You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/03/10 22:05:22 UTC
svn commit: r1299273 [1/2] - in /webservices/wss4j/branches/swssf:
streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/
streaming-ws-policy/src/test/java/org/swssf/policy/test/
streaming-ws-policy/src/test/resources/testdata/policy/ stre...
Author: giger
Date: Sat Mar 10 21:05:21 2012
New Revision: 1299273
URL: http://svn.apache.org/viewvc?rev=1299273&view=rev
Log:
- use the new XMLEvent information to identify the tokens more correctly
- InboundWSSecurityContextImplTest for token identification
- WSP13SpecTest from WS-Policy 1.3 samples
- Adapt and fix tests
Added:
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java (with props)
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml (with props)
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml (with props)
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml (with props)
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/InboundWSSecurityContextImplTest.java
Modified:
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/InteroperabilityTest.java
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java Sat Mar 10 21:05:21 2012
@@ -21,9 +21,7 @@ package org.swssf.policy.assertionStates
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.secpolicy.model.AbstractSecurityAssertion;
import org.apache.ws.secpolicy.model.AbstractToken;
-import org.swssf.wss.securityEvent.IssuedTokenSecurityEvent;
-import org.swssf.wss.securityEvent.SecurityEvent;
-import org.swssf.wss.securityEvent.TokenSecurityEvent;
+import org.swssf.wss.securityEvent.*;
/**
* @author $Author$
@@ -42,13 +40,17 @@ public class IssuedTokenAssertionState e
@Override
public SecurityEvent.Event[] getSecurityEventType() {
return new SecurityEvent.Event[]{
- SecurityEvent.Event.IssuedToken
+ SecurityEvent.Event.SecurityContextToken,
+ SecurityEvent.Event.SamlToken,
+ SecurityEvent.Event.RelToken,
};
}
@Override
public boolean assertToken(TokenSecurityEvent tokenSecurityEvent, AbstractToken abstractToken) throws WSSPolicyException {
- if (!(tokenSecurityEvent instanceof IssuedTokenSecurityEvent)) {
+ if (!(tokenSecurityEvent instanceof SamlTokenSecurityEvent)
+ && !(tokenSecurityEvent instanceof SecurityContextTokenSecurityEvent)
+ && !(tokenSecurityEvent instanceof RelTokenSecurityEvent)) {
throw new WSSPolicyException("Expected a IssuedTokenSecurityEvent but got " + tokenSecurityEvent.getClass().getName());
}
setAsserted(true);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java Sat Mar 10 21:05:21 2012
@@ -38,6 +38,8 @@ import javax.xml.parsers.DocumentBuilder
import javax.xml.parsers.ParserConfigurationException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
import java.security.Key;
import java.security.KeyStore;
import java.security.PublicKey;
@@ -51,6 +53,10 @@ import java.security.cert.X509Certificat
public class AbstractPolicyTestBase extends AbstractTestBase {
protected PolicyEnforcer buildAndStartPolicyEngine(String policyString) throws ParserConfigurationException, SAXException, IOException, WSSPolicyException {
+ return this.buildAndStartPolicyEngine(policyString, false);
+ }
+
+ protected PolicyEnforcer buildAndStartPolicyEngine(String policyString, boolean replacePolicyElement) throws ParserConfigurationException, SAXException, IOException, WSSPolicyException {
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
documentBuilderFactory.setValidating(false);
@@ -61,7 +67,11 @@ public class AbstractPolicyTestBase exte
Document policyDocument = documentBuilder.parse(new ByteArrayInputStream(policyString.getBytes("UTF-8")));
Node policyNode = document.importNode(policyDocument.getDocumentElement(), true);
Element element = (Element) nodeList.item(0);
- element.appendChild(policyNode);
+ if (replacePolicyElement) {
+ element.getParentNode().replaceChild(element, policyNode);
+ } else {
+ element.appendChild(policyNode);
+ }
PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(document);
PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer("");
@@ -115,4 +125,15 @@ public class AbstractPolicyTestBase exte
}
};
}
+
+ protected String loadResourceAsString(String resource, String encoding) throws IOException {
+ InputStreamReader inputStreamReader = new InputStreamReader(this.getClass().getClassLoader().getResourceAsStream(resource), encoding);
+ StringBuilder stringBuilder = new StringBuilder();
+ int read = 0;
+ char[] buffer = new char[1024];
+ while ((read = inputStreamReader.read(buffer)) != -1) {
