You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by am...@apache.org on 2012/03/01 10:54:07 UTC
svn commit: r1295489 [5/5] - in /axis/axis2/java/rampart/branches/1_6: ./
modules/rampart-core/src/main/java/org/apache/rampart/
modules/rampart-core/src/main/java/org/apache/rampart/builder/
modules/rampart-core/src/main/java/org/apache/rampart/handle...
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java Thu Mar 1 09:54:05 2012
@@ -114,23 +114,11 @@ public class SAMLUtils {
String issuerKeyAlias, String issuerKeyPassword)
throws TrustException {
- X509Certificate[] issuerCerts;
- try {
- issuerCerts = crypto
- .getCertificates(issuerKeyAlias);
- } catch (WSSecurityException e) {
- log.debug("Unable to get issuer certificate for issuer alias " + issuerKeyAlias, e);
- throw new TrustException("issuerCertificateNotFound", new Object[]{issuerKeyAlias}, e);
- }
-
- if (issuerCerts == null || issuerCerts.length == 0) {
- log.debug("Unable to get issuer certificate for issuer alias " + issuerKeyAlias);
- throw new TrustException("issuerCertificateNotFound", new Object[]{issuerKeyAlias});
- }
+ X509Certificate issuerCerts = CommonUtil.getCertificateByAlias(crypto, issuerKeyAlias);
String signatureAlgorithm = XMLSignature.ALGO_ID_SIGNATURE_RSA;
- PublicKey issuerPublicKey = issuerCerts[0].getPublicKey();
+ PublicKey issuerPublicKey = issuerCerts.getPublicKey();
String publicKeyAlgorithm = issuerPublicKey.getAlgorithm();
if (publicKeyAlgorithm.equalsIgnoreCase("DSA")) {
@@ -153,7 +141,7 @@ public class SAMLUtils {
signature.setSigningCredential(signingCredential);
signature.setSignatureAlgorithm(signatureAlgorithm);
- X509Data x509Data = createX509Data(issuerCerts[0]);
+ X509Data x509Data = createX509Data(issuerCerts);
KeyInfo keyInfo = createKeyInfo(x509Data);
signature.setKeyInfo(keyInfo);
@@ -610,6 +598,7 @@ public class SAMLUtils {
+ // TODO remove keySize parameter
static WSSecEncryptedKey getSymmetricKeyBasedKeyInfoContent(Document doc,
byte[] ephemeralKey,
X509Certificate serviceCert,
@@ -626,8 +615,7 @@ public class SAMLUtils {
// SEt the encryption cert
encryptedKeyBuilder.setUseThisCert(serviceCert);
- // set keysize
- encryptedKeyBuilder.setKeySize(keySize);
+ // TODO setting keysize is removed with wss4j 1.6 migration - do we actually need this ?
encryptedKeyBuilder.setEphemeralKey(ephemeralKey);
Added: axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/SAML2TokenIssuerTest.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/SAML2TokenIssuerTest.java?rev=1295489&view=auto
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/SAML2TokenIssuerTest.java (added)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/SAML2TokenIssuerTest.java Thu Mar 1 09:54:05 2012
@@ -0,0 +1,73 @@
+/*
+ * Copyright The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rahas.impl;
+
+import junit.framework.Assert;
+import junit.framework.TestCase;
+import org.apache.axis2.context.MessageContext;
+import org.apache.rahas.RahasData;
+import org.apache.rahas.test.util.TestUtil;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.joda.time.DateTime;
+import org.w3c.dom.Document;
+
+import java.io.File;
+
+/**
+ * Test class for SAML2 token issuer.
+ */
+public class SAML2TokenIssuerTest extends TestCase {
+
+ public void testIssueToken() {
+ // TODO
+ Assert.assertTrue(true);
+ }
+
+ public void testCreateSubjectWithHolderOfKeySC() throws Exception {
+
+ // TODO Its hard to do unit testing on TokenIssuer
+ // Cos we need to construct complete message contexts with all
+ // relevant data. This is more like an integration test rather than a
+ // unit test. Therefore we need to refactor code to smaller testable units (methods)
+ // and then only write tests.
