You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2013/07/24 13:07:18 UTC
svn commit: r1506495 - in
/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom:
message/CallbackLookup.java message/DOMCallbackLookup.java
processor/SignatureProcessor.java util/WSSecurityUtil.java
Author: coheigea
Date: Wed Jul 24 11:07:17 2013
New Revision: 1506495
URL: http://svn.apache.org/r1506495
Log:
Make the CallbackLookup implementation responsible for setting the Id on the context
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/CallbackLookup.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/CallbackLookup.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/CallbackLookup.java?rev=1506495&r1=1506494&r2=1506495&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/CallbackLookup.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/CallbackLookup.java Wed Jul 24 11:07:17 2013
@@ -21,6 +21,8 @@ package org.apache.wss4j.dom.message;
import java.util.List;
+import javax.xml.crypto.dom.DOMCryptoContext;
+
import org.apache.wss4j.common.ext.WSSecurityException;
import org.w3c.dom.Element;
@@ -28,20 +30,37 @@ import org.w3c.dom.Element;
* This interface defines a pluggable way of locating Elements that are referenced via an Id.
*/
public interface CallbackLookup {
+
+ /**
+ * Get the DOM element that corresponds to the given id and ValueType reference. The Id can
+ * be a wsu:Id or else an Id attribute, or a SAML Id when the ValueType refers to a SAML
+ * Assertion.
+ *
+ * @param id The id of the element to locate
+ * @param valueType The ValueType attribute of the element to locate (can be null)
+ * @param checkMultipleElements If true then go through the entire tree and return
+ * null if there are multiple elements with the same Id
+ * @return the located element
+ * @throws WSSecurityException
+ */
+ Element getElement(String id, String valueType, boolean checkMultipleElements) throws WSSecurityException;
/**
* Get the DOM element that corresponds to the given id and ValueType reference. The Id can
* be a wsu:Id or else an Id attribute, or a SAML Id when the ValueType refers to a SAML
- * Assertion.
+ * Assertion. The implementation is also responsible to register the retrieved Element on the
+ * DOMCryptoContext argument, so that the XML Signature implementation can find the Element.
+ *
* @param id The id of the element to locate
* @param valueType The ValueType attribute of the element to locate (can be null)
* @param checkMultipleElements If true then go through the entire tree and return
* null if there are multiple elements with the same Id
+ * @param context The DOMCryptoContext to store the Element in
* @return the located element
* @throws WSSecurityException
*/
- Element getElement(
- String id, String valueType, boolean checkMultipleElements
+ Element getAndRegisterElement(
+ String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context
) throws WSSecurityException;
/**
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java?rev=1506495&r1=1506494&r2=1506495&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java Wed Jul 24 11:07:17 2013
@@ -22,6 +22,8 @@ package org.apache.wss4j.dom.message;
import java.util.Collections;
import java.util.List;
+import javax.xml.crypto.dom.DOMCryptoContext;
+
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -42,7 +44,8 @@ public class DOMCallbackLookup implement
/**
* Get the DOM element that corresponds to the given id and ValueType reference. The Id can
* be a wsu:Id or else an Id attribute, or a SAML Id when the ValueType refers to a SAML
- * Assertion.
+ * Assertion.
+ *
* @param id The id of the element to locate
* @param valueType The ValueType attribute of the element to locate (can be null)
* @param checkMultipleElements If true then go through the entire tree and return
@@ -53,6 +56,26 @@ public class DOMCallbackLookup implement
public Element getElement(
String id, String valueType, boolean checkMultipleElements
) throws WSSecurityException {
+ return getAndRegisterElement(id, valueType, checkMultipleElements, null);
+ }
+
+ /**
+ * Get the DOM element that corresponds to the given id and ValueType reference. The Id can
+ * be a wsu:Id or else an Id attribute, or a SAML Id when the ValueType refers to a SAML
+ * Assertion. The implementation is also responsible to register the retrieved Element on the
+ * DOMCryptoContext argument, so that the XML Signature implementation can find the Element.
