You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/03/29 13:37:45 UTC
svn commit: r1086550 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security:
trust/STSClient.java wss4j/PolicyBasedWSS4JInInterceptor.java
Author: coheigea
Date: Tue Mar 29 11:37:44 2011
New Revision: 1086550
URL: http://svn.apache.org/viewvc?rev=1086550&view=rev
Log:
Fixed a bug with the previous WS-Trust KeyType commit + added support for sending OnBehalfOf elements.
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1086550&r1=1086549&r2=1086550&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java Tue Mar 29 11:37:44 2011
@@ -141,6 +141,7 @@ public class STSClient implements Config
AlgorithmSuite algorithmSuite;
String namespace = STSUtils.WST_NS_05_12;
String addressingNamespace;
+ Element onBehalfOfElement;
boolean useCertificateForConfirmationKeyInfo;
boolean isSecureConv;
@@ -318,6 +319,10 @@ public class STSClient implements Config
public void setKeyType(String keyType) {
this.keyType = keyType;
}
+
+ public void setOnBehalfOfElement(Element onBehalfOfElement) {
+ this.onBehalfOfElement = onBehalfOfElement;
+ }
/**
* Indicate whether to use the signer's public X509 certificate for the subject confirmation key info
@@ -477,13 +482,14 @@ public class STSClient implements Config
addRequestType(requestType, writer);
addAppliesTo(writer, appliesTo);
+ addOnBehalfOf(writer);
if (sptt == null) {
addTokenType(writer);
}
if (keyTypeTemplate == null) {
keyTypeTemplate = keyType;
}
- keyTypeTemplate = writeKeyType(writer, keyType);
+ keyTypeTemplate = writeKeyType(writer, keyTypeTemplate);
byte[] requestorEntropy = null;
X509Certificate cert = null;
@@ -601,6 +607,14 @@ public class STSClient implements Config
writer.writeEndElement();
}
+ private void addOnBehalfOf(W3CDOMStreamWriter writer) throws XMLStreamException {
+ if (onBehalfOfElement != null) {
+ writer.writeStartElement("wst", "OnBehalfOf", namespace);
+ StaxUtils.copy(onBehalfOfElement, writer);
+ writer.writeEndElement();
+ }
+ }
+
private Element getDocumentElement(DOMSource ds) {
Node nd = ds.getNode();
if (nd instanceof Document) {
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1086550&r1=1086549&r2=1086550&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java Tue Mar 29 11:37:44 2011
@@ -281,6 +281,7 @@ public class PolicyBasedWSS4JInIntercept
TransportToken token = binding.getTransportToken();
if (token != null && token.getToken() instanceof IssuedToken) {
action = addToAction(action, "Signature", true);
+ action = addToAction(action, "Encrypt", true);
Object s = message.getContextualProperty(SecurityConstants.SIGNATURE_PROPERTIES);
Object e = message.getContextualProperty(SecurityConstants.ENCRYPT_PROPERTIES);
if (s != null) {