncryptionPart> signatureParts = reqData.getSignatureParts();
+ SignatureActionToken signatureToken = (SignatureActionToken)actionToken;
+ if (signatureToken == null) {
+ signatureToken = reqData.getSignatureToken();
+ }
+ List<WSEncryptionPart> signatureParts = signatureToken.getParts();
if (signatureActions.size() > 0) {
if (log.isDebugEnabled()) {
log.debug("Signature Confirmation: number of Signature results: "
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java Thu Sep 26 13:21:19 2013
@@ -19,6 +19,7 @@
package org.apache.wss4j.dom.action;
+import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
@@ -27,7 +28,8 @@ import org.w3c.dom.Document;
public class TimestampAction implements Action {
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
//
// add the Timestamp to the SOAP Envelope
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java Thu Sep 26 13:21:19 2013
@@ -21,8 +21,10 @@ package org.apache.wss4j.dom.action;
import javax.security.auth.callback.CallbackHandler;
+import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
import org.apache.wss4j.dom.message.WSSecUsernameToken;
@@ -30,7 +32,8 @@ import org.w3c.dom.Document;
public class UsernameTokenAction implements Action {
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
String username = reqData.getUsername();
String password = null;
@@ -38,7 +41,7 @@ public class UsernameTokenAction impleme
CallbackHandler callbackHandler =
handler.getPasswordCallbackHandler(reqData);
WSPasswordCallback passwordCallback =
- handler.getPasswordCB(reqData.getUsername(), actionToDo, callbackHandler, reqData);
+ handler.getPasswordCB(reqData.getUsername(), WSConstants.UT, callbackHandler, reqData);
username = passwordCallback.getIdentifier();
password = passwordCallback.getPassword();
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java Thu Sep 26 13:21:19 2013
@@ -26,7 +26,9 @@ import javax.security.auth.callback.Call
import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
@@ -44,14 +46,15 @@ import org.w3c.dom.Document;
*/
public class UsernameTokenSignedAction implements Action {
- public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+ public void execute(WSHandler handler, SecurityActionToken actionToken,
+ Document doc, RequestData reqData)
throws WSSecurityException {
CallbackHandler callbackHandler = reqData.getCallbackHandler();
if (callbackHandler == null) {
callbackHandler = handler.getPasswordCallbackHandler(reqData);
}
WSPasswordCallback passwordCallback =
- handler.getPasswordCB(reqData.getUsername(), actionToDo, callbackHandler, reqData);
+ handler.getPasswordCB(reqData.getUsername(), WSConstants.UT_SIGN, callbackHandler, reqData);
WSSecUsernameToken builder = new WSSecUsernameToken(reqData.getWssConfig());
@@ -80,17 +83,25 @@ public class UsernameTokenSignedAction i
// after "prepare" the Signature XML element is ready and may prepend
// this to the security header.