+ stringBuilder.append(buffer, 0, read);
+ }
+ return stringBuilder.toString();
+ }
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java Sat Mar 10 21:05:21 2012
@@ -19,12 +19,11 @@
package org.swssf.policy.test;
+import org.opensaml.common.SAMLVersion;
import org.swssf.policy.PolicyEnforcer;
import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.securityEvent.ContentEncryptedElementSecurityEvent;
-import org.swssf.wss.securityEvent.IssuedTokenSecurityEvent;
-import org.swssf.wss.securityEvent.OperationSecurityEvent;
-import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
+import org.swssf.wss.impl.securityToken.SAMLSecurityToken;
+import org.swssf.wss.securityEvent.*;
import org.swssf.xmlsec.ext.SecurityToken;
import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.annotations.Test;
@@ -69,14 +68,14 @@ public class IssuedTokenTest extends Abs
PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
- IssuedTokenSecurityEvent initiatorTokenSecurityEvent = new IssuedTokenSecurityEvent();
- SecurityToken securityToken = getX509Token(WSSConstants.X509V3Token);
+ SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
+ SecurityToken securityToken = new SAMLSecurityToken(SAMLVersion.VERSION_20, null, "xs:anyURI", null, null, null, "1", null);
securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
- IssuedTokenSecurityEvent recipientTokenSecurityEvent = new IssuedTokenSecurityEvent();
- securityToken = getX509Token(WSSConstants.X509V3Token);
+ SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
+ securityToken = new SAMLSecurityToken(SAMLVersion.VERSION_20, null, "xs:anyURI", null, null, null, "1", null);
securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java Sat Mar 10 21:05:21 2012
@@ -50,20 +50,20 @@ public class RequiredPartsTest extends A
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- RequiredPartSecurityEvent RequiredPartSecurityEvent = new RequiredPartSecurityEvent();
- RequiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
- policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+ RequiredPartSecurityEvent requiredPartSecurityEvent = new RequiredPartSecurityEvent();
+ requiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
headerPath.add(new QName("http://example.org", "a"));
- RequiredPartSecurityEvent.setElementPath(headerPath);
- policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+ requiredPartSecurityEvent.setElementPath(headerPath);
+ policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
//additional encryptedParts are also allowed!
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
headerPath.add(new QName("http://example.org", "b"));
- RequiredPartSecurityEvent.setElementPath(headerPath);
- policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+ requiredPartSecurityEvent.setElementPath(headerPath);
+ policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
policyEnforcer.doFinal();
}
@@ -79,9 +79,9 @@ public class RequiredPartsTest extends A
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- RequiredPartSecurityEvent RequiredPartSecurityEvent = new RequiredPartSecurityEvent();
- RequiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
- policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+ RequiredPartSecurityEvent requiredPartSecurityEvent = new RequiredPartSecurityEvent();
+ requiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
try {
policyEnforcer.doFinal();
Assert.fail("Exception expected");
Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java Sat Mar 10 21:05:21 2012
@@ -0,0 +1,165 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy.test;
+
+import org.apache.ws.secpolicy.WSSPolicyException;
+import org.swssf.policy.PolicyEnforcer;
+import org.swssf.wss.securityEvent.SecurityEvent;
+import org.swssf.wss.test.InboundWSSecurityContextImplTest;
+import org.testng.Assert;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
+
+import java.util.List;
+
+/**
+ * @author $Author: $
+ * @version $Revision: $ $Date: $
+ */
+public class WSP13SpecTest extends AbstractPolicyTestBase {
+
+ private InboundWSSecurityContextImplTest inboundWSSecurityContextImplTest = new InboundWSSecurityContextImplTest();
+
+ @DataProvider(name = "ignoreEventsTransportBinding")
+ public Object[][] ignoreEventsTransportBinding() {
+ return new Object[][]{
+ {null, null, null},
+ {SecurityEvent.Event.HttpsToken, 1, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken not satisfied"},
+ {SecurityEvent.Event.RequiredElement, 3, "\nElement /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp must be present"},
