You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2009/02/26 13:47:45 UTC
svn commit: r748120 [1/2] - in
/webservices/wss4j/trunk/src/org/apache/ws/security: components/crypto/
message/ message/token/ util/
Author: coheigea
Date: Thu Feb 26 12:47:45 2009
New Revision: 748120
URL: http://svn.apache.org/viewvc?rev=748120&view=rev
Log:
WSS-157 - Remove spurios calls to MessageDigest.reset()
- Some code cleanup as well.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecBase.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKSign.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecHeader.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSecurityContextToken.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignatureConfirmation.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecTimestamp.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecUsernameToken.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/token/UsernameToken.java
webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java Thu Feb 26 12:47:45 2009
@@ -434,6 +434,7 @@
try {
sha = MessageDigest.getInstance("SHA-1");
+ sha.reset();
} catch (NoSuchAlgorithmException e) {
throw new WSSecurityException(
WSSecurityException.FAILURE, "noSHA1availabe", null, e
@@ -455,7 +456,6 @@
if (!(cert instanceof X509Certificate)) {
continue;
}
- sha.reset();
try {
sha.update(cert.getEncoded());
} catch (CertificateEncodingException ex) {
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecBase.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecBase.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecBase.java Thu Feb 26 12:47:45 2009
@@ -55,8 +55,7 @@
/**
* Set which parts of the message to encrypt/sign. <p/>
*
- * @param parts
- * The vector containing the WSEncryptionPart objects
+ * @param parts The vector containing the WSEncryptionPart objects
*/
public void setParts(Vector parts) {
this.parts = parts;
@@ -109,17 +108,19 @@
* value of the <code>wsu:Id</code> attribute is returned. Otherwise the
* method generates a new <code>wsu:Id</code> and an appropriate value.
*
- * @param doc
- * The SOAP envelope as <code>Document</code>
+ * @param doc The SOAP envelope as <code>Document</code>
* @return The value of the <code>wsu:Id</code> attribute of the SOAP body
* @throws Exception
*/
protected String setBodyID(Document doc) throws Exception {
- SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
- .getDocumentElement());
- Element bodyElement = (Element) WSSecurityUtil.getDirectChild(doc
- .getFirstChild(), soapConstants.getBodyQName().getLocalPart(),
- soapConstants.getEnvelopeURI());
+ SOAPConstants soapConstants =
+ WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ Element bodyElement =
+ (Element) WSSecurityUtil.getDirectChild(
+ doc.getFirstChild(),
+ soapConstants.getBodyQName().getLocalPart(),
+ soapConstants.getEnvelopeURI()
+ );
if (bodyElement == null) {
throw new Exception("SOAP Body Element node not found");
}
@@ -127,13 +128,12 @@
}
protected String setWsuId(Element bodyElement) {
- String id = null;
- id = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id");
+ String id = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id");
if ((id == null) || (id.length() == 0)) {
id = "id-" + Integer.toString(bodyElement.hashCode());
- String prefix = WSSecurityUtil.setNamespace(bodyElement,
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ String prefix =
+ WSSecurityUtil.setNamespace(bodyElement, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
bodyElement.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id);
}
return id;
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java Thu Feb 26 12:47:45 2009
@@ -48,25 +48,27 @@
protected String symEncAlgo = WSConstants.AES_128;
public Document build(Document doc, WSSecHeader secHeader)
- throws WSSecurityException, ConversationException {
+ throws WSSecurityException, ConversationException {
- /*
- * Setup the encrypted key
- */
+ //
+ // Setup the encrypted key
+ //
prepare(doc);
-
this.envelope = doc.getDocumentElement();
- /*
- * prepend elements in the right order to the security header
- */
+ //
+ // prepend elements in the right order to the security header
+ //
prependDKElementToHeader(secHeader);
SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(envelope);
if (parts == null) {
parts = new Vector();
- WSEncryptionPart encP = new WSEncryptionPart(soapConstants
- .getBodyQName().getLocalPart(), soapConstants
- .getEnvelopeURI(), "Content");
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ soapConstants.getBodyQName().getLocalPart(),
+ soapConstants.getEnvelopeURI(),
+ "Content"
+ );
parts.add(encP);
}
Element externRefList = encryptForExternalRef(null, parts);
@@ -75,21 +77,21 @@
return doc;
}
- private Vector doEncryption(Document doc, byte[] secretKey, Vector references) throws WSSecurityException {
+ private Vector doEncryption(Document doc, byte[] secretKey, Vector references)
+ throws WSSecurityException {
SecretKey key = WSSecurityUtil.prepareSecretKey(this.symEncAlgo, secretKey);
-
XMLCipher xmlCipher = null;
try {
xmlCipher = XMLCipher.getInstance(symEncAlgo);
} catch (XMLEncryptionException e3) {
throw new WSSecurityException(
- WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e3);
+ WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e3
+ );
}
Vector encDataRefs = new Vector();
-
- if(envelope == null) {
+ if (envelope == null) {
envelope = doc.getDocumentElement();
}
@@ -97,38 +99,40 @@
WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
String idToEnc = encPart.getId();
-
String elemName = encPart.getName();
String nmSpace = encPart.getNamespace();
String modifier = encPart.getEncModifier();
- /*
- * Third step: get the data to encrypt.
- */
+ //
+ // Third step: get the data to encrypt.
+ //
Element body = null;
if (idToEnc != null) {
- body = WSSecurityUtil.findElementById(document
- .getDocumentElement(), idToEnc, WSConstants.WSU_NS);
+ body =
+ WSSecurityUtil.findElementById(
+ document.getDocumentElement(), idToEnc, WSConstants.WSU_NS
+ );
if (body == null) {
- body = WSSecurityUtil.findElementById(document
- .getDocumentElement(), idToEnc, null);
+ body =
+ WSSecurityUtil.findElementById(document.getDocumentElement(), idToEnc, null);
}
} else {
- body = (Element) WSSecurityUtil.findElement(envelope, elemName,
- nmSpace);
+ body = (Element) WSSecurityUtil.findElement(envelope, elemName, nmSpace);
}
if (body == null) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "noEncElement", new Object[] { "{" + nmSpace + "}"
- + elemName });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noEncElement",
+ new Object[] {"{" + nmSpace + "}" + elemName}
+ );
}
boolean content = modifier.equals("Content") ? true : false;
String xencEncryptedDataId = "EncDataId-" + body.hashCode();
- /*
- * Fourth step: encrypt data, and set necessary attributes in
- * xenc:EncryptedData
- */
+ //
+ // Fourth step: encrypt data, and set necessary attributes in
+ // xenc:EncryptedData
+ //
try {
// Create the SecurityTokenRef to the DKT
KeyInfo keyInfo = new KeyInfo(document);
@@ -139,8 +143,9 @@
keyInfo.addUnknownElement(secToken.getElement());
Element keyInfoElement = keyInfo.getElement();
- keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
+ keyInfoElement.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS
+ );
xmlCipher.init(XMLCipher.ENCRYPT_MODE, key);
EncryptedData encData = xmlCipher.getEncryptedData();
@@ -149,7 +154,8 @@
xmlCipher.doFinal(doc, body, content);
} catch (Exception e2) {
throw new WSSecurityException(
- WSSecurityException.FAILED_ENCRYPTION, null, null, e2);
+ WSSecurityException.FAILED_ENCRYPTION, null, null, e2
+ );
}
encDataRefs.add(new String("#" + xencEncryptedDataId));
}
@@ -166,31 +172,27 @@
* This method can be called after <code>prepare()</code> and can be
* called multiple times to encrypt a number of parts or elements.
