You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2020/08/19 09:28:43 UTC
[cxf] branch 3.3.x-fixes updated (9875240 -> 61328c9)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a change to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from 9875240 Recording .gitmergeinfo Changes
new e316de5 CXF-8327 - UsernameTokenInterceptor doesn't set soap:actor
new 61328c9 Recording .gitmergeinfo Changes
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.gitmergeinfo | 2 ++
.../apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java | 10 +++++++++-
.../src/test/resources/org/apache/cxf/systest/ws/ut/client.xml | 1 +
.../src/test/resources/org/apache/cxf/systest/ws/ut/server.xml | 3 ++-
.../resources/org/apache/cxf/systest/ws/ut/stax-server.xml | 3 ++-
5 files changed, 16 insertions(+), 3 deletions(-)
[cxf] 01/02: CXF-8327 - UsernameTokenInterceptor doesn't set
soap:actor
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit e316de56f9e3d881d847302810ef99a963a48588
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Aug 19 09:40:42 2020 +0100
CXF-8327 - UsernameTokenInterceptor doesn't set soap:actor
(cherry picked from commit dba634e03ff0d20d165ff1acf85c29cac0bac70e)
---
.../apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java | 10 +++++++++-
.../src/test/resources/org/apache/cxf/systest/ws/ut/client.xml | 1 +
.../src/test/resources/org/apache/cxf/systest/ws/ut/server.xml | 3 ++-
.../resources/org/apache/cxf/systest/ws/ut/stax-server.xml | 3 ++-
4 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
index 632dbe9..ff89e51 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
@@ -152,12 +152,16 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor {
}
protected Header findSecurityHeader(SoapMessage message, boolean create) {
+ String actor = (String)message.getContextualProperty(SecurityConstants.ACTOR);
for (Header h : message.getHeaders()) {
QName n = h.getName();
if ("Security".equals(n.getLocalPart())
&& (n.getNamespaceURI().equals(WSS4JConstants.WSSE_NS)
|| n.getNamespaceURI().equals(WSS4JConstants.WSSE11_NS))) {
- return h;
+ String receivedActor = ((SoapHeader)h).getActor();
+ if (actor == null || actor.equalsIgnoreCase(receivedActor)) {
+ return h;
+ }
}
}
if (!create) {
@@ -166,8 +170,12 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor {
Document doc = DOMUtils.getEmptyDocument();
Element el = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:Security");
el.setAttributeNS(WSS4JConstants.XMLNS_NS, "xmlns:wsse", WSS4JConstants.WSSE_NS);
+
SoapHeader sh = new SoapHeader(new QName(WSS4JConstants.WSSE_NS, "Security"), el);
sh.setMustUnderstand(true);
+ if (actor != null && actor.length() > 0) {
+ sh.setActor(actor);
+ }
message.getHeaders().add(sh);
return sh;
}
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client.xml
index e60b8c3..97d416d 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client.xml
@@ -54,6 +54,7 @@
<jaxws:properties>
<entry key="security.username" value="Alice"/>
<entry key="security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.actor" value="recipient"/>
</jaxws:properties>
</jaxws:client>
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItPlaintextSupportingSP11Port" createdFromAPI="true">
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server.xml
index b0b2896..0b6ea2e 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server.xml
@@ -63,6 +63,7 @@
<jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="PlaintextSupporting" address="https://localhost:${testutil.ports.ut.Server}/DoubleItUTPlaintextSupporting" serviceName="s:DoubleItService" endpointName="s:DoubleItPlaintextSupportingPort" implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl" depends-on="tls-settings">
<jaxws:properties>
<entry key="security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.actor" value="recipient"/>
</jaxws:properties>
</jaxws:endpoint>
<jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="PlaintextSupportingSP11" address="https://localhost:${testutil.ports.ut.Server}/DoubleItUTPlaintextSupportingSP11" serviceName="s:DoubleItService" endpointName="s:DoubleItPlaintextSupportingSP11Port" implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl" depends-on="tls-settings">
@@ -211,4 +212,4 @@
<ref bean="authzInterceptor2"/>
</jaxws:inInterceptors>
</jaxws:endpoint>
-</beans>
\ No newline at end of file
+</beans>
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-server.xml
index 4f4e7b5..aacc49b 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-server.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-server.xml
@@ -65,6 +65,7 @@
<jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="PlaintextSupporting" address="https://localhost:${testutil.ports.ut.StaxServer}/DoubleItUTPlaintextSupporting" serviceName="s:DoubleItService" endpointName="s:DoubleItPlaintextSupportingPort" implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl" depends-on="tls-settings">
<jaxws:properties>
<entry key="security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.actor" value="recipient"/>
<entry key="ws-security.enable.streaming" value="true"/>
</jaxws:properties>
</jaxws:endpoint>
@@ -224,4 +225,4 @@
<ref bean="authzInterceptor2"/>
</jaxws:inInterceptors>
</jaxws:endpoint>
-</beans>
\ No newline at end of file
+</beans>
[cxf] 02/02: Recording .gitmergeinfo Changes
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 61328c98440bd0d1379c6ce28cef784c2b5b44dc
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Aug 19 09:41:40 2020 +0100
Recording .gitmergeinfo Changes
---
.gitmergeinfo | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.gitmergeinfo b/.gitmergeinfo
index bb4c24e..a58ef73 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -145,6 +145,7 @@ B 64915c3d36d6ef2bef8168e912a9b8977b5b2330
B 65869badeefe7eedd60fbc8b7d7c614a3c6d59a8
B 6632627f8c26c4ac488fbdafcde981684231dd9f
B 66660e429cbaa12acd18ea3538d808792e15f1a6
+B 6765f6ccf6b5611461ab8e361a729629119e633b
B 67715076cb7d245aaf2d3a2442a40349d354e323
B 67dbf83ef2f7a207a6374fec9775c481fe9afc53
B 685645871160d02696d8df3c584633d29e42df3b
@@ -334,6 +335,7 @@ B f1fa1e7826b5f26fdf8f157914e69adfe9eb5bd5
B f201f1e7d218f2bb26424628b09a0bb384bce28f
B f2208f20249b6598134e2b0885d87ab75817f2e2
B f2da164e0733a14f967f3726166855d3a91eece8
+B f330a85c8dd3ba07913badeb72f27dd41971973d
B f342fba01d88d60e9f7419c7811bd86074b249a8
B f4f227be9a1c4f31817a62fad7fff382d3089621
B f54062eb331fcf35d9f3a840f532417fccbb2673