+ {SecurityEvent.Event.UsernameToken, 4, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken not satisfied"},
+ {SecurityEvent.Event.X509Token, 5, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token not satisfied"},
+ };
+ }
+
+ @Test(dataProvider = "ignoreEventsTransportBinding")
+ public void testTransportBindingC11(SecurityEvent.Event ignoreEvent, Integer eventIndex, String expectedErrorMessage) throws Exception {
+ String policyString = loadResourceAsString("testdata/policy/transportBindingPolicyC11.xml", "UTF-8");
+
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ List<SecurityEvent> securityEventList = inboundWSSecurityContextImplTest.generateTransportBindingSecurityEvents();
+ for (int i = 0; i < securityEventList.size(); i++) {
+ SecurityEvent securityEvent = securityEventList.get(i);
+ if (eventIndex != null && i == eventIndex && securityEvent.getSecurityEventType() != ignoreEvent) {
+ for (int j = 0; j < securityEventList.size(); j++) {
+ System.out.println(j + " " + securityEventList.get(j));
+ }
+ Assert.fail("Event at index " + eventIndex + " is not of type " + ignoreEvent);
+ }
+ if (ignoreEvent == null || i != eventIndex) {
+ policyEnforcer.registerSecurityEvent(securityEvent);
+ }
+ }
+ try {
+ policyEnforcer.doFinal();
+ if (ignoreEvent != null) {
+ Assert.fail("Expected WSSPolicyException");
+ }
+ } catch (WSSPolicyException e) {
+ if (ignoreEvent == null) {
+ Assert.fail("Unexpected WSSPolicyException");
+ }
+ Assert.assertEquals(e.getMessage(), expectedErrorMessage);
+ }
+ }
+
+ @DataProvider(name = "ignoreEventsAsymmetricBinding")
+ public Object[][] ignoreEventsAsymmetricBinding() {
+ return new Object[][]{
+ {null, null, null},
+ {SecurityEvent.Event.RequiredElement, 2, "\nElement /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp must be present"},
+ {SecurityEvent.Event.X509Token, 3, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token not satisfied"},
+ {SecurityEvent.Event.UsernameToken, 8, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken not satisfied"},
+ };
+ }
+
+ @Test(dataProvider = "ignoreEventsAsymmetricBinding")
+ public void testAsymmetricBindingC31(SecurityEvent.Event ignoreEvent, Integer eventIndex, String expectedErrorMessage) throws Exception {
+ String policyString = loadResourceAsString("testdata/policy/asymmetricBindingPolicyC31.xml", "UTF-8");
+
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ List<SecurityEvent> securityEventList = inboundWSSecurityContextImplTest.generateAsymmetricBindingSecurityEvents();
+ for (int i = 0; i < securityEventList.size(); i++) {
+ SecurityEvent securityEvent = securityEventList.get(i);
+ if (eventIndex != null && i == eventIndex && securityEvent.getSecurityEventType() != ignoreEvent) {
+ for (int j = 0; j < securityEventList.size(); j++) {
+ System.out.println(j + " " + securityEventList.get(j));
+ }
+ Assert.fail("Event at index " + eventIndex + " is not of type " + ignoreEvent);
+ }
+ if (ignoreEvent == null || i != eventIndex) {
+ policyEnforcer.registerSecurityEvent(securityEvent);
+ }
+ }
+ try {
+ policyEnforcer.doFinal();
+ if (ignoreEvent != null) {
+ Assert.fail("Expected WSSPolicyException");
+ }
+ } catch (WSSPolicyException e) {
+ if (ignoreEvent == null) {
+ Assert.fail("Unexpected WSSPolicyException");
+ }
+ Assert.assertEquals(e.getMessage(), expectedErrorMessage);
+ }
+ }
+
+ @DataProvider(name = "ignoreEventsSymmetricBinding")
+ public Object[][] ignoreEventsSymmetricBinding() {
+ return new Object[][]{
+ {null, null, null},
+ {SecurityEvent.Event.RequiredElement, 2, "\nElement /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp must be present"},
+ {SecurityEvent.Event.UsernameToken, 5, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken not satisfied"},
+ {SecurityEvent.Event.X509Token, 16, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token not satisfied"},
+ };
+ }
+
+ @Test(dataProvider = "ignoreEventsSymmetricBinding")
+ public void testSymmetricBindingC31(SecurityEvent.Event ignoreEvent, Integer eventIndex, String expectedErrorMessage) throws Exception {
+ String policyString = loadResourceAsString("testdata/policy/symmetricBindingPolicyC21.xml", "UTF-8");
+
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ List<SecurityEvent> securityEventList = inboundWSSecurityContextImplTest.generateSymmetricBindingSecurityEvents();
+ for (int i = 0; i < securityEventList.size(); i++) {
+ SecurityEvent securityEvent = securityEventList.get(i);