*
- * </p>
- *
* The method generates a <code>xenc:Reference</code> element that <i>must</i>
* be added to the SecurityHeader. See <code>addExternalRefElement()</code>.
*
- * </p>
- *
* If the <code>dataRef</code> parameter is <code>null</code> the method
* creates and initializes a new Reference element.
*
- * @param dataRef
- * A <code>xenc:Reference</code> element or <code>null</code>
- * @param references
- * A vector containing WSEncryptionPart objects
+ * @param dataRef A <code>xenc:Reference</code> element or <code>null</code>
+ * @param references A vector containing WSEncryptionPart objects
* @return Returns the updated <code>xenc:Reference</code> element
* @throws WSSecurityException
*/
public Element encryptForExternalRef(Element dataRef, Vector references)
- throws WSSecurityException {
+ throws WSSecurityException {
Vector encDataRefs = doEncryption(document, derivedKeyBytes, references);
Element referenceList = dataRef;
if (referenceList == null) {
- referenceList = document.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":ReferenceList");
+ referenceList =
+ document.createElementNS(
+ WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":ReferenceList"
+ );
}
createDataRefList(document, referenceList, encDataRefs);
return referenceList;
@@ -203,10 +205,8 @@
* <code>encryptForExternalRef() </code> method. The method adds the
* reference element in the SecurityHeader.
*
- * @param referenceList
- * The external <code>enc:Reference</code> element
- * @param secHeader
- * The security header.
+ * @param referenceList The external <code>enc:Reference</code> element
+ * @param secHeader The security header.
*/
public void addExternalRefElement(Element referenceList, WSSecHeader secHeader) {
Node node = dkt.getElement().getNextSibling();
@@ -219,12 +219,13 @@
}
}
- public static Element createDataRefList(Document doc,
- Element referenceList, Vector encDataRefs) {
+ public static Element createDataRefList(Document doc, Element referenceList, Vector encDataRefs) {
for (int i = 0; i < encDataRefs.size(); i++) {
String dataReferenceUri = (String) encDataRefs.get(i);
- Element dataReference = doc.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":DataReference");
+ Element dataReference =
+ doc.createElementNS(
+ WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":DataReference"
+ );
dataReference.setAttributeNS(null, "URI", dataReferenceUri);
referenceList.appendChild(dataReference);
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKSign.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKSign.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKSign.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKSign.java Thu Feb 26 12:47:45 2009
@@ -82,64 +82,56 @@
public Document build(Document doc, WSSecHeader secHeader)
- throws WSSecurityException, ConversationException {
+ throws WSSecurityException, ConversationException {
this.prepare(doc, secHeader);
-
- SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
- .getDocumentElement());
+ SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
if (parts == null) {
parts = new Vector();
- WSEncryptionPart encP = new WSEncryptionPart(soapConstants
- .getBodyQName().getLocalPart(), soapConstants
- .getEnvelopeURI(), "Content");
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ soapConstants.getBodyQName().getLocalPart(),
+ soapConstants.getEnvelopeURI(),
+ "Content"
+ );
parts.add(encP);
}
addReferencesToSign(parts, secHeader);
-
this.computeSignature();
-
this.prependSigToHeader(secHeader);
- /*
- * prepend elements in the right order to the security header
- */
+ //
+ // prepend elements in the right order to the security header
+ //
this.prependDKElementToHeader(secHeader);
return doc;
}
public void prepare(Document doc, WSSecHeader secHeader)
- throws WSSecurityException, ConversationException {
+ throws WSSecurityException, ConversationException {
super.prepare(doc);
-
wsDocInfo = new WSDocInfo(doc.hashCode());
- /*
- * Get an initialize a XMLSignature element.
- */
+ //
+ // Get and initialize a XMLSignature element.
+ //
if (canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) {
- Element canonElem = XMLUtils.createElementInSignatureSpace(doc,
- Constants._TAG_CANONICALIZATIONMETHOD);
+ Element canonElem =
+ XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD);
canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, canonAlgo);
if (wssConfig.isWsiBSPCompliant()) {
- Set prefixes = getInclusivePrefixes(secHeader
- .getSecurityHeader(), false);
-
- InclusiveNamespaces inclusiveNamespaces = new InclusiveNamespaces(
- doc, prefixes);
-
+ Set prefixes = getInclusivePrefixes(secHeader.getSecurityHeader(), false);
+ InclusiveNamespaces inclusiveNamespaces = new InclusiveNamespaces(doc, prefixes);
canonElem.appendChild(inclusiveNamespaces.getElement());
}
try {
- SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(
- doc, sigAlgo);
- sig = new XMLSignature(doc, null, signatureAlgorithm
- .getElement(), canonElem);
+ SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(doc, sigAlgo);
+ sig = new XMLSignature(doc, null, signatureAlgorithm.getElement(), canonElem);
} catch (XMLSecurityException e) {
log.error("", e);
throw new WSSecurityException(
@@ -192,8 +184,10 @@
for (int i = 0; i < attributes.getLength(); i++) {
attribute = attributes.item(i);
if (attribute.getNamespaceURI() != null
- && attribute.getNamespaceURI().equals(
- org.apache.ws.security.WSConstants.XMLNS_NS)) {
+ && attribute.getNamespaceURI().equals(
+ org.apache.ws.security.WSConstants.XMLNS_NS
+ )
+ ) {
if (attribute.getNodeName().equals("xmlns")) {
result.add("#default");
} else {
@@ -208,8 +202,10 @@
for (int i = 0; i < attributes.getLength(); i++) {
attribute = attributes.item(i);
if (attribute.getNamespaceURI() != null
- && attribute.getNamespaceURI().equals(
- org.apache.ws.security.WSConstants.XMLNS_NS)) {
+ && attribute.getNamespaceURI().equals(
+ org.apache.ws.security.WSConstants.XMLNS_NS
+ )
+ ) {
if (attribute.getNodeName().equals("xmlns")) {
result.remove("#default");
} else {
@@ -239,16 +235,14 @@
* times to add references as required. <code>addReferencesToSign()</code>
* can be called any time after <code>prepare</code>.