+ *
+ * @param id The id of the element to locate
+ * @param valueType The ValueType attribute of the element to locate (can be null)
+ * @param checkMultipleElements If true then go through the entire tree and return
+ * null if there are multiple elements with the same Id
+ * @param context The DOMCryptoContext to store the Element in
+ * @return the located element
+ * @throws WSSecurityException
+ */
+ public Element getAndRegisterElement(
+ String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context
+ ) throws WSSecurityException {
//
// Try the SOAP Body first
//
@@ -60,13 +83,30 @@ public class DOMCallbackLookup implement
if (bodyElement != null) {
String cId = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id");
if (cId.equals(id)) {
- return bodyElement;
+ if (context != null) {
+ context.setIdAttributeNS(bodyElement, WSConstants.WSU_NS, "Id");
+ }
+ return bodyElement;
}
}
// Otherwise do a general search
Element foundElement =
WSSecurityUtil.findElementById(doc.getDocumentElement(), id, checkMultipleElements);
if (foundElement != null) {
+ if (context != null) {
+ String idToMatch = id;
+ if (idToMatch.charAt(0) == '#') {
+ idToMatch = idToMatch.substring(1);
+ }
+ if (foundElement.hasAttributeNS(WSConstants.WSU_NS, "Id")
+ && idToMatch.equals(foundElement.getAttributeNS(WSConstants.WSU_NS, "Id"))) {
+ context.setIdAttributeNS(foundElement, WSConstants.WSU_NS, "Id");
+ }
+ if (foundElement.hasAttributeNS(null, "Id")
+ && idToMatch.equals(foundElement.getAttributeNS(null, "Id"))) {
+ context.setIdAttributeNS(foundElement, null, "Id");
+ }
+ }
return foundElement;
}
@@ -78,10 +118,27 @@ public class DOMCallbackLookup implement
|| WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)
|| "".equals(valueType)
|| valueType == null) {
- return
+ foundElement =
WSSecurityUtil.findSAMLAssertionElementById(
doc.getDocumentElement(), id
);
+ if (foundElement != null) {
+ String idToMatch = id;
+ if (idToMatch.charAt(0) == '#') {
+ idToMatch = idToMatch.substring(1);
+ }
+ if (context != null) {
+ if (foundElement.hasAttributeNS(null, "ID")
+ && idToMatch.equals(foundElement.getAttributeNS(null, "ID"))) {
+ context.setIdAttributeNS(foundElement, null, "ID");
+ }
+ if (foundElement.hasAttributeNS(null, "AssertionID")
+ && idToMatch.equals(foundElement.getAttributeNS(null, "AssertionID"))) {
+ context.setIdAttributeNS(foundElement, null, "AssertionID");
+ }
+ }
+ return foundElement;
+ }
}
return null;
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java?rev=1506495&r1=1506494&r2=1506495&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java Wed Jul 24 11:07:17 2013
@@ -471,12 +471,12 @@ public class SignatureProcessor implemen
while (referenceIterator.hasNext()) {
Reference reference = (Reference)referenceIterator.next();
String uri = reference.getURI();
- Element element = callbackLookup.getElement(uri, null, true);
+ Element element = callbackLookup.getAndRegisterElement(uri, null, true, context);
if (element == null) {
element = wsDocInfo.getTokenElement(uri);
- }
- if (element != null) {
- WSSecurityUtil.storeElementInContext(context, uri, element);
+ if (element != null) {
+ WSSecurityUtil.storeElementInContext(context, element);
+ }
}
}
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java?rev=1506495&r1=1506494&r2=1506495&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java Wed Jul 24 11:07:17 2013
@@ -1273,38 +1273,6 @@ public final class WSSecurityUtil {
/**
* Store the element argument in the DOM Crypto Context if it has one of the standard
- * "Id" attributes that matches the given uri
- */
- public static void storeElementInContext(
- DOMCryptoContext context,
- String uri,
- Element element
- ) {
- String id = uri;
- if (uri.charAt(0) == '#') {
- id = id.substring(1);
- }
-
- if (element.hasAttributeNS(WSConstants.WSU_NS, "Id")
- && id.equals(element.getAttributeNS(WSConstants.WSU_NS, "Id"))) {
- context.setIdAttributeNS(element, WSConstants.WSU_NS, "Id");
- }
- if (element.hasAttributeNS(null, "Id")
- && id.equals(element.getAttributeNS(null, "Id"))) {
- context.setIdAttributeNS(element, null, "Id");
- }
- if (element.hasAttributeNS(null, "ID")
- && id.equals(element.getAttributeNS(null, "ID"))) {
- context.setIdAttributeNS(element, null, "ID");
- }
- if (element.hasAttributeNS(null, "AssertionID")
- && id.equals(element.getAttributeNS(null, "AssertionID"))) {
- context.setIdAttributeNS(element, null, "AssertionID");
- }
- }
-
- /**
- * Store the element argument in the DOM Crypto Context if it has one of the standard
* "Id" attributes.
*/
public static void storeElementInContext(