+ SignatureActionToken signatureToken = null;
+ if (actionToken instanceof SignatureActionToken) {
+ signatureToken = (SignatureActionToken)actionToken;
+ }
+ if (signatureToken == null) {
+ signatureToken = reqData.getSignatureToken();
+ }
+
WSSecSignature sign = new WSSecSignature(reqData.getWssConfig());
sign.setCustomTokenValueType(WSConstants.USERNAMETOKEN_NS + "#UsernameToken");
sign.setCustomTokenId(builder.getId());
sign.setSecretKey(builder.getDerivedKey());
sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
- if (reqData.getSigDigestAlgorithm() != null) {
- sign.setDigestAlgo(reqData.getSigDigestAlgorithm());
+ if (signatureToken.getDigestAlgorithm() != null) {
+ sign.setDigestAlgo(signatureToken.getDigestAlgorithm());
}
- if (reqData.getSigAlgorithm() != null) {
- sign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+ if (signatureToken.getSignatureAlgorithm() != null) {
+ sign.setSignatureAlgorithm(signatureToken.getSignatureAlgorithm());
} else {
sign.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
}
@@ -104,8 +115,8 @@ public class UsernameTokenSignedAction i
// builder.prependToHeader(reqData.getSecHeader());
List<WSEncryptionPart> parts = null;
- if (reqData.getSignatureParts().size() > 0) {
- parts = reqData.getSignatureParts();
+ if (signatureToken.getParts().size() > 0) {
+ parts = signatureToken.getParts();
} else {
SOAPConstants soapConstants = reqData.getSoapConstants();
if (soapConstants == null) {
Added: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java (added)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.wss4j.dom.handler;
+
+import org.apache.wss4j.common.SecurityActionToken;
+
+
+/**
+ * This class associates an "Action" Integer with a (optional) SecurityActionToken
+ */
+public class HandlerAction {
+
+ private Integer action;
+ private SecurityActionToken actionToken;
+
+ public HandlerAction() {
+
+ }
+
+ public HandlerAction(Integer action) {
+ this(action, null);
+ }
+
+ public HandlerAction(Integer action, SecurityActionToken actionToken) {
+ this.action = action;
+ this.actionToken = actionToken;
+ }
+
+ public Integer getAction() {
+ return action;
+ }
+ public void setAction(Integer action) {
+ this.action = action;
+ }
+ public SecurityActionToken getActionToken() {
+ return actionToken;
+ }
+ public void setActionToken(SecurityActionToken actionToken) {
+ this.actionToken = actionToken;
+ }
+}
\ No newline at end of file
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java Thu Sep 26 13:21:19 2013
@@ -20,7 +20,6 @@
package org.apache.wss4j.dom.handler;
import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -31,11 +30,8 @@ import java.util.regex.Pattern;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
-import org.apache.wss4j.dom.SOAPConstants;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
-import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.bsp.BSPEnforcer;
+import org.apache.wss4j.common.EncryptionActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.cache.ReplayCache;
import org.apache.wss4j.common.cache.ReplayCacheFactory;
@@ -43,6 +39,10 @@ import org.apache.wss4j.common.crypto.Al
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.PasswordEncryptor;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.SOAPConstants;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSSConfig;
+import org.apache.wss4j.dom.bsp.BSPEnforcer;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.token.UsernameToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -55,37 +55,20 @@ import org.apache.xml.security.utils.Bas
public class RequestData {
private Object msgContext;
- private boolean noSerialization ;
private SOAPConstants soapConstants ;
private String actor;
private String username ;
private String pwType = WSConstants.PASSWORD_DIGEST; // Make this the default when no password type is given.
- private Crypto sigCrypto;
private Crypto sigVerCrypto;
- private Crypto encCrypto;
private Crypto decCrypto;
- private int sigKeyId;
- private String sigAlgorithm;