*
- * @param references
- * A vector containing <code>WSEncryptionPart</code> objects
- * that define the parts to sign.
- * @param secHeader
- * Used to compute namespaces to be inserted by
- * InclusiveNamespaces to be WSI compliant.
+ * @param references A vector containing <code>WSEncryptionPart</code> objects
+ * that define the parts to sign.
+ * @param secHeader Used to compute namespaces to be inserted by
+ * InclusiveNamespaces to be WSI compliant.
* @throws WSSecurityException
*/
public void addReferencesToSign(Vector references, WSSecHeader secHeader)
- throws WSSecurityException {
+ throws WSSecurityException {
Transforms transforms = null;
Element envel = document.getDocumentElement();
@@ -257,45 +251,44 @@
WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
String idToSign = encPart.getId();
-
String elemName = encPart.getName();
String nmSpace = encPart.getNamespace();
- /*
- * Set up the elements to sign. There are two reserved element
- * names: "Token" and "STRTransform" "Token": Setup the Signature to
- * either sign the information that points to the security token or
- * the token itself. If its a direct reference sign the token,
- * otherwise sign the KeyInfo Element. "STRTransform": Setup the
- * ds:Reference to use STR Transform
- *
- */
+ //
+ // Set up the elements to sign. There are two reserved element
+ // names: "Token" and "STRTransform" "Token": Setup the Signature to
+ // either sign the information that points to the security token or
+ // the token itself. If its a direct reference sign the token,
+ // otherwise sign the KeyInfo Element. "STRTransform": Setup the
+ // ds:Reference to use STR Transform
+ //
transforms = new Transforms(document);
try {
if (idToSign != null) {
- Element toSignById = WSSecurityUtil.findElementById(
- document.getDocumentElement(), idToSign,
- WSConstants.WSU_NS);
+ Element toSignById =
+ WSSecurityUtil.findElementById(
+ document.getDocumentElement(), idToSign, WSConstants.WSU_NS);
if (toSignById == null) {
- toSignById = WSSecurityUtil.findElementById(document
- .getDocumentElement(), idToSign, null);
+ toSignById =
+ WSSecurityUtil.findElementById(
+ document.getDocumentElement(), idToSign, null
+ );
}
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
if (wssConfig.isWsiBSPCompliant()) {
transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(toSignById))
- .getElement());
+ new InclusiveNamespaces(
+ document, getInclusivePrefixes(toSignById)).getElement()
+ );
}
sig.addDocument("#" + idToSign, transforms);
} else if (elemName.equals("Token")) {
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
if (wssConfig.isWsiBSPCompliant()) {
transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(keyInfo
- .getElement()))
- .getElement());
+ new InclusiveNamespaces(document,
+ getInclusivePrefixes(keyInfo.getElement())).getElement()
+ );
}
sig.addDocument("#" + keyInfoUri, transforms);
} else if (elemName.equals("STRTransform")) { // STRTransform
@@ -303,73 +296,78 @@
transforms.addTransform(STRTransform.implementedTransformURI, ctx);
sig.addDocument("#" + strUri, transforms);
} else if (elemName.equals("Assertion")) { // Assertion
+ String id = SAMLUtil.getAssertionId(envel, elemName, nmSpace);
- String id = null;
- id = SAMLUtil.getAssertionId(envel, elemName, nmSpace);
-
- Element body = (Element) WSSecurityUtil.findElement(
- envel, elemName, nmSpace);
+ Element body =
+ (Element) WSSecurityUtil.findElement(envel, elemName, nmSpace);
if (body == null) {
throw new WSSecurityException(
- WSSecurityException.FAILURE, "noEncElement",
- new Object[] { nmSpace + ", " + elemName });
+ WSSecurityException.FAILURE,
+ "noEncElement",
+ new Object[] {nmSpace + ", " + elemName}
+ );
}
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
if (wssConfig.isWsiBSPCompliant()) {
transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(body))
- .getElement());
+ new InclusiveNamespaces(
+ document, getInclusivePrefixes(body)).getElement()
+ );
}
- String prefix = WSSecurityUtil.setNamespace(body,
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ String prefix =
+ WSSecurityUtil.setNamespace(body, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
body.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id);
sig.addDocument("#" + id, transforms);
} else {
- Element body = (Element) WSSecurityUtil.findElement(
- envel, elemName, nmSpace);
+ Element body = (Element) WSSecurityUtil.findElement(envel, elemName, nmSpace);
if (body == null) {
throw new WSSecurityException(
- WSSecurityException.FAILURE, "noEncElement",
- new Object[] { nmSpace + ", " + elemName });
+ WSSecurityException.FAILURE,
+ "noEncElement",
+ new Object[] {nmSpace + ", " + elemName}
+ );
}
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
if (wssConfig.isWsiBSPCompliant()) {
transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(body))
- .getElement());
+ new InclusiveNamespaces(
+ document, getInclusivePrefixes(body)).getElement()
+ );
}
sig.addDocument("#" + setWsuId(body), transforms);
}
} catch (TransformationException e1) {
throw new WSSecurityException(
- WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null,
- e1);
+ WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1
+ );
} catch (XMLSignatureException e1) {
throw new WSSecurityException(
- WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null,
- e1);
+ WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1
+ );
}
}
}
protected Element createSTRParameter(Document doc) {
- Element transformParam = doc.createElementNS(WSConstants.WSSE_NS,
- WSConstants.WSSE_PREFIX + ":TransformationParameters");
+ Element transformParam =
+ doc.createElementNS(
+ WSConstants.WSSE_NS,
+ WSConstants.WSSE_PREFIX + ":TransformationParameters"
+ );
+
+ WSSecurityUtil.setNamespace(
+ transformParam, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX
+ );
+
+ Element canonElem =
+ doc.createElementNS(
+ WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":CanonicalizationMethod"
+ );
- WSSecurityUtil.setNamespace(transformParam, WSConstants.WSSE_NS,
- WSConstants.WSSE_PREFIX);
+ WSSecurityUtil.setNamespace(canonElem, WSConstants.SIG_NS, WSConstants.SIG_PREFIX);
- Element canonElem = doc.createElementNS(WSConstants.SIG_NS,
- WSConstants.SIG_PREFIX + ":CanonicalizationMethod");
-
- WSSecurityUtil.setNamespace(canonElem, WSConstants.SIG_NS,
- WSConstants.SIG_PREFIX);
-
- canonElem.setAttributeNS(null, "Algorithm",
- Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ canonElem.setAttributeNS(null, "Algorithm", Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
transformParam.appendChild(canonElem);
return transformParam;
}
@@ -383,8 +381,7 @@
* This allows to insert the Signature element at any position in the
* Security header.
