You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2018/05/15 13:11:18 UTC
svn commit: r1831633 - in /webservices/wss4j/trunk/ws-security-stax/src:
main/java/org/apache/wss4j/stax/impl/processor/output/
main/java/org/apache/wss4j/stax/setup/ test/java/org/apache/wss4j/stax/test/
Author: coheigea
Date: Tue May 15 13:11:18 2018
New Revision: 1831633
URL: http://svn.apache.org/viewvc?rev=1831633&view=rev
Log:
Some changes following Santuario updates
Modified:
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/setup/WSSec.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/ConfigurationConverterTest.java
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java?rev=1831633&r1=1831632&r2=1831633&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java Tue May 15 13:11:18 2018
@@ -77,9 +77,10 @@ public class BinarySecurityTokenOutputPr
boolean includeToken = false;
WSSecurityTokenConstants.KeyIdentifier keyIdentifier = null;
- if (WSSConstants.SIGNATURE.equals(action) || WSSConstants.SAML_TOKEN_SIGNED.equals(action)) {
+ if ((WSSConstants.SIGNATURE.equals(action) || WSSConstants.SAML_TOKEN_SIGNED.equals(action))
+ && !getSecurityProperties().getSignatureKeyIdentifiers().isEmpty()) {
includeToken = ((WSSSecurityProperties) getSecurityProperties()).isIncludeSignatureToken();
- keyIdentifier = getSecurityProperties().getSignatureKeyIdentifier();
+ keyIdentifier = getSecurityProperties().getSignatureKeyIdentifiers().get(0);
} else if (WSSConstants.ENCRYPT.equals(action)) {
includeToken = ((WSSSecurityProperties) getSecurityProperties()).isIncludeEncryptionToken();
keyIdentifier = getSecurityProperties().getEncryptionKeyIdentifier();
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java?rev=1831633&r1=1831632&r2=1831633&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java Tue May 15 13:11:18 2018
@@ -461,8 +461,8 @@ public class SAMLTokenOutputProcessor ex
private boolean includeBST() {
if (senderVouches
- && getSecurityProperties().getSignatureKeyIdentifier()
- == WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE
+ && getSecurityProperties().getSignatureKeyIdentifiers().contains(
+ WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE)
&& securityToken != null
&& !(WSSConstants.SAML_TOKEN_SIGNED.equals(action)
&& ((WSSSecurityProperties)getSecurityProperties()).isIncludeSignatureToken())) {
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java?rev=1831633&r1=1831632&r2=1831633&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java Tue May 15 13:11:18 2018
@@ -56,7 +56,7 @@ public class WSSSignatureEndingOutputPro
@Override
protected SignedInfoProcessor newSignedInfoProcessor(
- SignatureAlgorithm signatureAlgorithm, XMLSecStartElement xmlSecStartElement,
+ SignatureAlgorithm signatureAlgorithm, String signatureId, XMLSecStartElement xmlSecStartElement,
OutputProcessorChain outputProcessorChain) throws XMLSecurityException {
//we have to search for the SecurityHeaderElement for InclusiveNamespaces (same behavior as in wss-dom):
@@ -64,7 +64,7 @@ public class WSSSignatureEndingOutputPro
xmlSecStartElement = xmlSecStartElement.getParentXMLSecStartElement();
}
- this.signedInfoProcessor = new SignedInfoProcessor(signatureAlgorithm, xmlSecStartElement);
+ this.signedInfoProcessor = new SignedInfoProcessor(signatureAlgorithm, signatureId, xmlSecStartElement);
this.signedInfoProcessor.setXMLSecurityProperties(getSecurityProperties());
this.signedInfoProcessor.setAction(getAction());
this.signedInfoProcessor.addAfterProcessor(WSSSignatureEndingOutputProcessor.class.getName());
@@ -78,6 +78,7 @@ public class WSSSignatureEndingOutputPro
SignatureValueSecurityEvent signatureValueSecurityEvent = new SignatureValueSecurityEvent();
signatureValueSecurityEvent.setSignatureValue(this.signedInfoProcessor.getSignatureValue());
+ signatureValueSecurityEvent.setCorrelationID(this.signedInfoProcessor.getSignatureId());
outputProcessorChain.getSecurityContext().registerSecurityEvent(signatureValueSecurityEvent);
}
@@ -93,7 +94,10 @@ public class WSSSignatureEndingOutputPro
return;
}
- WSSecurityTokenConstants.KeyIdentifier keyIdentifier = getSecurityProperties().getSignatureKeyIdentifier();
+ WSSecurityTokenConstants.KeyIdentifier keyIdentifier = null;
+ if (!getSecurityProperties().getSignatureKeyIdentifiers().isEmpty()) {
+ keyIdentifier = getSecurityProperties().getSignatureKeyIdentifiers().get(0);
+ }
X509Certificate[] x509Certificates = securityToken.getX509Certificates();
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/setup/WSSec.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/setup/WSSec.java?rev=1831633&r1=1831632&r2=1831633&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/setup/WSSec.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/setup/WSSec.java Tue May 15 13:11:18 2018
@@ -242,7 +242,7 @@ public class WSSec {
if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
securityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
}
- if (securityProperties.getSignatureKeyIdentifier() == null) {
+ if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
}
checkDefaultSecureParts(true, securityProperties);
@@ -262,7 +262,7 @@ public class WSSec {
if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
securityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
}
- if (securityProperties.getSignatureKeyIdentifier() == null) {
+ if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
}
checkDefaultSecureParts(true, securityProperties);
@@ -273,7 +273,7 @@ public class WSSec {
if (securityProperties.getEncryptionSymAlgorithm() == null) {
securityProperties.setEncryptionSymAlgorithm(WSSConstants.NS_XENC_AES256);
}
- if (securityProperties.getSignatureKeyIdentifier() == null) {
+ if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
}
checkDefaultSecureParts(false, securityProperties);
@@ -305,7 +305,7 @@ public class WSSec {
if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
securityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
}
- if (securityProperties.getSignatureKeyIdentifier() == null) {
+ if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_IssuerSerial);
}
checkDefaultSecureParts(true, securityProperties);
@@ -324,7 +324,7 @@ public class WSSec {
if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
securityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
}
- if (securityProperties.getSignatureKeyIdentifier() == null) {
+ if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
}
if (securityProperties.getEncryptionSymAlgorithm() == null) {
Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/ConfigurationConverterTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/ConfigurationConverterTest.java?rev=1831633&r1=1831632&r2=1831633&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/ConfigurationConverterTest.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/ConfigurationConverterTest.java Tue May 15 13:11:18 2018
@@ -81,7 +81,8 @@ public class ConfigurationConverterTest
Assert.assertEquals(properties.getActions().get(0), WSSConstants.SIGNATURE);
Assert.assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
Assert.assertEquals(properties.getSignatureAlgorithm(), sigAlgo);
- Assert.assertEquals(properties.getSignatureKeyIdentifier(),
+ Assert.assertEquals(properties.getSignatureKeyIdentifiers().size(), 1);
+ Assert.assertEquals(properties.getSignatureKeyIdentifiers().get(0),
WSSecurityTokenConstants.KEYIDENTIFIER_THUMBPRINT_IDENTIFIER);
Assert.assertFalse(properties.isAddExcC14NInclusivePrefixes());
Assert.assertNotNull(properties.getSignatureCrypto());