+
+ /*SAML2TokenIssuer saml2TokenIssuer = new SAML2TokenIssuer();
+
+ MessageContext messageContext = new MessageContext();
+
+ File file = new File("./sts-aar-resources/saml-issuer-config.xml");
+ Assert.assertTrue(file.exists());
+
+ SAMLTokenIssuerConfig samlTokenIssuerConfig = new SAMLTokenIssuerConfig(file.getAbsolutePath());
+ Crypto crypto = TestUtil.getCrypto();
+ DateTime creationDate = new DateTime();
+ DateTime expirationDate = new DateTime(2050, 1, 1, 0, 0, 0, 0);
+ RahasData rahasData = new RahasData(messageContext);*/
+
+ /*Document document;
+ Crypto crypto;
+ DateTime creationDate;
+ DateTime expirationDate;
+ RahasData rahasData;*/
+
+
+
+
+
+ //saml2TokenIssuer.createSubjectWithHolderOfKeySC()
+ }
+}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/util/SAMLUtilsTest.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/util/SAMLUtilsTest.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/util/SAMLUtilsTest.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/impl/util/SAMLUtilsTest.java Thu Mar 1 09:54:05 2012
@@ -27,6 +27,8 @@ import org.apache.rahas.Rahas;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.rahas.impl.AbstractIssuerConfig;
+import org.apache.rahas.test.util.TestUtil;
+import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSSecEncryptedKey;
@@ -131,7 +133,7 @@ public class SAMLUtilsTest extends TestC
Assertion assertion = getAssertion();
- SAMLUtils.signAssertion(assertion,getCrypto(), "apache", "password");
+ SAMLUtils.signAssertion(assertion, TestUtil.getCrypto(), "apache", "password");
//marshallerFactory.getMarshaller(assertion).marshall(assertion);
@@ -272,13 +274,12 @@ public class SAMLUtilsTest extends TestC
Document doc = ((Element) env).getOwnerDocument();
int keySize = 256;
- int keyComputation = AbstractIssuerConfig.KeyComputation.KEY_COMP_PROVIDE_ENT;
byte [] ephemeralKey = generateEphemeralKey(256);
WSSecEncryptedKey encryptedKey
= SAMLUtils.getSymmetricKeyBasedKeyInfoContent(doc,
- ephemeralKey, getTestCertificate(), keySize, getCrypto());
+ ephemeralKey, getTestCertificate(), keySize, TestUtil.getCrypto());
Assert.assertNotNull(encryptedKey.getEncryptedKeyElement());
printElement(encryptedKey.getEncryptedKeyElement());
@@ -297,27 +298,7 @@ public class SAMLUtilsTest extends TestC
}
}
- private static Crypto getCrypto() throws IOException {
- File file = new File("src/test/resources/crypto.config");
- Assert.assertTrue(file.exists());
-
- Properties properties = new Properties();
- try {
- properties.load(new FileInputStream(file));
- } catch (IOException e) {
- log.error("Unable to open crypto configuration file");
- throw e;
- }
-
- Crypto crypto = CryptoFactory.getInstance(properties);
-
- X509Certificate[] certificates = crypto.getCertificates("apache");
- Assert.assertEquals(certificates.length, 1);
-
- return crypto;
-
- }
private static void printElement(Element element) throws TransformerException {
@@ -327,15 +308,11 @@ public class SAMLUtilsTest extends TestC
}
}
- private static X509Certificate getTestCertificate() throws IOException {
-
- Crypto crypto = getCrypto();
-
- X509Certificate[] certificates = crypto.getCertificates("apache");
- Assert.assertEquals(certificates.length, 1);
+ private static X509Certificate getTestCertificate() throws IOException, WSSecurityException, TrustException {
- return certificates[0];
+ Crypto crypto = TestUtil.getCrypto();
+ return CommonUtil.getCertificateByAlias(crypto, "apache");
}
private static String getXMLString(Element element) throws TransformerException {
Added: axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java?rev=1295489&view=auto
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java (added)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java Thu Mar 1 09:54:05 2012
@@ -0,0 +1,61 @@
+/*
+ * Copyright The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.rahas.test.util;
+
+import junit.framework.Assert;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.impl.util.CommonUtil;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.security.cert.X509Certificate;
+import java.util.Properties;
+
+/**
+ * Utility class for tests.
+ */
+public class TestUtil {
+
+ private static final Log log = LogFactory.getLog(TestUtil.class);
+
+ public static Crypto getCrypto() throws IOException, WSSecurityException, TrustException {
+
+ File file = new File("src/test/resources/crypto.config");
+ Assert.assertTrue(file.exists());
+
+ Properties properties = new Properties();
+ try {
+ properties.load(new FileInputStream(file));
+ } catch (IOException e) {
+ log.error("Unable to open crypto configuration file");
+ throw e;
+ }
+
+ Crypto crypto = CryptoFactory.getInstance(properties);
+
+ X509Certificate[] certificates = CommonUtil.getCertificatesByAlias(crypto, "apache");
+ Assert.assertEquals(certificates.length, 1);
+
+ return crypto;
+
+ }
+}
Modified: axis/axis2/java/rampart/branches/1_6/pom.xml
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/pom.xml?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/pom.xml (original)
+++ axis/axis2/java/rampart/branches/1_6/pom.xml Thu Mar 1 09:54:05 2012
@@ -226,10 +226,6 @@
<artifactId>xalan</artifactId>
<groupId>xalan</groupId>
</exclusion>
- <!--exclusion>
- <artifactId>org.opensaml</artifactId>
- <groupId>opensaml1</groupId>
- </exclusion-->
</exclusions>
</dependency>
<dependency>
@@ -253,22 +249,6 @@
</exclusion>
</exclusions>
</dependency>
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>opensaml1</artifactId>
- <version>1.1</version>
- <exclusions>
- <!-- Don't allow OpenSAML to impose a particular logging implementation -->
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
@@ -415,7 +395,7 @@
<axis2.version>1.6.2-SNAPSHOT</axis2.version>
<axiom.version>1.2.13-SNAPSHOT</axiom.version>
- <wss4j.version>1.5.12</wss4j.version>
+ <wss4j.version>1.6.4</wss4j.version>
<opensaml.version>2.5.1-1</opensaml.version>
<bcprov.jdk15.version>140</bcprov.jdk15.version>