*
- * @param secHeader
- * The secHeader that holds the Signature element.
+ * @param secHeader The secHeader that holds the Signature element.
*/
public void prependSigToHeader(WSSecHeader secHeader) {
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), sig.getElement());
@@ -419,15 +416,16 @@
sig.sign(sig.createSecretKey(derivedKeyBytes));
signatureValue = sig.getSignatureValue();
} catch (XMLSignatureException e1) {
- throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE,
- null, null, e1);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_SIGNATURE, null, null, e1
+ );
} catch (Exception e1) {
- throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE,
- null, null, e1);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_SIGNATURE, null, null, e1
+ );
} finally {
WSDocInfoStore.delete(wsDocInfo);
}
-
}
/**
@@ -457,8 +455,7 @@
* XML Canonicalization is used by default Refer to WSConstants which
* algorithms are supported.
*
- * @param algo
- * Is the name of the signature algorithm
+ * @param algo Is the name of the signature algorithm
* @see WSConstants#C14N_OMIT_COMMENTS
* @see WSConstants#C14N_WITH_COMMENTS
* @see WSConstants#C14N_EXCL_OMIT_COMMENTS
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java Thu Feb 26 12:47:45 2009
@@ -106,8 +106,7 @@
/**
* @param ephemeralKey The ephemeralKey to set.
*/
- public void setExternalKey(byte[] ephemeralKey,
- String tokenIdentifier) {
+ public void setExternalKey(byte[] ephemeralKey, String tokenIdentifier) {
this.ephemeralKey = ephemeralKey;
this.tokenIdentifier = tokenIdentifier;
}
@@ -115,8 +114,7 @@
/**
* @param ephemeralKey The ephemeralKey to set.
*/
- public void setExternalKey(byte[] ephemeralKey,
- Element strElem) {
+ public void setExternalKey(byte[] ephemeralKey, Element strElem) {
this.ephemeralKey = ephemeralKey;
this.strElem = strElem;
}
@@ -164,22 +162,18 @@
* derived token using the ephemeral key. After preparation references
* can be added, encrypted and signed as required.
*
- * </p>
- *
* This method does not add any element to the security header. This must be
* done explicitly.
*
- * @param doc
- * The unsigned SOAP envelope as <code>Document</code>
+ * @param doc The unsigned SOAP envelope as <code>Document</code>
* @throws WSSecurityException
*/
- public void prepare(Document doc)
- throws WSSecurityException, ConversationException {
+ public void prepare(Document doc) throws WSSecurityException, ConversationException {
document = doc;
- //Create the derived keys
- //At this point figure out the key length according to the symencAlgo
+ // Create the derived keys
+ // At this point figure out the key length according to the symencAlgo
int offset = 0;
int length = this.getDerivedKeyLength();
byte[] label;
@@ -199,14 +193,13 @@
this.derivedKeyBytes = algo.createKey(this.ephemeralKey, seed, offset, length);
- //Add the DKTs
+ // Add the DKTs
dkt = new DerivedKeyToken(this.wscVersion, document);
dktId = "derivedKeyId-" + dkt.hashCode();
dkt.setOffset(offset);
dkt.setLength(length);
dkt.setNonce(Base64.encode(nonce));
-
dkt.setID(dktId);
if (this.strElem == null) {
@@ -225,7 +218,6 @@
}
-
/**
* Prepend the DerivedKey element to the elements already in the Security
* header.
@@ -234,12 +226,12 @@
* allows to insert the DerivedKey element at any position in the Security
* header.
*
- * @param secHeader
- * The security header that holds the Signature element.
+ * @param secHeader The security header that holds the Signature element.
*/
public void prependDKElementToHeader(WSSecHeader secHeader) {
WSSecurityUtil.prependChildElement(
- secHeader.getSecurityHeader(), dkt.getElement());
+ secHeader.getSecurityHeader(), dkt.getElement()
+ );
}
public void appendDKElementToHeader(WSSecHeader secHeader) {
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java Thu Feb 26 12:47:45 2009
@@ -106,10 +106,7 @@
/**
* Sets the key to use during embedded encryption.
*
- * <p/>
- *
- * @param key
- * to use during encryption. The key must fit the selected
+ * @param key to use during encryption. The key must fit the selected
* symmetrical encryption algorithm
*/
public void setKey(byte[] key) {
@@ -121,8 +118,7 @@
*
* Default is the <code>WSConstants.KEYTRANSPORT_RSA15</code> algorithm.
*
- * @param keyEnc
- * specifies the key encoding algorithm.
+ * @param keyEnc specifies the key encoding algorithm.
* @see WSConstants#KEYTRANSPORT_RSA15
* @see WSConstants#KEYTRANSPORT_RSAOEP
*/
@@ -155,8 +151,7 @@
* is not set then AES128 is used. Refer to WSConstants which algorithms are
* supported.
*
- * @param algo
- * Is the name of the encryption algorithm
+ * @param algo Is the name of the encryption algorithm
* @see WSConstants#TRIPLE_DES
* @see WSConstants#AES_128
* @see WSConstants#AES_192
@@ -174,8 +169,7 @@
* the algorithm is not set then a standard serialization is used (provided
* by XMLCipher, usually a XMLSerializer according to DOM 3 specification).
*
- * @param algo
- * Is the name of the canonicalization algorithm
+ * @param algo Is the name of the canonicalization algorithm
*/
public void setEncCanonicalization(String algo) {
encCanonAlgo = algo;
@@ -212,29 +206,22 @@
* relevant information was set. After preparation of the token references
* can be added and encrypted.
*
- * </p>
- *
* This method does not add any element to the security header. This must be
* done explicitly.
*
- * @param doc
- * The SOAP envelope as <code>Document</code>
- * @param crypto
- * An instance of the Crypto API to handle keystore and
- * certificates
+ * @param doc The SOAP envelope as <code>Document</code>
+ * @param crypto An instance of the Crypto API to handle keystore and certificates
* @throws WSSecurityException
*/
public void prepare(Document doc, Crypto crypto) throws WSSecurityException {
document = doc;
- /*
- * If no external key (symmetricalKey) was set generate an encryption
- * key (session key) for this Encrypt element. This key will be
- * encrypted using the public key of the receiver
- */
-
-
+ //
+ // If no external key (symmetricalKey) was set generate an encryption
+ // key (session key) for this Encrypt element. This key will be
+ // encrypted using the public key of the receiver
+ //
if (this.ephemeralKey == null) {
if (symmetricKey == null) {
KeyGenerator keyGen = getKeyGenerator();
@@ -244,14 +231,13 @@
}
if (this.symmetricKey == null) {
- this.symmetricKey = WSSecurityUtil.prepareSecretKey(symEncAlgo,
- this.ephemeralKey);
+ this.symmetricKey = WSSecurityUtil.prepareSecretKey(symEncAlgo, this.ephemeralKey);
}
- /*
- * Get the certificate that contains the public key for the public key
- * algorithm that will encrypt the generated symmetric (session) key.