+ if (eventIndex != null && i == eventIndex && securityEvent.getSecurityEventType() != ignoreEvent) {
+ for (int j = 0; j < securityEventList.size(); j++) {
+ System.out.println(j + " " + securityEventList.get(j));
+ }
+ Assert.fail("Event at index " + eventIndex + " is not of type " + ignoreEvent);
+ }
+ if (ignoreEvent == null || i != eventIndex) {
+ policyEnforcer.registerSecurityEvent(securityEvent);
+ }
+ }
+ try {
+ policyEnforcer.doFinal();
+ if (ignoreEvent != null) {
+ Assert.fail("Expected WSSPolicyException");
+ }
+ } catch (WSSPolicyException e) {
+ if (ignoreEvent == null) {
+ Assert.fail("Unexpected WSSPolicyException");
+ }
+ Assert.assertEquals(e.getMessage(), expectedErrorMessage);
+ }
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml Sat Mar 10 21:05:21 2012
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:AsymmetricBinding>
+ <wsp:Policy>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" />
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" />
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:EncryptBeforeSigning />
+ <sp:EncryptSignature />
+ <sp:ProtectTokens />
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:SignedEncryptedSupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" />
+ </wsp:Policy>
+ </sp:SignedEncryptedSupportingTokens>
+ <sp:SignedEndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once">
+ <wsp:Policy>
+ <sp:WssX509v3Token10 />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:SignedEndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:RequireSignatureConfirmation />
+ </wsp:Policy>
+ </sp:Wss11>
+</wsp:Policy>
\ No newline at end of file
Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml
------------------------------------------------------------------------------
svn:eol-style = native
Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml Sat Mar 10 21:05:21 2012
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:IssuedToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" >
+ <sp:Issuer>...</sp:Issuer>
+ <sp:RequestSecurityTokenTemplate>
+ ...
+ </sp:RequestSecurityTokenTemplate>
+ </sp:IssuedToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:EncryptBeforeSigning />
+ <sp:EncryptSignature />
+ <sp:ProtectTokens />
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedEncryptedSupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" />
+ </wsp:Policy>
+ </sp:SignedEncryptedSupportingTokens>
+ <sp:SignedEndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once">
+ <wsp:Policy>
+ <sp:WssX509v3Token10 />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:SignedEndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:RequireSignatureConfirmation />
+ </wsp:Policy>
+ </sp:Wss11>
+</wsp:Policy>
\ No newline at end of file
Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml
------------------------------------------------------------------------------
svn:eol-style = native
Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml Sat Mar 10 21:05:21 2012
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:TransportBinding>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken />
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:SignedEndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once">
+ <wsp:Policy>
+ <sp:WssX509v3Token10 />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:SignedEndorsingSupportingTokens>
+ <sp:Wss11>
+ <sp:RequireSignatureConfirmation xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802"/>
+ </sp:Wss11>
+</wsp:Policy>
\ No newline at end of file
Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml
------------------------------------------------------------------------------
svn:eol-style = native
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java Sat Mar 10 21:05:21 2012
@@ -106,6 +106,7 @@ public class InboundWSSecurityContextImp
List<TokenSecurityEvent> endorsingSupportingTokens = new LinkedList<TokenSecurityEvent>();
List<TokenSecurityEvent> signedEndorsingSupportingTokens = new LinkedList<TokenSecurityEvent>();
List<TokenSecurityEvent> signedEncryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
+ List<TokenSecurityEvent> encryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
List<TokenSecurityEvent> endorsingEncryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
List<TokenSecurityEvent> signedEndorsingEncryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
@@ -134,13 +135,21 @@ public class InboundWSSecurityContextImp
}
}
+ //search for the root tokens...