- private String signatureDigestAlgorithm;
- private String signatureC14nAlgorithm;
- private String encryptionDigestAlgorithm;
- private String encryptionMGFAlgorithm;
- private List<WSEncryptionPart> signatureParts = new ArrayList<WSEncryptionPart>();
- private int encKeyId;
- private String encSymmAlgo;
- private String encKeyTransport;
- private String encUser;
- private String signatureUser ;
- private List<WSEncryptionPart> encryptParts = new ArrayList<WSEncryptionPart>();
- private X509Certificate encCert;
+ private SignatureActionToken signatureToken;
+ private EncryptionActionToken encryptionToken;
private int timeToLive = 300; // Timestamp: time in seconds between creation and expiry
private WSSConfig wssConfig;
private List<byte[]> signatureValues = new ArrayList<byte[]>();
private WSSecHeader secHeader;
- private boolean encSymmetricEncryptionKey = true;
private int derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
private boolean useDerivedKeyForMAC = true;
- private boolean useSingleCert = true;
private CallbackHandler callback;
private boolean enableRevocation;
protected boolean requireSignedEncryptedDataElements;
@@ -103,7 +86,6 @@ public class RequestData {
private boolean addUsernameTokenNonce;
private boolean addUsernameTokenCreated;
private Certificate[] tlsCerts;
- private boolean includeSignatureToken;
private boolean enableTimestampReplayCache = true;
private boolean enableNonceReplayCache = true;
private boolean enableSamlOneTimeUseReplayCache = true;
@@ -111,21 +93,14 @@ public class RequestData {
public void clear() {
soapConstants = null;
- actor = username = pwType = sigAlgorithm = encSymmAlgo = encKeyTransport = encUser = null;
- sigCrypto = decCrypto = encCrypto = sigVerCrypto = null;
- signatureParts.clear();
- encryptParts.clear();
- encCert = null;
+ actor = username = pwType = null;
+ decCrypto = sigVerCrypto = null;
+ signatureToken = null;
+ encryptionToken = null;
wssConfig = null;
signatureValues.clear();
- signatureDigestAlgorithm = null;
- signatureC14nAlgorithm = null;
- encryptionDigestAlgorithm = null;
- encSymmetricEncryptionKey = true;
- signatureUser = null;
derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
useDerivedKeyForMAC = true;
- useSingleCert = true;
callback = null;
enableRevocation = false;
timestampReplayCache = null;
@@ -142,17 +117,12 @@ public class RequestData {
setAddUsernameTokenNonce(false);
setAddUsernameTokenCreated(false);
setTlsCerts(null);
- includeSignatureToken = false;
enableTimestampReplayCache = true;
enableNonceReplayCache = true;
setEnableSamlOneTimeUseReplayCache(true);
passwordEncryptor = null;
}
- public String getSignatureC14nAlgorithm() {
- return signatureC14nAlgorithm;
- }
-
public boolean isEnableTimestampReplayCache() {
return enableTimestampReplayCache;
}
@@ -169,10 +139,6 @@ public class RequestData {
this.enableNonceReplayCache = enableNonceReplayCache;
}
- public void setSignatureC14nAlgorithm(String signatureC14nAlgorithm) {
- this.signatureC14nAlgorithm = signatureC14nAlgorithm;
- }
-
public Object getMsgContext() {
return msgContext;
}
@@ -181,14 +147,6 @@ public class RequestData {
this.msgContext = msgContext;
}
- public boolean isNoSerialization() {
- return noSerialization;
- }
-
- public void setNoSerialization(boolean noSerialization) {
- this.noSerialization = noSerialization;
- }
-
public SOAPConstants getSoapConstants() {
return soapConstants;
}
@@ -213,14 +171,6 @@ public class RequestData {
this.username = username;
}
- public void setEncryptSymmetricEncryptionKey(boolean encrypt) {
- encSymmetricEncryptionKey = encrypt;
- }
-
- public boolean getEncryptSymmetricEncryptionKey() {
- return encSymmetricEncryptionKey;
- }
-
public String getPwType() {
return pwType;
}
@@ -229,14 +179,6 @@ public class RequestData {
this.pwType = pwType;
}
- public Crypto getSigCrypto() {
- return sigCrypto;
- }
-
- public void setSigCrypto(Crypto sigCrypto) {
- this.sigCrypto = sigCrypto;
- }
-
public Crypto getSigVerCrypto() {
return sigVerCrypto;
}