- */
+ //
+ // Get the certificate that contains the public key for the public key
+ // algorithm that will encrypt the generated symmetric (session) key.
+ //
if (this.encryptSymmKey) {
X509Certificate remoteCert = null;
if (useThisCert != null) {
@@ -280,24 +266,18 @@
* previous version with the exception of the additional WSSecHeader
* parameter.
*
- * @param doc
- * the SOAP envelope as <code>Document</code> with plain text
- * Body
- * @param crypto
- * an instance of the Crypto API to handle keystore and
- * Certificates
- * @param secHeader
- * the security header element to hold the encrypted key element.
- * @return the SOAP envelope with encrypted Body as <code>Document
- * </code>
+ * @param doc the SOAP envelope as <code>Document</code> with plain text Body
+ * @param crypto an instance of the Crypto API to handle keystore and Certificates
+ * @param secHeader the security header element to hold the encrypted key element.
+ * @return the SOAP envelope with encrypted Body as <code>Document</code>
* @throws WSSecurityException
*/
public Document build(Document doc, Crypto crypto, WSSecHeader secHeader)
- throws WSSecurityException {
+ throws WSSecurityException {
doDebug = log.isDebugEnabled();
if (keyIdentifierType == WSConstants.EMBEDDED_KEYNAME
- || keyIdentifierType == WSConstants.EMBED_SECURITY_TOKEN_REF) {
+ || keyIdentifierType == WSConstants.EMBED_SECURITY_TOKEN_REF) {
return buildEmbedded(doc, secHeader);
}
@@ -314,9 +294,12 @@
SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(envelope);
if (parts == null) {
parts = new Vector();
- WSEncryptionPart encP = new WSEncryptionPart(soapConstants
- .getBodyQName().getLocalPart(), soapConstants
- .getEnvelopeURI(), "Content");
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ soapConstants.getBodyQName().getLocalPart(),
+ soapConstants.getEnvelopeURI(),
+ "Content"
+ );
parts.add(encP);
}
@@ -343,31 +326,28 @@
* This method can be called after <code>prepare()</code> and can be
* called multiple times to encrypt a number of parts or elements.
*
- * </p>
- *
* The method generates a <code>xenc:Reference</code> element that <i>must</i>
* be added to this token. See <code>addInternalRefElement()</code>.
*
- * </p>
- *
* If the <code>dataRef</code> parameter is <code>null</code> the method
* creates and initializes a new Reference element.
*
- * @param dataRef
- * A <code>xenc:Reference</code> element or <code>null</code>
- * @param references
- * A vector containing WSEncryptionPart objects
+ * @param dataRef A <code>xenc:Reference</code> element or <code>null</code>
+ * @param references A vector containing WSEncryptionPart objects
* @return Returns the updated <code>xenc:Reference</code> element
* @throws WSSecurityException
*/
public Element encryptForInternalRef(Element dataRef, Vector references)
- throws WSSecurityException {
- Vector encDataRefs = doEncryption(document, this.symmetricKey,
- references);
+ throws WSSecurityException {
+ Vector encDataRefs =
+ doEncryption(document, this.symmetricKey, references);
Element referenceList = dataRef;
if (referenceList == null) {
- referenceList = document.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":ReferenceList");
+ referenceList =
+ document.createElementNS(
+ WSConstants.ENC_NS,
+ WSConstants.ENC_PREFIX + ":ReferenceList"
+ );
}
createDataRefList(document, referenceList, encDataRefs);
return referenceList;
@@ -383,32 +363,29 @@
* This method can be called after <code>prepare()</code> and can be
* called multiple times to encrypt a number of parts or elements.
*
- * </p>
- *
* The method generates a <code>xenc:Reference</code> element that <i>must</i>
* be added to the SecurityHeader. See <code>addExternalRefElement()</code>.
*
- * </p>
- *
* If the <code>dataRef</code> parameter is <code>null</code> the method
* creates and initializes a new Reference element.
*
- * @param dataRef
- * A <code>xenc:Reference</code> element or <code>null</code>
- * @param references
- * A vector containing WSEncryptionPart objects
+ * @param dataRef A <code>xenc:Reference</code> element or <code>null</code>
+ * @param references A vector containing WSEncryptionPart objects
* @return Returns the updated <code>xenc:Reference</code> element
* @throws WSSecurityException
*/
public Element encryptForExternalRef(Element dataRef, Vector references)
- throws WSSecurityException {
+ throws WSSecurityException {
- Vector encDataRefs = doEncryption(document, this.symmetricKey,
- references);
+ Vector encDataRefs =
+ doEncryption(document, this.symmetricKey, references);
Element referenceList = dataRef;
if (referenceList == null) {
- referenceList = document.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":ReferenceList");
+ referenceList =
+ document.createElementNS(
+ WSConstants.ENC_NS,
+ WSConstants.ENC_PREFIX + ":ReferenceList"
+ );
}
createDataRefList(document, referenceList, encDataRefs);
return referenceList;
@@ -421,8 +398,7 @@
* <code>encryptForInternalRef()</code> method. The reference element is
* added to the <code>EncryptedKey</code> element of this encrypt block.
*
- * @param dataRef
- * The internal <code>enc:Reference</code> element
+ * @param dataRef The internal <code>enc:Reference</code> element
*/
public void addInternalRefElement(Element dataRef) {
encryptedKeyElement.appendChild(dataRef);
@@ -435,17 +411,15 @@
* <code>encryptForExternalRef() </code> method. The method prepends the
* reference element in the SecurityHeader.
*
- * @param dataRef
- * The external <code>enc:Reference</code> element
- * @param secHeader
- * The security header.
+ * @param dataRef The external <code>enc:Reference</code> element
+ * @param secHeader The security header.
