You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2017/08/10 16:30:15 UTC
[6/8] cxf git commit: Fix a bunch more warnings
Fix a bunch more warnings
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f0797a55
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f0797a55
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f0797a55
Branch: refs/heads/master
Commit: f0797a552381467b1e10cba019c4a556e3734db1
Parents: c6ec599
Author: Daniel Kulp <dk...@apache.org>
Authored: Wed Aug 9 18:07:04 2017 -0400
Committer: Daniel Kulp <dk...@apache.org>
Committed: Thu Aug 10 11:17:55 2017 -0400
----------------------------------------------------------------------
.../policy/custom/AlgorithmSuiteBuilder.java | 4 +-
.../policy/interceptors/STSInvoker.java | 8 +-
.../SecureConversationOutInterceptor.java | 4 +-
.../SpnegoContextTokenInInterceptor.java | 12 +--
.../ws/security/tokenstore/SecurityToken.java | 12 +--
.../ws/security/trust/AbstractSTSClient.java | 32 +++---
.../security/trust/DefaultSTSTokenCacher.java | 18 ++--
.../cxf/ws/security/trust/STSLoginModule.java | 4 +-
.../wss4j/AbstractTokenInterceptor.java | 11 +-
.../wss4j/AbstractWSS4JInterceptor.java | 8 +-
.../wss4j/AbstractWSS4JStaxInterceptor.java | 3 +-
.../wss4j/AlgorithmSuiteTranslater.java | 10 +-
.../wss4j/BinarySecurityTokenInterceptor.java | 5 +-
.../security/wss4j/CryptoCoverageChecker.java | 4 +-
.../ws/security/wss4j/CryptoCoverageUtil.java | 16 +--
.../ws/security/wss4j/SamlTokenInterceptor.java | 5 +-
.../security/wss4j/StaxActionInInterceptor.java | 4 +-
.../wss4j/UsernameTokenInterceptor.java | 7 +-
.../security/wss4j/WSS4JStaxInInterceptor.java | 3 +-
.../policyhandlers/AbstractBindingBuilder.java | 103 ++++++++++---------
.../AbstractStaxBindingHandler.java | 27 ++---
.../AsymmetricBindingHandler.java | 31 +++---
.../StaxAsymmetricBindingHandler.java | 13 +--
.../StaxSymmetricBindingHandler.java | 11 +-
.../StaxTransportBindingHandler.java | 5 +-
.../policyhandlers/SymmetricBindingHandler.java | 79 +++++++-------
.../policyhandlers/TransportBindingHandler.java | 21 ++--
.../AbstractSupportingTokenPolicyValidator.java | 3 +-
.../AlgorithmSuitePolicyValidator.java | 7 +-
.../IssuedTokenPolicyValidator.java | 9 +-
.../X509TokenPolicyValidator.java | 7 +-
.../ws/security/wss4j/AbstractSecurityTest.java | 16 +--
.../security/wss4j/DOMToStaxRoundTripTest.java | 14 +--
.../wss4j/StaxCryptoCoverageCheckerTest.java | 22 ++--
.../security/wss4j/StaxRoundTripActionTest.java | 48 ++++-----
.../ws/security/wss4j/StaxRoundTripTest.java | 34 +++---
.../StaxToDOMEncryptionIdentifierTest.java | 22 ++--
.../security/wss4j/StaxToDOMRoundTripTest.java | 56 +++++-----
.../wss4j/StaxToDOMSignatureIdentifierTest.java | 12 ++-
.../wss4j/UserNameTokenAuthorizationTest.java | 7 +-
.../ws/security/wss4j/WSS4JFaultCodeTest.java | 8 +-
.../cxf/ws/security/wss4j/WSS4JInOutTest.java | 19 ++--
.../security/wss4j/WSS4JOutInterceptorTest.java | 11 +-
.../wss4j/saml/AbstractSAMLCallbackHandler.java | 5 +-
.../org/apache/cxf/sts/SignatureProperties.java | 3 +-
.../ClaimsAttributeStatementProvider.java | 6 +-
.../cxf/sts/operation/AbstractOperation.java | 17 +--
.../sts/rest/RESTSecurityTokenServiceImpl.java | 8 +-
.../cxf/sts/service/EncryptionProperties.java | 19 ++--
.../token/delegation/SAMLDelegationHandler.java | 4 +-
.../ActAsAttributeStatementProvider.java | 4 +-
.../DefaultAttributeStatementProvider.java | 6 +-
.../token/provider/DefaultSubjectProvider.java | 10 +-
.../sts/token/provider/SAMLTokenProvider.java | 10 +-
.../sts/token/provider/SamlCallbackHandler.java | 6 +-
.../sts/token/provider/SymmetricKeyHandler.java | 14 +--
.../cxf/sts/token/renewer/SAMLTokenRenewer.java | 3 +-
.../sts/token/validator/SAMLTokenValidator.java | 4 +-
.../token/validator/UsernameTokenValidator.java | 4 +-
.../sts/token/validator/X509TokenValidator.java | 5 +-
.../claims/mapper/JexlIssueSamlClaimsTest.java | 9 +-
.../cxf/sts/common/CustomAttributeProvider.java | 12 +--
.../sts/operation/IssueEncryptedUnitTest.java | 33 +++---
.../sts/operation/IssueJWTClaimsUnitTest.java | 18 ++--
.../operation/IssueJWTOnbehalfofUnitTest.java | 8 +-
.../sts/operation/IssueJWTRealmUnitTest.java | 8 +-
.../cxf/sts/operation/IssueJWTUnitTest.java | 8 +-
.../sts/operation/IssueOnbehalfofUnitTest.java | 60 +++++------
.../cxf/sts/operation/IssueSCTUnitTest.java | 10 +-
.../sts/operation/IssueSamlClaimsUnitTest.java | 36 +++----
.../sts/operation/IssueSamlRealmUnitTest.java | 18 ++--
.../cxf/sts/operation/IssueSamlUnitTest.java | 61 +++++------
.../apache/cxf/sts/operation/IssueUnitTest.java | 8 +-
.../cxf/sts/operation/RenewSamlUnitTest.java | 10 +-
.../ValidateJWTTransformationTest.java | 8 +-
.../cxf/sts/operation/ValidateSamlUnitTest.java | 6 +-
.../ValidateTokenTransformationUnitTest.java | 22 ++--
.../ValidateUsernameTokenUnitTest.java | 4 +-
.../operation/ValidateX509TokenUnitTest.java | 4 +-
.../provider/CustomAuthenticationProvider.java | 4 +-
.../token/provider/CustomSubjectProvider.java | 6 +-
.../token/provider/JWTProviderActAsTest.java | 6 +-
.../provider/JWTProviderOnBehalfOfTest.java | 6 +-
.../cxf/sts/token/provider/SAMLClaimsTest.java | 30 +++---
.../token/provider/SAMLProviderActAsTest.java | 31 +++---
.../token/provider/SAMLProviderCustomTest.java | 34 +++---
.../token/provider/SAMLProviderKeyTypeTest.java | 84 +++++++--------
.../provider/SAMLProviderLifetimeTest.java | 34 +++---
.../provider/SAMLProviderOnBehalfOfTest.java | 18 ++--
.../token/provider/SAMLProviderRealmTest.java | 18 ++--
.../renewer/SAMLTokenRenewerLifetimeTest.java | 12 +--
.../token/renewer/SAMLTokenRenewerPOPTest.java | 5 +-
.../renewer/SAMLTokenRenewerRealmTest.java | 6 +-
.../sts/token/renewer/SAMLTokenRenewerTest.java | 16 +--
.../SAMLTokenValidatorCachedRealmTest.java | 6 +-
.../validator/SAMLTokenValidatorRealmTest.java | 6 +-
.../token/validator/SAMLTokenValidatorTest.java | 26 ++---
.../validator/UsernameTokenValidatorTest.java | 16 +--
.../token/validator/X509TokenValidatorTest.java | 6 +-
.../systest/sts/batch/SimpleBatchSTSClient.java | 28 ++---
.../CustomAttributeStatementProvider.java | 6 +-
.../CustomUsernameTokenProvider.java | 4 +-
.../systest/sts/renew/SAMLRenewUnitTest.java | 14 +--
.../sts/secure_conv/SCTSAMLTokenProvider.java | 10 +-
.../sts_sender_vouches/SVSubjectProvider.java | 6 +-
.../sts/delegation/SAMLDelegationTest.java | 6 +-
.../systest/sts/issueunit/IssueUnitTest.java | 10 +-
.../sts/symmetric/SymmetricBindingTest.java | 4 +-
.../sts/transport/TransportBindingTest.java | 4 +-
.../CryptoCoverageCheckerTest.java | 4 +-
.../apache/cxf/systest/ws/fault/FaultTest.java | 4 +-
.../systest/ws/fault/ModifiedRequestTest.java | 14 +--
.../ws/gcm/MGF256AlgorithmSuiteLoader.java | 10 +-