Iterator<TokenSecurityEvent> tokenSecurityEventIterator = tokenSecurityEvents.iterator();
while (tokenSecurityEventIterator.hasNext()) {
TokenSecurityEvent tokenSecurityEvent = tokenSecurityEventIterator.next();
SecurityToken securityToken = tokenSecurityEvent.getSecurityToken();
- if (securityToken.getKeyWrappingToken() == null) {
+ if (securityToken.getKeyWrappingToken() == null && !containsSecurityToken(supportingTokens, securityToken)) {
supportingTokens.add(tokenSecurityEvent);
- } else {
+ }
+ }
+ //...and then for the intermediare tokens and create new TokenSecurityEvents if not already there
+ tokenSecurityEventIterator = tokenSecurityEvents.iterator();
+ while (tokenSecurityEventIterator.hasNext()) {
+ TokenSecurityEvent tokenSecurityEvent = tokenSecurityEventIterator.next();
+ SecurityToken securityToken = tokenSecurityEvent.getSecurityToken();
+ if (securityToken.getKeyWrappingToken() != null) {
while (securityToken.getKeyWrappingToken() != null) {
securityToken = securityToken.getKeyWrappingToken();
}
@@ -149,6 +158,8 @@ public class InboundWSSecurityContextImp
supportingTokens.add(newTokenSecurityEvent);
securityEventDeque.offer(newTokenSecurityEvent);
}
+ //remove old TokenSecurityEvent so that only root tokens are in the queue
+ securityEventDeque.remove(tokenSecurityEvent);
}
}
@@ -181,27 +192,57 @@ public class InboundWSSecurityContextImp
boolean transportSecurityActive = Boolean.TRUE == get(WSSConstants.TRANSPORT_SECURITY_ACTIVE);
- if (!transportSecurityActive && signsSignatureConfirmation && signsTimestamp) {
+ List<SecurityToken> encryptingSecurityTokens = isEncryptedToken(tokenSecurityEvent, securityEventDeque);
+
+ boolean signatureUsage = tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(SecurityToken.TokenUsage.Signature);
+ boolean encryptionUsage = tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(SecurityToken.TokenUsage.Encryption);
+
+ if (!transportSecurityActive && signsSignatureConfirmation && signsTimestamp && !signsSignature) {
supportingTokensIterator.remove();
messageSignatureTokens.add(tokenSecurityEvent);
- } else if (!transportSecurityActive && signsSignatureConfirmation) {
+ if (encryptionUsage) {
+ messageEncryptionTokens.add(tokenSecurityEvent);
+ }
+ } else if (!transportSecurityActive && signsSignatureConfirmation && !signsSignature) {
supportingTokensIterator.remove();
messageSignatureTokens.add(tokenSecurityEvent);
- } else if (!transportSecurityActive && signsTimestamp) {
+ if (encryptionUsage) {
+ messageEncryptionTokens.add(tokenSecurityEvent);
+ }
+ } else if (!transportSecurityActive && signsTimestamp && !signsSignature) {
supportingTokensIterator.remove();
messageSignatureTokens.add(tokenSecurityEvent);
+ if (encryptionUsage) {
+ messageEncryptionTokens.add(tokenSecurityEvent);
+ }
+ } else if (!transportSecurityActive &&
+ (encryptsSignature || encryptsSignatureConfirmation || encryptsUsernameToken)) {
+ supportingTokensIterator.remove();
+ messageEncryptionTokens.add(tokenSecurityEvent);
+ } else if (signsSignature && signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
+ supportingTokensIterator.remove();
+ signedEndorsingEncryptedSupportingTokens.add(tokenSecurityEvent);
+ } else if (signsSignature && signingSecurityTokens.size() == 0 && encryptingSecurityTokens.size() > 0) {
+ supportingTokensIterator.remove();
+ endorsingEncryptedSupportingTokens.add(tokenSecurityEvent);
} else if (signsSignature && signingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
signedEndorsingSupportingTokens.add(tokenSecurityEvent);
+ } else if (signatureUsage && signingSecurityTokens.size() > 0) {
+ supportingTokensIterator.remove();
+ signedEndorsingSupportingTokens.add(tokenSecurityEvent);
} else if (signsSignature) {