*/
public void addExternalRefElement(Element dataRef, WSSecHeader secHeader) {
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), dataRef);
}
- private Vector doEncryption(Document doc, SecretKey secretKey,
- Vector references) throws WSSecurityException {
+ private Vector doEncryption(Document doc, SecretKey secretKey, Vector references)
+ throws WSSecurityException {
KeyInfo keyInfo = null;
@@ -462,22 +436,28 @@
keyInfo.addUnknownElement(secToken.getElement());
Element keyInfoElement = keyInfo.getElement();
- keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
+ keyInfoElement.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:"+ WSConstants.SIG_PREFIX, WSConstants.SIG_NS
+ );
}
return doEncryption(doc, secretKey, keyInfo, references);
}
- private Vector doEncryption(Document doc, SecretKey secretKey,
- KeyInfo keyInfo, Vector references) throws WSSecurityException {
+ private Vector doEncryption(
+ Document doc,
+ SecretKey secretKey,
+ KeyInfo keyInfo,
+ Vector references
+ ) throws WSSecurityException {
XMLCipher xmlCipher = null;
try {
xmlCipher = XMLCipher.getInstance(symEncAlgo);
} catch (XMLEncryptionException e3) {
throw new WSSecurityException(
- WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e3);
+ WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e3
+ );
}
Vector encDataRef = new Vector();
@@ -487,30 +467,31 @@
WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
String idToEnc = encPart.getId();
-
String elemName = encPart.getName();
String nmSpace = encPart.getNamespace();
String modifier = encPart.getEncModifier();
- /*
- * Third step: get the data to encrypt.
- *
- */
+ //
+ // Third step: get the data to encrypt.
+ //
Element body = null;
if (idToEnc != null) {
- body = WSSecurityUtil.findElementById(document
- .getDocumentElement(), idToEnc, WSConstants.WSU_NS);
+ body =
+ WSSecurityUtil.findElementById(
+ document.getDocumentElement(), idToEnc, WSConstants.WSU_NS
+ );
if (body == null) {
- body = WSSecurityUtil.findElementById(document
- .getDocumentElement(), idToEnc, null);
+ body =
+ WSSecurityUtil.findElementById(document.getDocumentElement(), idToEnc, null);
}
} else {
- body = (Element) WSSecurityUtil.findElement(document, elemName,
- nmSpace);
+ body = (Element) WSSecurityUtil.findElement(document, elemName, nmSpace);
}
if (body == null) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "noEncElement", new Object[] { "{" + nmSpace + "}"
- + elemName });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noEncElement",
+ new Object[] {"{" + nmSpace + "}" + elemName}
+ );
}
boolean content = modifier.equals("Content") ? true : false;
@@ -534,33 +515,43 @@
secToken.setReference(ref);
keyInfo.addUnknownElement(secToken.getElement());
Element keyInfoElement = keyInfo.getElement();
- keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
+ keyInfoElement.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS
+ );
}
- /*
- * Fourth step: encrypt data, and set necessary attributes in
- * xenc:EncryptedData
- */
+ //
+ // Fourth step: encrypt data, and set necessary attributes in
+ // xenc:EncryptedData
+ //
try {
-
if (modifier.equals("Header")) {
- Element elem = doc.createElementNS(WSConstants.WSSE11_NS,"wsse11:"+WSConstants.ENCRYPTED_HEADER);
+ Element elem =
+ doc.createElementNS(
+ WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
+ );
WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
- String wsuPrefix = WSSecurityUtil.setNamespace(elem,
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
- elem.setAttributeNS(WSConstants.WSU_NS, wsuPrefix + ":Id", "EncHeader-" + body.hashCode());
-
+ String wsuPrefix =
+ WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ elem.setAttributeNS(
+ WSConstants.WSU_NS, wsuPrefix + ":Id", "EncHeader-" + body.hashCode()
+ );
NamedNodeMap map = body.getAttributes();
for (int i = 0 ; i < map.getLength() ; i++) {
Attr attr = (Attr)map.item(i);
if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
- || attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
- String soapEnvPrefix = WSSecurityUtil.setNamespace(elem,
- attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX);
- elem.setAttributeNS(attr.getNamespaceURI(), soapEnvPrefix +":"+attr.getLocalName(), attr.getValue());
+ || attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
+ String soapEnvPrefix =
+ WSSecurityUtil.setNamespace(
+ elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
+ );
+ elem.setAttributeNS(
+ attr.getNamespaceURI(),
+ soapEnvPrefix + ":" + attr.getLocalName(),
+ attr.getValue()
+ );
}
}
@@ -570,13 +561,14 @@
encData.setKeyInfo(keyInfo);
xmlCipher.doFinal(doc, body, content);
- Element encDataElem = WSSecurityUtil.findElementById(document
- .getDocumentElement(), xencEncryptedDataId, null);
+ Element encDataElem =
+ WSSecurityUtil.findElementById(
+ document.getDocumentElement(), xencEncryptedDataId, null
+ );
Node clone = encDataElem.cloneNode(true);
elem.appendChild(clone);
encDataElem.getParentNode().appendChild(elem);
encDataElem.getParentNode().removeChild(encDataElem);
-
} else {
xmlCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
EncryptedData encData = xmlCipher.getEncryptedData();
@@ -585,12 +577,12 @@
xmlCipher.doFinal(doc, body, content);
}
if (cloneKeyInfo) {
- keyInfo = new KeyInfo((Element) keyInfo.getElement()
- .cloneNode(true), null);
+ keyInfo = new KeyInfo((Element) keyInfo.getElement().cloneNode(true), null);
}
} catch (Exception e2) {
throw new WSSecurityException(
- WSSecurityException.FAILED_ENCRYPTION, null, null, e2);
+ WSSecurityException.FAILED_ENCRYPTION, null, null, e2
+ );
}
encDataRef.add(new String("#" + xencEncryptedDataId));
}
@@ -605,78 +597,79 @@
log.debug("Beginning Encryption embedded...");
}
envelope = doc.getDocumentElement();
- envelope.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + WSConstants.ENC_PREFIX, WSConstants.ENC_NS);
-
- /*
- * Second step: generate a symmetric key from the specified key
- * (password) for this algorithm, and set the cipher into encryption
- * mode.
- */
+ envelope.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + WSConstants.ENC_PREFIX, WSConstants.ENC_NS
+ );
+
+ //
+ // Second step: generate a symmetric key from the specified key
+ // (password) for this algorithm, and set the cipher into encryption
+ // mode.
+ //
if (this.symmetricKey == null) {
if (embeddedKey == null) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "noKeySupplied");
+ throw new WSSecurityException(WSSecurityException.FAILURE, "noKeySupplied");
}
- this.symmetricKey = WSSecurityUtil.prepareSecretKey(symEncAlgo,
- embeddedKey);
+ this.symmetricKey = WSSecurityUtil.prepareSecretKey(symEncAlgo, embeddedKey);
}
KeyInfo keyInfo = null;
if (this.keyIdentifierType == WSConstants.EMBEDDED_KEYNAME) {
keyInfo = new KeyInfo(doc);
- keyInfo
- .addKeyName(embeddedKeyName == null ? user
- : embeddedKeyName);
+ keyInfo.addKeyName(embeddedKeyName == null ? user : embeddedKeyName);
} else if (this.keyIdentifierType == WSConstants.EMBED_SECURITY_TOKEN_REF) {
- /*
- * This means that we want to embed a <wsse:SecurityTokenReference>
- * into keyInfo element. If we need this functionality, this.secRef
- * MUST be set before calling the build(doc, crypto) method. So if
- * secRef is null then throw an exception.
