You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/12/09 18:00:12 UTC
svn commit: r1549617 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers:
AbstractStaxBindingHandler.java StaxAsymmetricBindingHandler.java
StaxSymmetricBindingHandler.java
Author: coheigea
Date: Mon Dec 9 17:00:12 2013
New Revision: 1549617
URL: http://svn.apache.org/r1549617
Log:
Minor refactor
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1549617&r1=1549616&r2=1549617&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java Mon Dec 9 17:00:12 2013
@@ -86,7 +86,6 @@ import org.apache.wss4j.policy.model.X50
import org.apache.wss4j.policy.model.X509Token.TokenType;
import org.apache.wss4j.policy.model.XPath;
import org.apache.wss4j.policy.stax.PolicyUtils;
-import org.apache.wss4j.stax.ConfigurationConverter;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSConstants.UsernameTokenPasswordType;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
@@ -142,8 +141,7 @@ public abstract class AbstractStaxBindin
}
// Action
- WSSConstants.Action actionToPerform = WSSConstants.USERNAMETOKEN;
- properties.addAction(actionToPerform);
+ properties.addAction(WSSConstants.USERNAMETOKEN);
// Password Type
PasswordType passwordType = usernameToken.getPasswordType();
@@ -254,8 +252,7 @@ public abstract class AbstractStaxBindin
}
// Action
- WSSConstants.Action actionToPerform = WSSConstants.KERBEROS_TOKEN;
- properties.addAction(actionToPerform);
+ properties.addAction(WSSConstants.KERBEROS_TOKEN);
/*
if (endorsing) {
@@ -510,8 +507,7 @@ public abstract class AbstractStaxBindin
}
}
- properties.setSignatureKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier(getKeyIdentifierType(wrapper, token)));
+ properties.setSignatureKeyIdentifier(getKeyIdentifierType(wrapper, token));
// Find out do we also need to include the token as per the Inclusion requirement
WSSecurityTokenConstants.KeyIdentifier keyIdentifier = properties.getSignatureKeyIdentifier();
@@ -549,20 +545,21 @@ public abstract class AbstractStaxBindin
}
- protected String getKeyIdentifierType(AbstractTokenWrapper wrapper, AbstractToken token) {
-
- String identifier = null;
+ protected WSSecurityTokenConstants.KeyIdentifier getKeyIdentifierType(
+ AbstractTokenWrapper wrapper, AbstractToken token
+ ) {
+ WSSecurityTokenConstants.KeyIdentifier identifier = null;
if (token instanceof X509Token) {
X509Token x509Token = (X509Token)token;
if (x509Token.isRequireIssuerSerialReference()) {
- identifier = "IssuerSerial";
+ identifier = WSSecurityTokenConstants.KeyIdentifier_IssuerSerial;
} else if (x509Token.isRequireKeyIdentifierReference()) {
- identifier = "SKIKeyIdentifier";
+ identifier = WSSecurityTokenConstants.KeyIdentifier_SkiKeyIdentifier;
} else if (x509Token.isRequireThumbprintReference()) {
- identifier = "Thumbprint";
+ identifier = WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier;
}
} else if (token instanceof KeyValueToken) {
- identifier = "KeyValue";
+ identifier = WSSecurityTokenConstants.KeyIdentifier_KeyValue;
}
if (identifier != null) {
@@ -572,18 +569,18 @@ public abstract class AbstractStaxBindin
if (token.getIncludeTokenType() == IncludeTokenType.INCLUDE_TOKEN_NEVER) {
Wss10 wss = getWss10();
if (wss == null || wss.isMustSupportRefKeyIdentifier()) {
- return "SKIKeyIdentifier";
+ return WSSecurityTokenConstants.KeyIdentifier_SkiKeyIdentifier;
} else if (wss.isMustSupportRefIssuerSerial()) {
- return "IssuerSerial";
+ return WSSecurityTokenConstants.KeyIdentifier_IssuerSerial;
} else if (wss instanceof Wss11
&& ((Wss11) wss).isMustSupportRefThumbprint()) {
- return "Thumbprint";
+ return WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier;
}
} else {
- return "DirectReference";
+ return WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference;
}
- return "IssuerSerial";
+ return WSSecurityTokenConstants.KeyIdentifier_IssuerSerial;
}
protected Map<AbstractToken, SecurePart> handleSupportingTokens(
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1549617&r1=1549616&r2=1549617&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java Mon Dec 9 17:00:12 2013
@@ -51,7 +51,6 @@ import org.apache.wss4j.policy.model.Sec
import org.apache.wss4j.policy.model.SecurityContextToken;
import org.apache.wss4j.policy.model.SpnegoContextToken;
import org.apache.wss4j.policy.model.X509Token;
-import org.apache.wss4j.stax.ConfigurationConverter;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.xml.security.stax.ext.SecurePart;
@@ -358,8 +357,7 @@ public class StaxAsymmetricBindingHandle
properties.addEncryptionPart(encPart);
}
- properties.setEncryptionKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier(getKeyIdentifierType(recToken, encrToken)));
+ properties.setEncryptionKeyIdentifier(getKeyIdentifierType(recToken, encrToken));
properties.setEncryptionKeyTransportAlgorithm(
algorithmSuite.getAlgorithmSuiteType().getAsymmetricKeyWrap());
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1549617&r1=1549616&r2=1549617&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java Mon Dec 9 17:00:12 2013
@@ -57,10 +57,10 @@ import org.apache.wss4j.policy.model.Spn
import org.apache.wss4j.policy.model.SymmetricBinding;
import org.apache.wss4j.policy.model.UsernameToken;
import org.apache.wss4j.policy.model.X509Token;