.../ws/policy/JavaFirstPolicyServiceTest.java | 7 +-
.../cxf/systest/ws/saml/SamlTokenTest.java | 4 +-
.../cxf/systest/ws/wssc/WSSCUnitTest.java | 2 +-
.../cxf/systest/ws/x509/SHA512PolicyLoader.java | 4 +-
117 files changed, 890 insertions(+), 847 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
index d68f133..c69b9a1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
@@ -29,7 +29,7 @@ import org.apache.neethi.AssertionBuilderFactory;
import org.apache.neethi.Policy;
import org.apache.neethi.builders.AssertionBuilder;
import org.apache.wss4j.policy.SP11Constants;
-import org.apache.wss4j.policy.SP13Constants;
+import org.apache.wss4j.policy.SP12Constants;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.SPUtils;
import org.apache.wss4j.policy.model.AlgorithmSuite;
@@ -77,7 +77,7 @@ public class AlgorithmSuiteBuilder implements AssertionBuilder<Element> {
@Override
public QName[] getKnownElements() {
- return new QName[]{SP13Constants.ALGORITHM_SUITE, SP11Constants.ALGORITHM_SUITE};
+ return new QName[]{SP12Constants.ALGORITHM_SUITE, SP11Constants.ALGORITHM_SUITE};
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
index e68c61f..7f56164 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
@@ -45,6 +45,7 @@ import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.trust.STSUtils;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.common.derivedKey.P_SHA1;
@@ -52,7 +53,6 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.DateUtil;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -292,12 +292,12 @@ abstract class STSInvoker implements Invoker {
String namespace
) throws Exception {
writer.writeStartElement(prefix, "Lifetime", namespace);
- writer.writeNamespace("wsu", WSConstants.WSU_NS);
- writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS);
+ writer.writeNamespace("wsu", WSS4JConstants.WSU_NS);
+ writer.writeStartElement("wsu", "Created", WSS4JConstants.WSU_NS);
writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
- writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS);
+ writer.writeStartElement("wsu", "Expires", WSS4JConstants.WSU_NS);
writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
writer.writeEndElement();
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
index 452f9bd..6ea42ec 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
@@ -41,7 +41,7 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.trust.STSUtils;
-import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.SecureConversationToken;
import org.apache.wss4j.policy.model.Trust10;
@@ -197,7 +197,7 @@ class SecureConversationOutInterceptor extends AbstractPhaseInterceptor<SoapMess
String tokenType = tok.getTokenType();
tok.setTokenType(tokenType);
if (tokenType == null || "".equals(tokenType)) {
- tok.setTokenType(WSConstants.WSC_SCT);
+ tok.setTokenType(WSS4JConstants.WSC_SCT);
}
return tok;
} catch (RuntimeException e) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
index 21c42d8..e2d527a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
@@ -56,8 +56,8 @@ import org.apache.neethi.All;
import org.apache.neethi.Assertion;
import org.apache.neethi.ExactlyOne;
import org.apache.neethi.Policy;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.spnego.SpnegoTokenContext;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -278,7 +278,7 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
throw new Exception("No BinaryExchange element received");
}
String encoding = binaryExchange.getAttributeNS(null, "EncodingType");
- if (!WSConstants.BASE64_ENCODING.equals(encoding)) {
+ if (!WSS4JConstants.BASE64_ENCODING.equals(encoding)) {
throw new Exception("Unknown encoding type: " + encoding);
}
@@ -316,12 +316,12 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
writer.writeStartElement(prefix, "RequestedProofToken", namespace);
// EncryptedKey
- writer.writeStartElement(WSConstants.ENC_PREFIX, "EncryptedKey", WSConstants.ENC_NS);
- writer.writeStartElement(WSConstants.ENC_PREFIX, "EncryptionMethod", WSConstants.ENC_NS);
+ writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "EncryptedKey", WSS4JConstants.ENC_NS);
+ writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "EncryptionMethod", WSS4JConstants.ENC_NS);
writer.writeAttribute("Algorithm", namespace + "/spnego#GSS_Wrap");
writer.writeEndElement();
- writer.writeStartElement(WSConstants.ENC_PREFIX, "CipherData", WSConstants.ENC_NS);
- writer.writeStartElement(WSConstants.ENC_PREFIX, "CipherValue", WSConstants.ENC_NS);
+ writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "CipherData", WSS4JConstants.ENC_NS);
+ writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "CipherValue", WSS4JConstants.ENC_NS);
writer.writeCharacters(Base64.getMimeEncoder().encodeToString(key));
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
index eac0b0c..7fa4a4c 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
@@ -39,11 +39,11 @@ import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.staxutils.W3CDOMStreamWriter;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
/**
@@ -227,14 +227,14 @@ public class SecurityToken implements Serializable {
try {
Element createdElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
- WSConstants.WSU_NS,
- WSConstants.CREATED_LN);
+ WSS4JConstants.WSU_NS,
+ WSS4JConstants.CREATED_LN);
this.created = ZonedDateTime.parse(DOMUtils.getContent(createdElem)).toInstant();
Element expiresElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
- WSConstants.WSU_NS,
- WSConstants.EXPIRES_LN);
+ WSS4JConstants.WSU_NS,
+ WSS4JConstants.EXPIRES_LN);
this.expires = ZonedDateTime.parse(DOMUtils.getContent(expiresElem)).toInstant();
} catch (DateTimeParseException e) {
//shouldn't happen
@@ -454,7 +454,7 @@ public class SecurityToken implements Serializable {
}
if ("KeyInfo".equals(child.getLocalName())
- && WSConstants.SIG_NS.equals(child.getNamespaceURI())) {
+ && WSS4JConstants.SIG_NS.equals(child.getNamespaceURI())) {
return DOMUtils.getContent(child);
} else if (Reference.TOKEN.getLocalPart().equals(child.getLocalName())
&& Reference.TOKEN.getNamespaceURI().equals(child.getNamespaceURI())) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 4fc227a..a1ef079 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -113,6 +113,7 @@ import org.apache.neethi.ExactlyOne;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyComponent;
import org.apache.neethi.PolicyRegistry;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.CryptoType;
@@ -122,7 +123,6 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.util.DateUtil;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
@@ -985,7 +985,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
W3CDOMStreamWriter writer
) throws XMLStreamException {