supportingTokensIterator.remove();
endorsingSupportingTokens.add(tokenSecurityEvent);
+ } else if (signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
+ supportingTokensIterator.remove();
+ signedEncryptedSupportingTokens.add(tokenSecurityEvent);
} else if (signingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
signedSupportingTokens.add(tokenSecurityEvent);
- } else if (!transportSecurityActive &&
- (encryptsSignature || encryptsSignatureConfirmation || encryptsUsernameToken)) {
- messageEncryptionTokens.add(tokenSecurityEvent);
+ } else if (encryptingSecurityTokens.size() > 0) {
+ supportingTokensIterator.remove();
+ encryptedSupportingTokens.add(tokenSecurityEvent);
}
}
@@ -220,6 +261,7 @@ public class InboundWSSecurityContextImp
endorsingSupportingTokens.remove(tokenSecurityEvent);
signedEndorsingSupportingTokens.remove(tokenSecurityEvent);
signedEncryptedSupportingTokens.remove(tokenSecurityEvent);
+ encryptedSupportingTokens.remove(tokenSecurityEvent);
endorsingEncryptedSupportingTokens.remove(tokenSecurityEvent);
signedEndorsingEncryptedSupportingTokens.remove(tokenSecurityEvent);
messageSignatureTokens.add(tokenSecurityEvent);
@@ -259,6 +301,7 @@ public class InboundWSSecurityContextImp
setTokenUsage(endorsingSupportingTokens, SecurityToken.TokenUsage.EndorsingSupportingTokens);
setTokenUsage(signedEndorsingSupportingTokens, SecurityToken.TokenUsage.SignedEndorsingSupportingTokens);
setTokenUsage(signedEncryptedSupportingTokens, SecurityToken.TokenUsage.SignedEncryptedSupportingTokens);
+ setTokenUsage(encryptedSupportingTokens, SecurityToken.TokenUsage.EncryptedSupportingTokens);
setTokenUsage(endorsingEncryptedSupportingTokens, SecurityToken.TokenUsage.EndorsingEncryptedSupportingTokens);
setTokenUsage(signedEndorsingEncryptedSupportingTokens, SecurityToken.TokenUsage.SignedEndorsingEncryptedSupportingTokens);
}
@@ -348,13 +391,13 @@ public class InboundWSSecurityContextImp
}
private void setTokenUsage(TokenSecurityEvent tokenSecurityEvent, SecurityToken.TokenUsage tokenUsage) throws XMLSecurityException {
- if (tokenUsage == SecurityToken.TokenUsage.MainSignature) {
- tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
- tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Signature);
- } else if (tokenUsage == SecurityToken.TokenUsage.MainEncryption) {
- tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
- tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Encryption);
- }
+ //if (tokenUsage == SecurityToken.TokenUsage.MainSignature) {
+ tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
+ //} else if (tokenUsage == SecurityToken.TokenUsage.MainEncryption) {
+ tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
+ //}
+ tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Signature);
+ tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Encryption);
tokenSecurityEvent.getSecurityToken().addTokenUsage(tokenUsage);
}
@@ -372,9 +415,11 @@ public class InboundWSSecurityContextImp
SignedElementSecurityEvent signedElementSecurityEvent = (SignedElementSecurityEvent) securityEvent;
if (signedElementSecurityEvent.isSigned()
&& tokenSecurityEvent.getSecurityToken() != null
- && WSSUtils.pathMatches(
+ && signedElementSecurityEvent.getXmlEvent() != null
+ && signedElementSecurityEvent.getXmlEvent() == tokenSecurityEvent.getSecurityToken().getXMLEvent()
+ /*&& WSSUtils.pathMatches(
tokenSecurityEvent.getSecurityToken().getElementPath(),
- signedElementSecurityEvent.getElementPath(), true, false)) {
+ signedElementSecurityEvent.getElementPath(), false, false)*/) {
if (!securityTokenList.contains(signedElementSecurityEvent.getSecurityToken())) {
securityTokenList.add(signedElementSecurityEvent.getSecurityToken());
@@ -385,6 +430,31 @@ public class InboundWSSecurityContextImp
