You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/02/16 14:58:06 UTC
svn commit: r1071255 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security:
policy/interceptors/IssuedTokenInterceptorProvider.java
trust/STSClient.java wss4j/policyhandlers/SymmetricBindingHandler.java
Author: coheigea
Date: Wed Feb 16 13:58:05 2011
New Revision: 1071255
URL: http://svn.apache.org/viewvc?rev=1071255&view=rev
Log:
Setting the TokenType on the SecurityToken
- The SymmetricBinding now sets the correct token type pointing to a SAML Assertion.
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Wed Feb 16 13:58:05 2011
@@ -53,6 +53,7 @@ import org.apache.ws.security.WSConstant
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
/**
*
@@ -257,6 +258,14 @@ public class IssuedTokenInterceptorProvi
(java.util.Date)null
);
token.setSecret(secretKey);
+ AssertionWrapper assertionWrapper =
+ (AssertionWrapper)customPrincipal.getTokenObject();
+ if (assertionWrapper != null && assertionWrapper.getSaml1() != null) {
+ token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ } else if (assertionWrapper != null
+ && assertionWrapper.getSaml2() != null) {
+ token.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ }
return token;
}
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java Wed Feb 16 13:58:05 2011
@@ -423,6 +423,7 @@ public class STSClient implements Config
boolean wroteKeySize = false;
String keyType = null;
+ String tokenType = null;
if (template != null) {
if (this.useSecondaryParameters()) {
@@ -437,6 +438,8 @@ public class STSClient implements Config
} else if ("KeySize".equals(tl.getLocalName())) {
wroteKeySize = true;
keySize = Integer.parseInt(DOMUtils.getContent(tl));
+ } else if ("TokenType".equals(tl.getLocalName())) {
+ tokenType = DOMUtils.getContent(tl);
}
tl = DOMUtils.getNextElement(tl);
}
@@ -485,6 +488,9 @@ public class STSClient implements Config
if (cert != null) {
token.setX509Certificate(cert, crypto);
}
+ if (tokenType != null) {
+ token.setTokenType(tokenType);
+ }
return token;
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java Wed Feb 16 13:58:05 2011
@@ -517,13 +517,19 @@ public class SymmetricBindingHandler ext
}
} else {
if (encrToken instanceof IssuedToken) {
- encr.setCustomReferenceValue(WSConstants.WSS_SAML_KI_VALUE_TYPE);
encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ String tokenType = encrTok.getTokenType();
+ if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
+ encr.setCustomReferenceValue(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+ } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
+ encr.setCustomReferenceValue(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+ } else {
+ encr.setCustomReferenceValue(tokenType);
+ }
}
}
- encr.prepare(saaj.getSOAPPart(),
- crypto);
+ encr.prepare(saaj.getSOAPPart(), crypto);
if (encr.getBSTTokenId() != null) {
encr.prependBSTElementToHeader(secHeader);
@@ -668,13 +674,18 @@ public class SymmetricBindingHandler ext
sig.setEncrKeySha1value(tok.getSHA1());
sig.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
}
- } else if (tok.getTokenType() != null) {
- sig.setCustomTokenValueType(tok.getTokenType());
- sig.setKeyIdentifierType(type);
} else {
- // TODO Add support for SAML2 here
- sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
- sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ String tokenType = tok.getTokenType();
+ if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+ sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
+ sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+ sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ } else {
+ sig.setCustomTokenValueType(tokenType);
+ sig.setKeyIdentifierType(type);
+ }
}
String sigTokId;