writer.writeStartElement("wst", "BinaryExchange", namespace);
- writer.writeAttribute("EncodingType", WSConstants.BASE64_ENCODING);
+ writer.writeAttribute("EncodingType", WSS4JConstants.BASE64_ENCODING);
writer.writeAttribute("ValueType", namespace + "/spnego");
writer.writeCharacters(binaryExchange);
writer.writeEndElement();
@@ -1378,12 +1378,12 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
Instant expires = created.plusSeconds(ttl);
writer.writeStartElement("wst", "Lifetime", namespace);
- writer.writeNamespace("wsu", WSConstants.WSU_NS);
- writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS);
+ writer.writeNamespace("wsu", WSS4JConstants.WSU_NS);
+ writer.writeStartElement("wsu", "Created", WSS4JConstants.WSU_NS);
writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
- writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS);
+ writer.writeStartElement("wsu", "Expires", WSS4JConstants.WSU_NS);
writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
writer.writeEndElement();
@@ -1501,7 +1501,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
// First check for the binary secret
String b64Secret = DOMUtils.getContent(child);
secret = Base64.getMimeDecoder().decode(b64Secret);
- } else if (childQname.equals(new QName(WSConstants.ENC_NS, WSConstants.ENC_KEY_LN))) {
+ } else if (childQname.equals(new QName(WSS4JConstants.ENC_NS, WSS4JConstants.ENC_KEY_LN))) {
secret = decryptKey(child);
} else if (childQname.equals(new QName(namespace, "ComputedKey"))) {
// Handle the computed key
@@ -1510,7 +1510,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
if (computedKeyChild != null) {
QName computedKeyChildQName = DOMUtils.getElementQName(computedKeyChild);
- if (computedKeyChildQName.equals(new QName(WSConstants.ENC_NS, WSConstants.ENC_KEY_LN))) {
+ if (computedKeyChildQName.equals(new QName(WSS4JConstants.ENC_NS, WSS4JConstants.ENC_KEY_LN))) {
serviceEntr = decryptKey(computedKeyChild);
} else if (computedKeyChildQName.equals(new QName(namespace, "BinarySecret"))) {
String content = DOMUtils.getContent(computedKeyChild);
@@ -1560,11 +1560,11 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
if (encryptionAlgorithm != null && encryptionAlgorithm.endsWith("spnego#GSS_Wrap")) {
// Get the CipherValue
Element tmpE =
- XMLUtils.getDirectChildElement(child, "CipherData", WSConstants.ENC_NS);
+ XMLUtils.getDirectChildElement(child, "CipherData", WSS4JConstants.ENC_NS);
byte[] cipherValue = null;
if (tmpE != null) {
tmpE =
- XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
+ XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSS4JConstants.ENC_NS);
if (tmpE != null) {
String content = DOMUtils.getContent(tmpE);
cipherValue = Base64.getMimeDecoder().decode(content);
@@ -1658,10 +1658,10 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
String id = null;
if (rst != null) {
QName elName = DOMUtils.getElementQName(rst);
- if (elName.equals(new QName(WSConstants.SAML_NS, "Assertion"))
+ if (elName.equals(new QName(WSS4JConstants.SAML_NS, "Assertion"))
&& rst.hasAttributeNS(null, "AssertionID")) {
id = rst.getAttributeNS(null, "AssertionID");
- } else if (elName.equals(new QName(WSConstants.SAML2_NS, "Assertion"))
+ } else if (elName.equals(new QName(WSS4JConstants.SAML2_NS, "Assertion"))
&& rst.hasAttributeNS(null, "ID")) {
id = rst.getAttributeNS(null, "ID");
}
@@ -1676,13 +1676,13 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
id = this.getIDFromSTR(rur);
}
if ((id == null || "".equals(id)) && rst != null) {
- id = rst.getAttributeNS(WSConstants.WSU_NS, "Id");
+ id = rst.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
if (id == null || "".equals(id)) {
QName elName = DOMUtils.getElementQName(rst);
- if (elName.equals(new QName(WSConstants.SAML2_NS, "EncryptedAssertion"))) {
+ if (elName.equals(new QName(WSS4JConstants.SAML2_NS, "EncryptedAssertion"))) {
Element child = DOMUtils.getFirstElement(rst);
if (child != null) {
- id = child.getAttributeNS(WSConstants.WSU_NS, "Id");
+ id = child.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
}
}
@@ -1696,8 +1696,8 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
return null;
}
QName elName = DOMUtils.getElementQName(child);
- if (elName.equals(new QName(WSConstants.SIG_NS, "KeyInfo"))
- || elName.equals(new QName(WSConstants.WSSE_NS, "KeyIdentifier"))) {
+ if (elName.equals(new QName(WSS4JConstants.SIG_NS, "KeyInfo"))
+ || elName.equals(new QName(WSS4JConstants.WSSE_NS, "KeyIdentifier"))) {
return DOMUtils.getContent(child);
} else if (elName.equals(Reference.TOKEN)) {
return child.getAttributeNS(null, "URI");
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
index 4ef4ab4..37d74cb 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
@@ -33,10 +33,10 @@ import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
public class DefaultSTSTokenCacher implements STSTokenCacher {
@@ -140,7 +140,7 @@ public class DefaultSTSTokenCacher implements STSTokenCacher {
private static boolean isOneTimeUse(SecurityToken issuedToken) {
Element token = issuedToken.getToken();
if (token != null && "Assertion".equals(token.getLocalName())
- && WSConstants.SAML2_NS.equals(token.getNamespaceURI())) {
+ && WSS4JConstants.SAML2_NS.equals(token.getNamespaceURI())) {
try {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(token);
@@ -161,26 +161,26 @@ public class DefaultSTSTokenCacher implements STSTokenCacher {
if (token != null) {
// For SAML tokens get the ID/AssertionID
if ("Assertion".equals(token.getLocalName())
- && WSConstants.SAML2_NS.equals(token.getNamespaceURI())) {
+ && WSS4JConstants.SAML2_NS.equals(token.getNamespaceURI())) {
return token.getAttributeNS(null, "ID");
} else if ("Assertion".equals(token.getLocalName())
- && WSConstants.SAML_NS.equals(token.getNamespaceURI())) {
+ && WSS4JConstants.SAML_NS.equals(token.getNamespaceURI())) {
return token.getAttributeNS(null, "AssertionID");
}
// For UsernameTokens get the username
- if (WSConstants.USERNAME_TOKEN_LN.equals(token.getLocalName())
- && WSConstants.WSSE_NS.equals(token.getNamespaceURI())) {
+ if (WSS4JConstants.USERNAME_TOKEN_LN.equals(token.getLocalName())
+ && WSS4JConstants.WSSE_NS.equals(token.getNamespaceURI())) {
Element usernameElement =
- XMLUtils.getDirectChildElement(token, WSConstants.USERNAME_LN, WSConstants.WSSE_NS);
+ XMLUtils.getDirectChildElement(token, WSS4JConstants.USERNAME_LN, WSS4JConstants.WSSE_NS);
if (usernameElement != null) {
return XMLUtils.getElementText(usernameElement);
}
}
// For BinarySecurityTokens take the hash of the value
- if (WSConstants.BINARY_TOKEN_LN.equals(token.getLocalName())
- && WSConstants.WSSE_NS.equals(token.getNamespaceURI())) {
+ if (WSS4JConstants.BINARY_TOKEN_LN.equals(token.getLocalName())