return securityTokenList;
}
+ private List<SecurityToken> isEncryptedToken(TokenSecurityEvent tokenSecurityEvent,
+ Deque<SecurityEvent> securityEventDeque) throws XMLSecurityException {
+
+ List<SecurityToken> securityTokenList = new LinkedList<SecurityToken>();
+ for (Iterator<SecurityEvent> iterator = securityEventDeque.iterator(); iterator.hasNext(); ) {
+ SecurityEvent securityEvent = iterator.next();
+ if (securityEvent.getSecurityEventType() == SecurityEvent.Event.EncryptedElement) {
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = (EncryptedElementSecurityEvent) securityEvent;
+ if (encryptedElementSecurityEvent.isEncrypted()
+ && tokenSecurityEvent.getSecurityToken() != null
+ && encryptedElementSecurityEvent.getXmlEvent() != null
+ && encryptedElementSecurityEvent.getXmlEvent() == tokenSecurityEvent.getSecurityToken().getXMLEvent()
+ /*&& WSSUtils.pathMatches(
+ tokenSecurityEvent.getSecurityToken().getElementPath(),
+ encryptedElementSecurityEvent.getElementPath(), false, false)*/) {
+
+ if (!securityTokenList.contains(encryptedElementSecurityEvent.getSecurityToken())) {
+ securityTokenList.add(encryptedElementSecurityEvent.getSecurityToken());
+ }
+ }
+ }
+ }
+ return securityTokenList;
+ }
+
private boolean signsElement(TokenSecurityEvent tokenSecurityEvent, List<QName> elementPath,
Deque<SecurityEvent> securityEventDeque) throws XMLSecurityException {
for (Iterator<SecurityEvent> iterator = securityEventDeque.iterator(); iterator.hasNext(); ) {
@@ -416,6 +486,7 @@ public class InboundWSSecurityContextImp
ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = (ContentEncryptedElementSecurityEvent) securityEvent;
if (contentEncryptedElementSecurityEvent.isEncrypted()
&& contentEncryptedElementSecurityEvent.getSecurityToken() == tokenSecurityEvent.getSecurityToken()
+ && contentEncryptedElementSecurityEvent.getXmlEvent() == tokenSecurityEvent.getSecurityToken().getXMLEvent()
&& WSSUtils.pathMatches(elementPath, contentEncryptedElementSecurityEvent.getElementPath(), true, false)) {
return true;
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java Sat Mar 10 21:05:21 2012
@@ -46,6 +46,7 @@ public class SignatureInputHandler exten
SignatureVerifier signatureVerifier = new SignatureVerifier(signatureType, inputProcessorChain.getSecurityContext(), securityProperties) {
@Override
protected void handleSecurityToken(SecurityToken securityToken) throws XMLSecurityException {
+ //we have to emit a TokenSecurityEvent here too since it could be an embedded token
securityToken.addTokenUsage(SecurityToken.TokenUsage.Signature);
TokenSecurityEvent tokenSecurityEvent = WSSUtils.createTokenSecurityEvent(securityToken);
securityContext.registerSecurityEvent(tokenSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java Sat Mar 10 21:05:21 2012
@@ -27,5 +27,11 @@ import org.swssf.wss.ext.WSSecurityExcep
*/
public interface SecurityEventListener {
+ /**
+ * Registers a SecurityEvent which will be forwarded to the registered SecurityEventListener
+ *
+ * @param securityEvent The security event for the SecurityEventListener
+ * @throws WSSecurityException when the event will not be accepted (e.g. policy-violation)
+ */
public void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException;
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java Sat Mar 10 21:05:21 2012
@@ -154,9 +154,6 @@ public class DerivedKeyTokenTest extends
SecurityEvent.Event[] expectedSecurityEvents = new SecurityEvent.Event[]{
SecurityEvent.Event.Operation,
SecurityEvent.Event.X509Token,
- SecurityEvent.Event.EncryptedKeyToken,
- SecurityEvent.Event.DerivedKeyToken,
- SecurityEvent.Event.DerivedKeyToken,
SecurityEvent.Event.EncryptedPart,
SecurityEvent.Event.AlgorithmSuite,
SecurityEvent.Event.AlgorithmSuite,