- */
+ //
+ // This means that we want to embed a <wsse:SecurityTokenReference>
+ // into keyInfo element. If we need this functionality, this.secRef
+ // MUST be set before calling the build(doc, crypto) method. So if
+ // secRef is null then throw an exception.
+ //
if (this.securityTokenReference == null) {
throw new WSSecurityException(
- WSSecurityException.SECURITY_TOKEN_UNAVAILABLE,
- "You must set keyInfo element, if the keyIdentifier "
- + "== EMBED_SECURITY_TOKEN_REF");
+ WSSecurityException.SECURITY_TOKEN_UNAVAILABLE,
+ "You must set keyInfo element, if the keyIdentifier == EMBED_SECURITY_TOKEN_REF"
+ );
} else {
keyInfo = new KeyInfo(doc);
Element tmpE = securityTokenReference.getElement();
- tmpE.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + tmpE.getPrefix(), tmpE.getNamespaceURI());
+ tmpE.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + tmpE.getPrefix(), tmpE.getNamespaceURI()
+ );
keyInfo.addUnknownElement(securityTokenReference.getElement());
}
}
Element keyInfoElement = keyInfo.getElement();
- keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
+ keyInfoElement.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS
+ );
SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(envelope);
if (parts == null) {
parts = new Vector();
- WSEncryptionPart encP = new WSEncryptionPart(soapConstants
- .getBodyQName().getLocalPart(), soapConstants
- .getEnvelopeURI(), "Content");
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ soapConstants.getBodyQName().getLocalPart(),
+ soapConstants.getEnvelopeURI(),
+ "Content"
+ );
parts.add(encP);
}
- Vector encDataRefs = doEncryption(doc, this.symmetricKey, keyInfo,
- parts);
+ Vector encDataRefs = doEncryption(doc, this.symmetricKey, keyInfo, parts);
- /*
- * At this point data is encrypted with the symmetric key and can be
- * referenced via the above Id
- */
-
- /*
- * Now we need to setup the wsse:Security header block 1) get (or
- * create) the wsse:Security header block 2) The last step sets up the
- * reference list that pints to the encrypted data
- */
+ //
+ // At this point data is encrypted with the symmetric key and can be
+ // referenced via the above Id
+ //
+
+ //
+ // Now we need to setup the wsse:Security header block 1) get (or
+ // create) the wsse:Security header block 2) The last step sets up the
+ // reference list that pints to the encrypted data
+ //
Element wsseSecurity = secHeader.getSecurityHeader();
- Element referenceList = doc.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":ReferenceList");
+ Element referenceList =
+ doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":ReferenceList");
referenceList = createDataRefList(doc, referenceList, encDataRefs);
WSSecurityUtil.prependChildElement(wsseSecurity, referenceList);
@@ -686,9 +679,9 @@
private KeyGenerator getKeyGenerator() throws WSSecurityException {
KeyGenerator keyGen = null;
try {
- /*
- * Assume AES as default, so initialize it
- */
+ //
+ // Assume AES as default, so initialize it
+ //
keyGen = KeyGenerator.getInstance("AES");
if (symEncAlgo.equalsIgnoreCase(WSConstants.TRIPLE_DES)) {
keyGen = KeyGenerator.getInstance("DESede");
@@ -703,7 +696,8 @@
}
} catch (NoSuchAlgorithmException e) {
throw new WSSecurityException(
- WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e);
+ WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e
+ );
}
return keyGen;
}
@@ -711,19 +705,22 @@
/**
* Create DOM subtree for <code>xenc:EncryptedKey</code>
*
- * @param doc
- * the SOAP envelope parent document
+ * @param doc the SOAP envelope parent document
* @param referenceList
* @param encDataRefs
* @return an <code>xenc:EncryptedKey</code> element
*/
-
- public static Element createDataRefList(Document doc,
- Element referenceList, Vector encDataRefs) {
+ public static Element createDataRefList(
+ Document doc,
+ Element referenceList,
+ Vector encDataRefs
+ ) {
for (int i = 0; i < encDataRefs.size(); i++) {
String dataReferenceUri = (String) encDataRefs.get(i);
- Element dataReference = doc.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":DataReference");
+ Element dataReference =
+ doc.createElementNS(
+ WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":DataReference"
+ );
dataReference.setAttributeNS(null, "URI", dataReferenceUri);
referenceList.appendChild(dataReference);
}
@@ -779,7 +776,8 @@
return Base64.encode(data);
} catch (NoSuchAlgorithmException e) {
throw new WSSecurityException(
- WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e);
+ WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e
+ );
}
}
@@ -790,6 +788,7 @@
public void setEncKeyValueType(String e) {
encKeyValueType = e;
}
+
public void setEncKeyIdDirectId(boolean b) {
encKeyIdDirectId = b;
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java Thu Feb 26 12:47:45 2009
@@ -96,7 +96,7 @@
/**
* BinarySecurityToken to be included in the case where BST_DIRECT_REFERENCE
- * is used to refer to the asymm encryption cert
+ * is used to refer to the asymmetric encryption cert
*/
protected BinarySecurity bstToken = null;
@@ -136,28 +136,25 @@
* Prepare the ephemeralKey and the tokens required to be added to the
* security header
*
- * @param doc
- * The SOAP envelope as <code>Document</code>
- * @param crypto
- * An instance of the Crypto API to handle keystore and
- * certificates
+ * @param doc The SOAP envelope as <code>Document</code>
+ * @param crypto An instance of the Crypto API to handle keystore and certificates
* @throws WSSecurityException
*/
public void prepare(Document doc, Crypto crypto) throws WSSecurityException {
document = doc;
- /*
- * Set up the ephemeral key
- */
+ //
+ // Set up the ephemeral key
+ //
if (this.ephemeralKey == null) {
this.ephemeralKey = generateEphemeralKey();
}
- /*
- * Get the certificate that contains the public key for the public key
- * algorithm that will encrypt the generated symmetric (session) key.
- */
+ //
+ // Get the certificate that contains the public key for the public key
+ // algorithm that will encrypt the generated symmetric (session) key.
+ //
X509Certificate remoteCert = null;
if (useThisCert != null) {
remoteCert = useThisCert;
@@ -167,7 +164,7 @@
throw new WSSecurityException(
WSSecurityException.FAILURE,
"noUserCertsFound",
- new Object[] { user, "encryption" }
+ new Object[] {user, "encryption"}
);
}
remoteCert = certs[0];
@@ -182,61 +179,67 @@
* This method does the most work for to prepare the EncryptedKey element.
* It is also used by the WSSecEncrypt sub-class.