+ && WSS4JConstants.WSSE_NS.equals(token.getNamespaceURI())) {
String text = XMLUtils.getElementText(token);
if (text != null && !"".equals(text)) {
try {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
index 5357f35..ce00a9f 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
@@ -61,9 +61,9 @@ import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.cxf.ws.security.trust.claims.RoleClaimsCallbackHandler;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.util.Loader;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.message.token.UsernameToken;
import org.apache.wss4j.dom.validate.Credential;
@@ -347,7 +347,7 @@ public class STSLoginModule implements LoginModule {
Document doc = DOMUtils.createDocument();
UsernameToken token = new UsernameToken(false, doc,
- WSConstants.PASSWORD_TEXT);
+ WSS4JConstants.PASSWORD_TEXT);
token.setName(username);
token.setPassword(password);
return token;
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
index d957db0..3176e43 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
@@ -49,6 +49,7 @@ import org.apache.cxf.ws.policy.PolicyException;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.policy.SPConstants;
@@ -154,8 +155,8 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor {
for (Header h : message.getHeaders()) {
QName n = h.getName();
if (n.getLocalPart().equals("Security")
- && (n.getNamespaceURI().equals(WSConstants.WSSE_NS)
- || n.getNamespaceURI().equals(WSConstants.WSSE11_NS))) {
+ && (n.getNamespaceURI().equals(WSS4JConstants.WSSE_NS)
+ || n.getNamespaceURI().equals(WSS4JConstants.WSSE11_NS))) {
return h;
}
}
@@ -163,9 +164,9 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor {
return null;
}
Document doc = DOMUtils.createDocument();
- Element el = doc.createElementNS(WSConstants.WSSE_NS, "wsse:Security");
- el.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsse", WSConstants.WSSE_NS);
- SoapHeader sh = new SoapHeader(new QName(WSConstants.WSSE_NS, "Security"), el);
+ Element el = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:Security");
+ el.setAttributeNS(WSS4JConstants.XMLNS_NS, "xmlns:wsse", WSS4JConstants.WSSE_NS);
+ SoapHeader sh = new SoapHeader(new QName(WSS4JConstants.WSSE_NS, "Security"), el);
sh.setMustUnderstand(true);
message.getHeaders().add(sh);
return sh;
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
index 0d57a9a..e222faa 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
@@ -36,10 +36,10 @@ import org.apache.cxf.phase.PhaseInterceptor;
import org.apache.cxf.rt.security.utils.SecurityUtils;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.wss4j.common.ConfigurationConstants;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.PasswordEncryptor;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
@@ -49,9 +49,9 @@ public abstract class AbstractWSS4JInterceptor extends WSHandler implements Soap
private static final Set<QName> HEADERS = new HashSet<>();
static {
- HEADERS.add(new QName(WSConstants.WSSE_NS, "Security"));
- HEADERS.add(new QName(WSConstants.ENC_NS, "EncryptedData"));
- HEADERS.add(new QName(WSConstants.WSSE11_NS, "EncryptedHeader"));
+ HEADERS.add(new QName(WSS4JConstants.WSSE_NS, "Security"));
+ HEADERS.add(new QName(WSS4JConstants.ENC_NS, "EncryptedData"));
+ HEADERS.add(new QName(WSS4JConstants.WSSE11_NS, "EncryptedHeader"));
}
private Map<String, Object> properties = new ConcurrentHashMap<>();
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
index 68f2ec9..f9c8bd2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
@@ -59,6 +59,7 @@ import org.apache.wss4j.common.util.Loader;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.setup.ConfigurationConverter;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
PhaseInterceptor<SoapMessage> {
@@ -68,7 +69,7 @@ public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
static {
HEADERS.add(new QName(WSSConstants.NS_WSSE10, "Security"));
- HEADERS.add(new QName(WSSConstants.NS_XMLENC, "EncryptedData"));
+ HEADERS.add(new QName(XMLSecurityConstants.NS_XMLENC, "EncryptedData"));
HEADERS.add(new QName(WSSConstants.NS_WSSE11, "EncryptedHeader"));
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
index a56c980..595d419 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
@@ -26,9 +26,9 @@ import java.util.List;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.policy.PolicyUtils;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.crypto.AlgorithmSuite;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AbstractBinding;
@@ -132,10 +132,10 @@ public final class AlgorithmSuiteTranslater {
algorithmSuite.addTransformAlgorithm(cxfAlgorithmSuite.getC14n().getValue());
algorithmSuite.addTransformAlgorithm(SPConstants.STRT10);
- algorithmSuite.addTransformAlgorithm(WSConstants.C14N_EXCL_OMIT_COMMENTS);
- algorithmSuite.addTransformAlgorithm(WSConstants.NS_XMLDSIG_ENVELOPED_SIGNATURE);
- algorithmSuite.addTransformAlgorithm(WSConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS);
- algorithmSuite.addTransformAlgorithm(WSConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS);
+ algorithmSuite.addTransformAlgorithm(WSS4JConstants.C14N_EXCL_OMIT_COMMENTS);
+ algorithmSuite.addTransformAlgorithm(WSS4JConstants.NS_XMLDSIG_ENVELOPED_SIGNATURE);
+ algorithmSuite.addTransformAlgorithm(WSS4JConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS);
+ algorithmSuite.addTransformAlgorithm(WSS4JConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS);
algorithmSuite.addDerivedKeyAlgorithm(SPConstants.P_SHA1);
algorithmSuite.addDerivedKeyAlgorithm(SPConstants.P_SHA1_L128);
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
index 3b3542e..3664da1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
@@ -35,6 +35,7 @@ import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDocInfo;
@@ -65,8 +66,8 @@ public class BinarySecurityTokenInterceptor extends AbstractTokenInterceptor {
Element el = (Element)h.getObject();
Element child = DOMUtils.getFirstElement(el);
while (child != null) {
- if (WSConstants.BINARY_TOKEN_LN.equals(child.getLocalName())
- && WSConstants.WSSE_NS.equals(child.getNamespaceURI())) {
+ if (WSS4JConstants.BINARY_TOKEN_LN.equals(child.getLocalName())
+ && WSS4JConstants.WSSE_NS.equals(child.getNamespaceURI())) {
try {
List<WSSecurityEngineResult> bstResults = processToken(child, message);
if (bstResults != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
index 9ca26a8..ed6a90c 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
@@ -46,6 +46,7 @@ import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope;
import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDataRef;
@@ -148,7 +149,8 @@ public class CryptoCoverageChecker extends AbstractSoapInterceptor {
CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (sl != null) {
if (sl.size() == 1
- && sl.get(0).getName().equals(new QName(WSConstants.SIG_NS, WSConstants.SIG_LN))) {
+ && sl.get(0).getName().equals(new QName(WSS4JConstants.SIG_NS,
+ WSS4JConstants.SIG_LN))) {
//endorsing the signature so don't include
continue;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
index eedc7e8..d91df20 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
@@ -35,8 +35,8 @@ import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.helpers.MapNamespaceContext;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDataRef;
@@ -73,11 +73,11 @@ public final class CryptoCoverageUtil {
Element protectedElement = signedRef.getProtectedElement();
if (protectedElement != null
&& ("EncryptedData".equals(protectedElement.getLocalName())
- && WSConstants.ENC_NS.equals(protectedElement.getNamespaceURI())
- || WSConstants.ENCRYPTED_HEADER.equals(protectedElement.getLocalName())
- && WSConstants.WSSE11_NS.equals(protectedElement.getNamespaceURI())
- || WSConstants.ENCRYPED_ASSERTION_LN.equals(protectedElement.getLocalName())
- && WSConstants.SAML2_NS.equals(protectedElement.getNamespaceURI()))) {
+ && WSS4JConstants.ENC_NS.equals(protectedElement.getNamespaceURI())
+ || WSS4JConstants.ENCRYPTED_HEADER.equals(protectedElement.getLocalName())
+ && WSS4JConstants.WSSE11_NS.equals(protectedElement.getNamespaceURI())
+ || WSS4JConstants.ENCRYPED_ASSERTION_LN.equals(protectedElement.getLocalName())
+ && WSS4JConstants.SAML2_NS.equals(protectedElement.getNamespaceURI()))) {
for (WSDataRef encryptedRef : encryptedRefs) {
if (protectedElement == encryptedRef.getEncryptedElement()) {
@@ -140,9 +140,9 @@ public final class CryptoCoverageUtil {
) throws WSSecurityException {
String requiredTransform = null;
if (type == CoverageType.SIGNED && scope == CoverageScope.CONTENT) {
- requiredTransform = WSConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS;
+ requiredTransform = WSS4JConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS;
} else if (type == CoverageType.SIGNED) {
- requiredTransform = WSConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS;
+ requiredTransform = WSS4JConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS;
}
if (attachments != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index c2cd5ed..dd8506e 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -46,6 +46,7 @@ import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.PolicyUtils;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.PasswordEncryptor;
@@ -89,8 +90,8 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
Element child = DOMUtils.getFirstElement(el);
while (child != null) {
if ("Assertion".equals(child.getLocalName())
- && (WSConstants.SAML_NS.equals(child.getNamespaceURI())
- || WSConstants.SAML2_NS.equals(child.getNamespaceURI()))) {
+ && (WSS4JConstants.SAML_NS.equals(child.getNamespaceURI())
+ || WSS4JConstants.SAML2_NS.equals(child.getNamespaceURI()))) {
try {
List<WSSecurityEngineResult> samlResults = processToken(child, message);
if (samlResults != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
index 01f25f6..a5005a5 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
@@ -91,7 +91,7 @@ public class StaxActionInInterceptor extends AbstractPhaseInterceptor<SoapMessag
requiredEvent = WSSecurityEventConstants.TIMESTAMP;
} else if (WSSConstants.USERNAMETOKEN.equals(action)) {
requiredEvent = WSSecurityEventConstants.USERNAME_TOKEN;
- } else if (WSSConstants.SIGNATURE.equals(action)) {
+ } else if (XMLSecurityConstants.SIGNATURE.equals(action)) {
requiredEvent = WSSecurityEventConstants.SignatureValue;
} else if (WSSConstants.SAML_TOKEN_SIGNED.equals(action)
|| WSSConstants.SAML_TOKEN_UNSIGNED.equals(action)) {
@@ -106,7 +106,7 @@ public class StaxActionInInterceptor extends AbstractPhaseInterceptor<SoapMessag
throw WSS4JUtils.createSoapFault(soapMessage, soapMessage.getVersion(), ex);
}
- if (WSSConstants.ENCRYPT.equals(action)) {
+ if (XMLSecurityConstants.ENCRYPT.equals(action)) {
boolean foundEncryptionPart =
isEventInResults(WSSecurityEventConstants.ENCRYPTED_PART, incomingSecurityEventList);
if (!foundEncryptionPart) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
index e41bea7..36f8f60 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
@@ -49,6 +49,7 @@ import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.PolicyUtils;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.cache.ReplayCache;
import org.apache.wss4j.common.ext.WSPasswordCallback;
@@ -94,7 +95,7 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor {
Element child = DOMUtils.getFirstElement(el);
while (child != null) {
if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())
- && WSConstants.WSSE_NS.equals(child.getNamespaceURI())) {
+ && WSS4JConstants.WSSE_NS.equals(child.getNamespaceURI())) {
try {
boolean bspCompliant = isWsiBSPCompliant(message);
Principal principal = null;
@@ -428,9 +429,9 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor {
utBuilder.setIdAllocator(wssConfig.getIdAllocator());
utBuilder.setWsTimeSource(wssConfig.getCurrentTime());
if (token.getPasswordType() == UsernameToken.PasswordType.HashPassword) {
- utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
+ utBuilder.setPasswordType(WSS4JConstants.PASSWORD_DIGEST);
} else {
- utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
+ utBuilder.setPasswordType(WSS4JConstants.PASSWORD_TEXT);
}
if (token.isCreated()) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
index 73879fe..94f9544 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
@@ -59,6 +59,7 @@ import org.apache.wss4j.stax.setup.InboundWSSec;
import org.apache.wss4j.stax.setup.WSSec;
import org.apache.wss4j.stax.validate.Validator;
import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventListener;
@@ -347,7 +348,7 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor {
}
validator = loadValidator(SecurityConstants.SIGNATURE_TOKEN_VALIDATOR, message);
if (validator != null) {
- properties.addValidator(WSSConstants.TAG_dsig_Signature, validator);
+ properties.addValidator(XMLSecurityConstants.TAG_dsig_Signature, validator);
}
validator = loadValidator(SecurityConstants.TIMESTAMP_TOKEN_VALIDATOR, message);
if (validator != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 724d8aa..ce484d0 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -83,6 +83,7 @@ import org.apache.cxf.wsdl.WSDLConstants;
import org.apache.neethi.Assertion;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -564,16 +565,16 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
sig.setStoreBytesInAttachment(storeBytesInAttachment);
String tokenType = secToken.getTokenType();
- if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML_NS.equals(tokenType)) {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
- } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML2_NS.equals(tokenType)) {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+ if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML_NS.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
+ } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
} else if (tokenType != null) {
sig.setCustomTokenValueType(tokenType);
} else {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
}
sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAsymmetricSignature());
sig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
@@ -668,8 +669,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
WSSecSignature tempSig = (WSSecSignature) tempTok;
SecurityTokenReference secRef = tempSig.getSecurityTokenReference();
- if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())
- || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) {
+ if (WSS4JConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())
+ || WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) {
Element secRefElement = cloneElement(secRef.getElement());
addSupportingElement(secRefElement);
@@ -712,13 +713,13 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
} else if (tempTok instanceof WSSecurityTokenHolder) {
SecurityToken token = ((WSSecurityTokenHolder)tempTok).getToken();
String tokenType = token.getTokenType();
- if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML_NS.equals(tokenType)
- || WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML2_NS.equals(tokenType)) {
+ if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML_NS.equals(tokenType)
+ || WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML2_NS.equals(tokenType)) {
Document doc = token.getToken().getOwnerDocument();
- boolean saml1 = WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML_NS.equals(tokenType);
+ boolean saml1 = WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML_NS.equals(tokenType);
String id = token.getId();
if (id == null || "".equals(id)) {
if (saml1) {
@@ -778,21 +779,21 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
new org.apache.wss4j.common.token.Reference(doc);
ref.setURI("#" + id);
if (saml1) {
- ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
- secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ ref.setValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
+ secRefSaml.addTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
} else {
- secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ secRefSaml.addTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
}
secRefSaml.setReference(ref);
} else {
- Element keyId = doc.createElementNS(WSConstants.WSSE_NS, "wsse:KeyIdentifier");
+ Element keyId = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:KeyIdentifier");
String valueType = null;
if (saml1) {
- valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE;
- secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ valueType = WSS4JConstants.WSS_SAML_KI_VALUE_TYPE;
+ secRefSaml.addTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
} else {
- valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE;
- secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ valueType = WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE;
+ secRefSaml.addTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
}
keyId.setAttributeNS(
null, "ValueType", valueType
@@ -830,9 +831,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
if (password != null) {
// If the password is available then build the token
if (token.getPasswordType() == UsernameToken.PasswordType.HashPassword) {
- utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
+ utBuilder.setPasswordType(WSS4JConstants.PASSWORD_DIGEST);
} else {
- utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
+ utBuilder.setPasswordType(WSS4JConstants.PASSWORD_TEXT);
}
utBuilder.setUserInfo(userName, password);
} else {
@@ -907,10 +908,10 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
String localname = tokenElement.getLocalName();
SamlTokenType tokenType = token.getSamlTokenType();
if ((tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11)
- && WSConstants.SAML_NS.equals(namespace) && "Assertion".equals(localname)) {
+ && WSS4JConstants.SAML_NS.equals(namespace) && "Assertion".equals(localname)) {
return new SamlAssertionWrapper(tokenElement);
} else if (tokenType == SamlTokenType.WssSamlV20Token11
- && WSConstants.SAML2_NS.equals(namespace) && "Assertion".equals(localname)) {
+ && WSS4JConstants.SAML2_NS.equals(namespace) && "Assertion".equals(localname)) {
return new SamlAssertionWrapper(tokenElement);
}
}
@@ -974,9 +975,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
}
SecurityToken secToken = new SecurityToken(id);
if (assertion.getSaml2() != null) {
- secToken.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ secToken.setTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
} else {
- secToken.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ secToken.setTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
}
secToken.setToken(assertion.getElement());
getTokenStore().add(secToken);
@@ -987,15 +988,15 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
String id = null;
if (samlToken != null) {
QName elName = DOMUtils.getElementQName(samlToken);
- if (elName.equals(new QName(WSConstants.SAML_NS, "Assertion"))
+ if (elName.equals(new QName(WSS4JConstants.SAML_NS, "Assertion"))
&& samlToken.hasAttributeNS(null, "AssertionID")) {
id = samlToken.getAttributeNS(null, "AssertionID");
- } else if (elName.equals(new QName(WSConstants.SAML2_NS, "Assertion"))
+ } else if (elName.equals(new QName(WSS4JConstants.SAML2_NS, "Assertion"))
&& samlToken.hasAttributeNS(null, "ID")) {
id = samlToken.getAttributeNS(null, "ID");
}
if (id == null) {
- id = samlToken.getAttributeNS(WSConstants.WSU_NS, "Id");
+ id = samlToken.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
}
return id;
@@ -1772,13 +1773,13 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
} else {
int type = attached ? WSConstants.CUSTOM_SYMM_SIGNING
: WSConstants.CUSTOM_SYMM_SIGNING_DIRECT;
- if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML_NS.equals(tokenType)) {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+ if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML_NS.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
- } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML2_NS.equals(tokenType)) {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+ } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
} else {
sig.setCustomTokenValueType(tokenType);
@@ -2007,7 +2008,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