-import org.apache.wss4j.stax.ConfigurationConverter;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.SecurePart;
@@ -398,10 +398,10 @@ public class StaxSymmetricBindingHandler
actionToPerform = WSSConstants.ENCRYPT_WITH_DERIVED_KEY;
if (MessageUtils.isRequestor(message) && recToken.getToken() instanceof X509Token) {
properties.setDerivedKeyTokenReference(
- ConfigurationConverter.convertDerivedReference("EncryptedKey"));
+ WSSConstants.DerivedKeyTokenReference.EncryptedKey);
} else {
properties.setDerivedKeyTokenReference(
- ConfigurationConverter.convertDerivedReference("DirectReference"));
+ WSSConstants.DerivedKeyTokenReference.DirectReference);
}
AlgorithmSuiteType algSuiteType = sbinding.getAlgorithmSuite().getAlgorithmSuiteType();
properties.setDerivedEncryptionKeyLength(
@@ -419,33 +419,31 @@ public class StaxSymmetricBindingHandler
properties.addAction(actionToPerform);
if (isRequestor()) {
- properties.setEncryptionKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier(
- getKeyIdentifierType(recToken, encrToken)));
+ properties.setEncryptionKeyIdentifier(getKeyIdentifierType(recToken, encrToken));
properties.setDerivedKeyKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
} else if (recToken.getToken() instanceof KerberosToken && !isRequestor()) {
properties.setEncryptionKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("KerberosSHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_KerberosSha1Identifier);
properties.setDerivedKeyKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("KerberosSHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_KerberosSha1Identifier);
if (recToken.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
properties.setEncryptionKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
}
} else if ((recToken.getToken() instanceof IssuedToken
|| recToken.getToken() instanceof SecureConversationToken
|| recToken.getToken() instanceof SpnegoContextToken) && !isRequestor()) {
properties.setEncryptionKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
} else {
properties.setEncryptionKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("EncryptedKeySHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_EncryptedKeySha1Identifier);
if (recToken.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
properties.setDerivedKeyKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("EncryptedKeySHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_EncryptedKeySha1Identifier);
properties.setEncryptionKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
properties.setEncryptSymmetricEncryptionKey(false);
}
}
@@ -485,10 +483,10 @@ public class StaxSymmetricBindingHandler
actionToPerform = WSSConstants.SIGNATURE_WITH_DERIVED_KEY;
if (MessageUtils.isRequestor(message) && policyToken instanceof X509Token) {
properties.setDerivedKeyTokenReference(
- ConfigurationConverter.convertDerivedReference("EncryptedKey"));
+ WSSConstants.DerivedKeyTokenReference.EncryptedKey);
} else {
properties.setDerivedKeyTokenReference(
- ConfigurationConverter.convertDerivedReference("DirectReference"));
+ WSSConstants.DerivedKeyTokenReference.DirectReference);
}
AlgorithmSuiteType algSuiteType = sbinding.getAlgorithmSuite().getAlgorithmSuiteType();
properties.setDerivedSignatureKeyLength(
@@ -532,31 +530,31 @@ public class StaxSymmetricBindingHandler
properties.setIncludeSignatureToken(false);
if (isRequestor()) {
properties.setSignatureKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("EncryptedKey"));
+ WSSecurityTokenConstants.KeyIdentifier_EncryptedKey);
} else {
properties.setSignatureKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("EncryptedKeySHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_EncryptedKeySha1Identifier);
if (wrapper.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
properties.setDerivedKeyKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("EncryptedKeySHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_EncryptedKeySha1Identifier);
properties.setSignatureKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
}
}
} else if (policyToken instanceof KerberosToken) {
if (isRequestor()) {
properties.setDerivedKeyKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
} else {
if (wrapper.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
properties.setSignatureKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
} else {
properties.setSignatureKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("KerberosSHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_KerberosSha1Identifier);
}
properties.setDerivedKeyKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("KerberosSHA1"));
+ WSSecurityTokenConstants.KeyIdentifier_KerberosSha1Identifier);
}
} else if (policyToken instanceof IssuedToken || policyToken instanceof SecurityContextToken
|| policyToken instanceof SecureConversationToken || policyToken instanceof SpnegoContextToken) {
@@ -566,7 +564,7 @@ public class StaxSymmetricBindingHandler
properties.setIncludeSignatureToken(true);
}
properties.setDerivedKeyKeyIdentifier(
- ConfigurationConverter.convertKeyIdentifier("DirectReference"));
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
}
if (sigToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {