You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by ru...@apache.org on 2013/01/30 21:03:42 UTC
svn commit: r1440633 - in
/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart:
PolicyBasedResultsValidator.java errors.properties
Author: ruchithf
Date: Wed Jan 30 20:03:41 2013
New Revision: 1440633
URL: http://svn.apache.org/viewvc?rev=1440633&view=rev
Log:
Validating password type included in the username token
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java?rev=1440633&r1=1440632&r2=1440633&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java Wed Jan 30 20:03:41 2013
@@ -39,7 +39,6 @@ import org.jaxen.JaxenException;
import javax.xml.namespace.QName;
import java.math.BigInteger;
-import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.*;
@@ -317,9 +316,19 @@ public class PolicyBasedResultsValidator
UsernameToken ut = (UsernameToken) token;
//Check presence of a UsernameToken
WSSecurityEngineResult utResult = WSSecurityUtil.fetchActionResult(results, WSConstants.UT);
+
if (utResult == null && !ut.isOptional()) {
throw new RampartException("usernameTokenMissing");
}
+
+ org.apache.ws.security.message.token.UsernameToken wssUt =
+ (org.apache.ws.security.message.token.UsernameToken) utResult.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
+ if(ut.isHashPassword() && !wssUt.getPasswordType().equals(WSConstants.PASSWORD_DIGEST)) {
+ throw new RampartException("invalidUsernameTokenType");
+ } else if (!wssUt.getPasswordType().equals(WSConstants.PASSWORD_TEXT)) {
+ throw new RampartException("invalidUsernameTokenType");
+ }
+
} else if (token instanceof IssuedToken) {
//TODO is is enough to check for ST_UNSIGNED results ??
Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1440633&r1=1440632&r2=1440633&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties Wed Jan 30 20:03:41 2013
@@ -103,4 +103,4 @@ repeatingNonceValue = Nonce value : {0},
invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart configuration file.
invalidIssuerAddress = Invalid value for Issuer
invalidSignatureAlgo=Invalid signature algorithm for Asymmetric binding
-
+invalidUsernameTokenType = Invalid UsernameToken Type.