You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/10/18 17:18:38 UTC
svn commit: r1533493 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security:
policy/interceptors/ wss4j/ wss4j/policyhandlers/
Author: coheigea
Date: Fri Oct 18 15:18:37 2013
New Revision: 1533493
URL: http://svn.apache.org/r1533493
Log:
More SecureConveration changes, already applied on 2.7.x + 2.6.x
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java?rev=1533493&r1=1533492&r2=1533493&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java Fri Oct 18 15:18:37 2013
@@ -40,7 +40,6 @@ import org.apache.cxf.security.SecurityC
import org.apache.cxf.service.Service;
import org.apache.cxf.service.invoker.Invoker;
import org.apache.cxf.service.model.BindingOperationInfo;
-import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.transport.Destination;
import org.apache.cxf.ws.addressing.MAPAggregator;
import org.apache.cxf.ws.addressing.policy.MetadataConstants;
@@ -52,8 +51,8 @@ import org.apache.cxf.ws.policy.builder.
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
-import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.cxf.ws.security.trust.STSUtils;
+import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.neethi.Assertion;
import org.apache.neethi.Policy;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
@@ -98,24 +97,7 @@ final class NegotiationUtils {
}
static TokenStore getTokenStore(Message message) {
- EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
- synchronized (info) {
- TokenStore tokenStore =
- (TokenStore)message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- if (tokenStore == null) {
- tokenStore = (TokenStore)info.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- }
- if (tokenStore == null) {
- TokenStoreFactory tokenStoreFactory = TokenStoreFactory.newInstance();
- String cacheKey = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
- if (info.getName() != null) {
- cacheKey += "-" + info.getName().toString().hashCode();
- }
- tokenStore = tokenStoreFactory.newTokenStore(cacheKey, message);
- info.setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, tokenStore);
- }
- return tokenStore;
- }
+ return WSS4JUtils.getTokenStore(message);
}
static Assertion getAddressingPolicy(AssertionInfoMap aim, boolean optional) {
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java?rev=1533493&r1=1533492&r2=1533493&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java Fri Oct 18 15:18:37 2013
@@ -40,6 +40,7 @@ import org.apache.cxf.staxutils.W3CDOMSt
import org.apache.cxf.ws.addressing.AddressingProperties;
import org.apache.cxf.ws.addressing.AttributedURIType;
import org.apache.cxf.ws.addressing.JAXWSAConstants;
+import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.trust.STSUtils;
@@ -161,6 +162,8 @@ abstract class STSInvoker implements Inv
TokenStore store = (TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
.getProperty(TokenStore.class.getName());
store.remove(cancelToken.getId());
+ // Put the token on the out message so that we can sign the response
+ exchange.getEndpoint().put(SecurityConstants.TOKEN, cancelToken);
writer.writeEmptyElement(prefix, "RequestedTokenCancelled", namespace);
writer.writeEndElement();
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java?rev=1533493&r1=1533492&r2=1533493&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java Fri Oct 18 15:18:37 2013
@@ -44,16 +44,12 @@ import org.apache.cxf.binding.soap.inter
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.common.classloader.ClassLoaderUtils.ClassLoaderHolder;
import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.PhaseInterceptor;
import org.apache.cxf.resource.ResourceManager;
-import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.ws.security.SecurityConstants;
-import org.apache.cxf.ws.security.tokenstore.TokenStore;
-import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -242,27 +238,6 @@ public abstract class AbstractWSS4JStaxI
}
}
- protected final TokenStore getTokenStore(Message message) {
- EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
- synchronized (info) {
- TokenStore tokenStore =
- (TokenStore)message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- if (tokenStore == null) {
- tokenStore = (TokenStore)info.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- }
- if (tokenStore == null) {
- TokenStoreFactory tokenStoreFactory = TokenStoreFactory.newInstance();