= new SecurityTokenReference(doc);
if (tok.getSHA1() != null) {
tokenRef.setKeyIdentifierEncKeySHA1(tok.getSHA1());
- tokenRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+ tokenRef.addTokenType(WSS4JConstants.WSS_ENC_KEY_VALUE_TYPE);
}
dkSign.setExternalKey(tok.getSecret(), tokenRef.getElement());
@@ -2022,10 +2023,10 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
dkSign.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
if (tok.getSHA1() != null) {
//Set the value type of the reference
- dkSign.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
- + WSConstants.ENC_KEY_VALUE_TYPE);
+ dkSign.setCustomValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#"
+ + WSS4JConstants.ENC_KEY_VALUE_TYPE);
} else if (policyToken instanceof UsernameToken) {
- dkSign.setCustomValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
+ dkSign.setCustomValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
}
dkSign.prepare();
@@ -2072,7 +2073,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
if (isRequestor()) {
// TODO Add support for SAML2 here
sig.setCustomTokenValueType(
- WSConstants.SOAPMESSAGE_NS11 + "#" + WSConstants.ENC_KEY_VALUE_TYPE
+ WSS4JConstants.SOAPMESSAGE_NS11 + "#" + WSS4JConstants.ENC_KEY_VALUE_TYPE
);
sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
} else {
@@ -2083,18 +2084,18 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
} else {
String tokenType = tok.getTokenType();
- if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML_NS.equals(tokenType)) {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
- } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML2_NS.equals(tokenType)) {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+ if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML_NS.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
+ } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
} else if (tokenType != null) {
sig.setCustomTokenValueType(tokenType);
} else if (policyToken instanceof UsernameToken) {
- sig.setCustomTokenValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
} else {
- sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+ sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
}
sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
index fa6859f..0860627 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
@@ -48,6 +48,7 @@ import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
@@ -55,7 +56,6 @@ import org.apache.wss4j.common.saml.bean.KeyInfoBean;
import org.apache.wss4j.common.saml.bean.SubjectBean;
import org.apache.wss4j.common.saml.bean.Version;
import org.apache.wss4j.common.util.KeyUtils;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.SPConstants.IncludeTokenType;
import org.apache.wss4j.policy.model.AbstractBinding;
@@ -94,6 +94,7 @@ import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.OutboundSecurityContext;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.ext.SecurePart.Modifier;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
@@ -245,11 +246,11 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
kerberosSecurityTokenProvider.getId());
if (encrypting) {
- outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
+ outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
kerberosSecurityTokenProvider.getId());
}
if (endorsing) {
- outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
+ outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
kerberosSecurityTokenProvider.getId());
}
@@ -350,7 +351,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
samlCallback.setAssertionElement(el);
samlCallback.setSubject(subjectBean);
- if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) {
+ if (WSS4JConstants.SAML_NS.equals(el.getNamespaceURI())) {
samlCallback.setSamlVersion(Version.SAML_11);
} else {
samlCallback.setSamlVersion(Version.SAML_20);
@@ -363,7 +364,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
properties.setSamlCallbackHandler(callbackHandler);
QName qname = WSSConstants.TAG_SAML2_ASSERTION;
- if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) {
+ if (WSS4JConstants.SAML_NS.equals(el.getNamespaceURI())) {
qname = WSSConstants.TAG_SAML_ASSERTION;
}
@@ -450,9 +451,9 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
outboundSecurityContext.registerSecurityTokenProvider(
encryptedKeySecurityTokenProvider.getId(), encryptedKeySecurityTokenProvider);
- outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
+ outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
encryptedKeySecurityTokenProvider.getId());
- outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
+ outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
encryptedKeySecurityTokenProvider.getId());
outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN,
encryptedKeySecurityTokenProvider.getId());
@@ -679,7 +680,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element);
encryptedTokensList.add(part);
}
- ret.put(token, new SecurePart(WSSConstants.TAG_dsig_Signature, Modifier.Element));
+ ret.put(token, new SecurePart(XMLSecurityConstants.TAG_dsig_Signature, Modifier.Element));
} else if (token instanceof SamlToken) {
SecurePart securePart = addSamlToken((SamlToken)token, signed, endorse);
if (securePart != null) {
@@ -990,8 +991,8 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
if (properties.getActions() != null) {
List<WSSConstants.Action> actionList = properties.getActions();
if (actionList.contains(WSSConstants.SAML_TOKEN_SIGNED)
- && actionList.contains(WSSConstants.SIGNATURE)) {
- actionList.remove(WSSConstants.SIGNATURE);
+ && actionList.contains(XMLSecurityConstants.SIGNATURE)) {
+ actionList.remove(XMLSecurityConstants.SIGNATURE);
}
}
}
@@ -1001,9 +1002,9 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
if (properties.getActions() != null) {
List<WSSConstants.Action> actionList = properties.getActions();
boolean sigConf = actionList.contains(WSSConstants.SIGNATURE_CONFIRMATION);
- if (sigConf && actionList.contains(WSSConstants.SIGNATURE)) {
+ if (sigConf && actionList.contains(XMLSecurityConstants.SIGNATURE)) {
actionList.remove(WSSConstants.SIGNATURE_CONFIRMATION);
- actionList.add(actionList.indexOf(WSSConstants.SIGNATURE) + 1,
+ actionList.add(actionList.indexOf(XMLSecurityConstants.SIGNATURE) + 1,
WSSConstants.SIGNATURE_CONFIRMATION);
} else if (sigConf && actionList.contains(WSSConstants.SIGNATURE_WITH_DERIVED_KEY)) {
actionList.remove(WSSConstants.SIGNATURE_CONFIRMATION);
@@ -1029,7 +1030,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
protected void putCustomTokenAfterSignature() {
if (properties.getActions() != null) {
List<WSSConstants.Action> actionList = properties.getActions();
- if ((actionList.contains(WSSConstants.SIGNATURE)