@@ -253,110 +195,6 @@ public class RequestData {
this.decCrypto = decCrypto;
}
- public int getSigKeyId() {
- return sigKeyId;
- }
-
- public void setSigKeyId(int sigKeyId) {
- this.sigKeyId = sigKeyId;
- }
-
- public String getSigAlgorithm() {
- return sigAlgorithm;
- }
-
- public void setSigAlgorithm(String sigAlgorithm) {
- this.sigAlgorithm = sigAlgorithm;
- }
-
- public String getSigDigestAlgorithm() {
- return signatureDigestAlgorithm;
- }
-
- public void setSigDigestAlgorithm(String sigDigestAlgorithm) {
- this.signatureDigestAlgorithm = sigDigestAlgorithm;
- }
-
- public String getEncDigestAlgorithm() {
- return encryptionDigestAlgorithm;
- }
-
- public void setEncDigestAlgorithm(String encDigestAlgorithm) {
- this.encryptionDigestAlgorithm = encDigestAlgorithm;
- }
-
- public String getEncMGFAlgorithm() {
- return encryptionMGFAlgorithm;
- }
-
- public void setEncMGFAlgorithm(String encMGFAlgorithm) {
- this.encryptionMGFAlgorithm = encMGFAlgorithm;
- }
-
- public List<WSEncryptionPart> getSignatureParts() {
- return signatureParts;
- }
-
- public String getSignatureUser() {
- return signatureUser;
- }
-
- public void setSignatureUser(String signatureUser) {
- this.signatureUser = signatureUser;
- }
-
- public Crypto getEncCrypto() {
- return encCrypto;
- }
-
- public void setEncCrypto(Crypto encCrypto) {
- this.encCrypto = encCrypto;
- }
-
- public int getEncKeyId() {
- return encKeyId;
- }
-
- public void setEncKeyId(int encKeyId) {
- this.encKeyId = encKeyId;
- }
-
- public String getEncSymmAlgo() {
- return encSymmAlgo;
- }
-
- public void setEncSymmAlgo(String encSymmAlgo) {
- this.encSymmAlgo = encSymmAlgo;
- }
-
- public String getEncKeyTransport() {
- return encKeyTransport;
- }
-
- public void setEncKeyTransport(String encKeyTransport) {
- this.encKeyTransport = encKeyTransport;
- }
-
- public String getEncUser() {
- return encUser;
- }
-
- public void setEncUser(String encUser) {
- this.encUser = encUser;
- }
-
- public List<WSEncryptionPart> getEncryptParts() {
- return encryptParts;
- }
-
- public X509Certificate getEncCert() {
- return encCert;
- }
-
- public void setEncCert(X509Certificate encCert) {
- this.encCert = encCert;
- }
-
public int getTimeToLive() {
return timeToLive;
}
@@ -433,24 +271,6 @@ public class RequestData {
}
/**
- * Whether to use a single certificate or a whole certificate chain when
- * constructing a BinarySecurityToken used for direct reference in Signature.
- * @param useSingleCert true if only to use a single certificate
- */
- public void setUseSingleCert(boolean useSingleCert) {
- this.useSingleCert = useSingleCert;
- }
-
- /**
- * Whether to use a single certificate or a whole certificate chain when
- * constructing a BinarySecurityToken used for direct reference in Signature.
- * @return whether to use a single certificate
- */
- public boolean isUseSingleCert() {
- return useSingleCert;
- }
-
- /**
* Set whether to enable CRL checking or not when verifying trust in a certificate.
* @param enableRevocation whether to enable CRL checking
*/
@@ -681,14 +501,6 @@ public class RequestData {
this.tlsCerts = tlsCerts;
}
- public boolean isIncludeSignatureToken() {
- return includeSignatureToken;
- }
-
- public void setIncludeSignatureToken(boolean includeSignatureToken) {
- this.includeSignatureToken = includeSignatureToken;
- }
-
public PasswordEncryptor getPasswordEncryptor() {
return passwordEncryptor;
}
@@ -704,5 +516,21 @@ public class RequestData {
public void setEnableSamlOneTimeUseReplayCache(boolean enableSamlOneTimeUseReplayCache) {
this.enableSamlOneTimeUseReplayCache = enableSamlOneTimeUseReplayCache;
}
+
+ public SignatureActionToken getSignatureToken() {
+ return signatureToken;
+ }
+
+ public void setSignatureToken(SignatureActionToken signatureToken) {
+ this.signatureToken = signatureToken;
+ }
+
+ public EncryptionActionToken getEncryptionToken() {
+ return encryptionToken;
+ }
+
+ public void setEncryptionToken(EncryptionActionToken encryptionToken) {
+ this.encryptionToken = encryptionToken;
+ }
}