- String cacheKey = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
- if (info.getName() != null) {
- cacheKey += "-" + info.getName().toString().hashCode();
- }
- tokenStore = tokenStoreFactory.newTokenStore(cacheKey, message);
- info.setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, tokenStore);
- }
- return tokenStore;
- }
- }
-
public Set<URI> getRoles() {
return null;
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1533493&r1=1533492&r2=1533493&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java Fri Oct 18 15:18:37 2013
@@ -700,8 +700,8 @@ public class WSS4JInInterceptor extends
} catch (WSSecurityException sec) {
Endpoint ep = ((SoapMessage)reqData.getMsgContext()).getExchange().get(Endpoint.class);
if (ep != null && ep.getEndpointInfo() != null) {
- TokenStore store = (TokenStore)ep.getEndpointInfo()
- .getProperty(TokenStore.class.getName());
+ TokenStore store =
+ WSS4JUtils.getTokenStore((SoapMessage)reqData.getMsgContext(), false);
if (store != null) {
return new TokenStoreCallbackHandler(null, store);
}
@@ -712,7 +712,7 @@ public class WSS4JInInterceptor extends
Endpoint ep = ((SoapMessage)reqData.getMsgContext()).getExchange().get(Endpoint.class);
if (ep != null && ep.getEndpointInfo() != null) {
- TokenStore store = (TokenStore)ep.getEndpointInfo().getProperty(TokenStore.class.getName());
+ TokenStore store = WSS4JUtils.getTokenStore((SoapMessage)reqData.getMsgContext(), false);
if (store != null) {
return new TokenStoreCallbackHandler(cbHandler, store);
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java?rev=1533493&r1=1533492&r2=1533493&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java Fri Oct 18 15:18:37 2013
@@ -134,7 +134,7 @@ public class WSS4JStaxInInterceptor exte
TokenStoreCallbackHandler callbackHandler =
new TokenStoreCallbackHandler(
- secProps.getCallbackHandler(), getTokenStore(soapMessage)
+ secProps.getCallbackHandler(), WSS4JUtils.getTokenStore(soapMessage)
);
secProps.setCallbackHandler(callbackHandler);
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java?rev=1533493&r1=1533492&r2=1533493&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java Fri Oct 18 15:18:37 2013
@@ -140,6 +140,10 @@ public final class WSS4JUtils {
}
public static TokenStore getTokenStore(Message message) {
+ return getTokenStore(message, true);
+ }
+
+ public static TokenStore getTokenStore(Message message, boolean create) {
EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
synchronized (info) {
TokenStore tokenStore =
@@ -147,7 +151,7 @@ public final class WSS4JUtils {
if (tokenStore == null) {
tokenStore = (TokenStore)info.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
}
- if (tokenStore == null) {
+ if (create && tokenStore == null) {
TokenStoreFactory tokenStoreFactory = TokenStoreFactory.newInstance();
String cacheKey = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
if (info.getName() != null) {
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1533493&r1=1533492&r2=1533493&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Fri Oct 18 15:18:37 2013
@@ -75,7 +75,7 @@ import org.apache.cxf.ws.policy.PolicyEx
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
-import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
+import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.cxf.wsdl.WSDLConstants;
import org.apache.neethi.Assertion;
import org.apache.wss4j.common.WSEncryptionPart;
@@ -408,24 +408,7 @@ public abstract class AbstractBindingBui
}
protected final TokenStore getTokenStore() {
- EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
- synchronized (info) {
- TokenStore tokenStore =
- (TokenStore)message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- if (tokenStore == null) {
- tokenStore = (TokenStore)info.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- }
- if (tokenStore == null) {
- TokenStoreFactory tokenStoreFactory = TokenStoreFactory.newInstance();
- String cacheKey = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
- if (info.getName() != null) {
- cacheKey += "-" + info.getName().toString().hashCode();
- }
- tokenStore = tokenStoreFactory.newTokenStore(cacheKey, message);
- info.setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, tokenStore);
- }
- return tokenStore;
- }
+ return WSS4JUtils.getTokenStore(message);
}
protected WSSecTimestamp createTimestamp() {