+ if ((actionList.contains(XMLSecurityConstants.SIGNATURE)
|| actionList.contains(WSSConstants.SIGNATURE_WITH_DERIVED_KEY)
|| actionList.contains(WSSConstants.SIGNATURE_WITH_KERBEROS_TOKEN))
&& actionList.contains(WSSConstants.CUSTOM_TOKEN)) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 2c678f8..824cc59 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -48,6 +48,7 @@ import org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler;
import org.apache.cxf.ws.security.wss4j.StaxSerializer;
import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -422,8 +423,8 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
try {
// Encrypt, get hold of the ref list and add it
Element secondRefList = saaj.getSOAPPart()
- .createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":ReferenceList");
+ .createElementNS(WSS4JConstants.ENC_NS,
+ WSS4JConstants.ENC_PREFIX + ":ReferenceList");
if (lastEncryptedKeyElement != null) {
insertAfter(secondRefList, lastEncryptedKeyElement);
} else {
@@ -466,14 +467,14 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
if (!isRequestor() && securityToken != null
&& recToken.getToken() instanceof SamlToken) {
String tokenType = securityToken.getTokenType();
- if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML_NS.equals(tokenType)) {
- encr.setCustomEKTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+ if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML_NS.equals(tokenType)) {
+ encr.setCustomEKTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
encr.setCustomEKTokenId(securityToken.getId());
- } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
- || WSConstants.SAML2_NS.equals(tokenType)) {
- encr.setCustomEKTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+ } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+ || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+ encr.setCustomEKTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
encr.setCustomEKTokenId(securityToken.getId());
} else {
@@ -577,8 +578,8 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
dkEncr.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
dkEncr.getParts().addAll(encrParts);
- dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
- + WSConstants.ENC_KEY_VALUE_TYPE);
+ dkEncr.setCustomValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#"
+ + WSS4JConstants.ENC_KEY_VALUE_TYPE);
AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType();
dkEncr.setSymmetricEncAlgorithm(algType.getEncryption());
dkEncr.setDerivedKeyLength(algType.getEncryptionDerivedKeyLength() / 8);
@@ -665,8 +666,8 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
AlgorithmSuiteType algType = abinding.getAlgorithmSuite().getAlgorithmSuiteType();
dkSign.setDigestAlgorithm(algType.getDigest());
dkSign.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
- dkSign.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
- + WSConstants.ENC_KEY_VALUE_TYPE);
+ dkSign.setCustomValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#"
+ + WSS4JConstants.ENC_KEY_VALUE_TYPE);
boolean includePrefixes =
MessageUtils.getContextualBoolean(
@@ -682,7 +683,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
new QName(abinding.getName().getNamespaceURI(), SPConstants.PROTECT_TOKENS));
if (bstElement != null) {
WSEncryptionPart bstPart =
- new WSEncryptionPart(bstElement.getAttributeNS(WSConstants.WSU_NS, "Id"));
+ new WSEncryptionPart(bstElement.getAttributeNS(WSS4JConstants.WSU_NS, "Id"));
bstPart.setElement(bstElement);
sigParts.add(bstPart);
} else {
@@ -829,9 +830,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
SamlAssertionWrapper samlAssertion =
(SamlAssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
if (samlAssertion.getSamlVersion() == SAMLVersion.VERSION_20) {
- tempTok.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ tempTok.setTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
} else {
- tempTok.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ tempTok.setTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
}
message.put(SecurityConstants.TOKEN, tempTok);
http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
index f138a1a..c738a2a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
@@ -58,6 +58,7 @@ import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.stax.ext.OutboundSecurityContext;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.ext.SecurePart.Modifier;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
/**
*
@@ -134,7 +135,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
if (sigTok != null) {
storeSecurityToken(initiatorToken, sigTok);
- outboundSecurityContext.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
+ outboundSecurityContext.remove(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
}
// Set up CallbackHandler which wraps the configured Handler
@@ -187,7 +188,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
//Check for signature protection
if (abinding.isEncryptSignature()) {
SecurePart part =
- new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element);
+ new SecurePart(new QName(XMLSecurityConstants.NS_DSIG, "Signature"), Modifier.Element);
enc.add(part);
if (signatureConfirmationAdded) {
SecurePart securePart =
@@ -261,7 +262,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
if (sigTok != null) {
storeSecurityToken(initiatorToken, sigTok);
- outboundSecurityContext.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
+ outboundSecurityContext.remove(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
}
// Set up CallbackHandler which wraps the configured Handler
@@ -299,7 +300,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
//Check for signature protection
if (abinding.isEncryptSignature()) {
SecurePart part =
- new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element);
+ new SecurePart(new QName(XMLSecurityConstants.NS_DSIG, "Signature"), Modifier.Element);
encrParts.add(part);
if (signatureConfirmationAdded) {
SecurePart securePart =
@@ -356,7 +357,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
// Action
WSSSecurityProperties properties = getProperties();
- WSSConstants.Action actionToPerform = WSSConstants.ENCRYPT;
+ WSSConstants.Action actionToPerform = XMLSecurityConstants.ENCRYPT;
if (recToken.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
actionToPerform = WSSConstants.ENCRYPT_WITH_DERIVED_KEY;
}
@@ -414,7 +415,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
// Action
WSSSecurityProperties properties = getProperties();
- WSSConstants.Action actionToPerform = WSSConstants.SIGNATURE;
+ WSSConstants.Action actionToPerform = XMLSecurityConstants.SIGNATURE;
if (wrapper.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
actionToPerform = WSSConstants.SIGNATURE_WITH_DERIVED_KEY;
}