*
- * @param keyBytes
- * The bytes that represent the symmetric key
- * @param remoteCert
- * The certificate that contains the public key to encrypt the
- * symmetric key data
- * @param crypto
- * An instance of the Crypto API to handle keystore and
- * certificates
+ * @param keyBytes The bytes that represent the symmetric key
+ * @param remoteCert The certificate that contains the public key to encrypt the
+ * symmetric key data
+ * @param crypto An instance of the Crypto API to handle keystore and certificates
* @throws WSSecurityException
*/
- protected void prepareInternal(byte[] keyBytes, X509Certificate remoteCert,
- Crypto crypto) throws WSSecurityException {
+ protected void prepareInternal(
+ byte[] keyBytes,
+ X509Certificate remoteCert,
+ Crypto crypto
+ ) throws WSSecurityException {
String certUri = UUIDGenerator.getUUID();
Cipher cipher = WSSecurityUtil.getCipherInstance(keyEncAlgo);
try {
cipher.init(Cipher.ENCRYPT_MODE, remoteCert.getPublicKey());
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.FAILED_ENCRYPTION,
- null, null, e);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_ENCRYPTION, null, null, e
+ );
}
if (doDebug) {
- log.debug("cipher blksize: " + cipher.getBlockSize()
- + ", symm key length: " + keyBytes.length);
+ log.debug(
+ "cipher blksize: " + cipher.getBlockSize()
+ + ", symm key length: " + keyBytes.length
+ );
}
int blockSize = cipher.getBlockSize();
if (blockSize > 0 && blockSize < keyBytes.length) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "unsupportedKeyTransp",
- new Object[] { "public key algorithm too weak to encrypt "
- + "symmetric key" });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "unsupportedKeyTransp",
+ new Object[] {"public key algorithm too weak to encrypt symmetric key"}
+ );
}
try {
this.encryptedEphemeralKey = cipher.doFinal(keyBytes);
} catch (IllegalStateException e1) {
- throw new WSSecurityException(WSSecurityException.FAILED_ENCRYPTION,
- null, null, e1);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_ENCRYPTION, null, null, e1
+ );
} catch (IllegalBlockSizeException e1) {
- throw new WSSecurityException(WSSecurityException.FAILED_ENCRYPTION,
- null, null, e1);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_ENCRYPTION, null, null, e1
+ );
} catch (BadPaddingException e1) {
- throw new WSSecurityException(WSSecurityException.FAILED_ENCRYPTION,
- null, null, e1);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_ENCRYPTION, null, null, e1
+ );
}
- Text keyText = WSSecurityUtil.createBase64EncodedTextNode(document,
- this.encryptedEphemeralKey);
+ Text keyText =
+ WSSecurityUtil.createBase64EncodedTextNode(document, this.encryptedEphemeralKey);
- /*
- * Now we need to setup the EncryptedKey header block 1) create a
- * EncryptedKey element and set a wsu:Id for it 2) Generate ds:KeyInfo
- * element, this wraps the wsse:SecurityTokenReference 3) Create and set
- * up the SecurityTokenReference according to the keyIdentifier parameter
- * 4) Create the CipherValue element structure and insert the encrypted
- * session key
- */
+ //
+ // Now we need to setup the EncryptedKey header block 1) create a
+ // EncryptedKey element and set a wsu:Id for it 2) Generate ds:KeyInfo
+ // element, this wraps the wsse:SecurityTokenReference 3) Create and set
+ // up the SecurityTokenReference according to the keyIdentifier parameter
+ // 4) Create the CipherValue element structure and insert the encrypted
+ // session key
+ //
encryptedKeyElement = createEncryptedKey(document, keyEncAlgo);
if(this.encKeyId == null || "".equals(this.encKeyId)) {
this.encKeyId = "EncKeyId-" + UUIDGenerator.getUUID();
@@ -269,8 +272,7 @@
break;
case WSConstants.ISSUER_SERIAL:
- XMLX509IssuerSerial data = new XMLX509IssuerSerial(document,
- remoteCert);
+ XMLX509IssuerSerial data = new XMLX509IssuerSerial(document, remoteCert);
X509Data x509Data = new X509Data(document);
x509Data.add(data);
secToken.setX509IssuerSerial(x509Data);
@@ -287,22 +289,22 @@
break;
default:
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "unsupportedKeyId");
+ throw new WSSecurityException(WSSecurityException.FAILURE, "unsupportedKeyId");
}
keyInfo.addUnknownElement(secToken.getElement());
Element keyInfoElement = keyInfo.getElement();
- keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
+ keyInfoElement.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS
+ );
encryptedKeyElement.appendChild(keyInfoElement);
- Element xencCipherValue = createCipherValue(document,
- encryptedKeyElement);
+ Element xencCipherValue = createCipherValue(document, encryptedKeyElement);
xencCipherValue.appendChild(keyText);
envelope = document.getDocumentElement();
- envelope.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:"
- + WSConstants.ENC_PREFIX, WSConstants.ENC_NS);
+ envelope.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + WSConstants.ENC_PREFIX, WSConstants.ENC_NS
+ );
}
/**
@@ -321,29 +323,24 @@
r.nextBytes(temp);
return temp;
} catch (Exception e) {
- throw new WSSecurityException(
- "Error in creating the ephemeral key", e);
+ throw new WSSecurityException("Error in creating the ephemeral key", e);
}
}
/**
* Create DOM subtree for <code>xenc:EncryptedKey</code>
*
- * @param doc
- * the SOAP envelope parent document
- * @param keyTransportAlgo
- * specifies which algorithm to use to encrypt the symmetric key
+ * @param doc the SOAP envelope parent document
+ * @param keyTransportAlgo specifies which algorithm to use to encrypt the symmetric key
* @return an <code>xenc:EncryptedKey</code> element
*/
-
protected Element createEncryptedKey(Document doc, String keyTransportAlgo) {
- Element encryptedKey = doc.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":EncryptedKey");
+ Element encryptedKey =
+ doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptedKey");
- WSSecurityUtil.setNamespace(encryptedKey, WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX);
- Element encryptionMethod = doc.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":EncryptionMethod");
+ WSSecurityUtil.setNamespace(encryptedKey, WSConstants.ENC_NS, WSConstants.ENC_PREFIX);
+ Element encryptionMethod =
+ doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptionMethod");
encryptionMethod.setAttributeNS(null, "Algorithm", keyTransportAlgo);
encryptedKey.appendChild(encryptionMethod);
return encryptedKey;
@@ -352,10 +349,8 @@
/**
* Create DOM subtree for <code>xenc:EncryptedKey</code>
*
- * @param doc
- * the SOAP envelope parent document
- * @param keyTransportAlgo
- * specifies which algorithm to use to encrypt the symmetric key
+ * @param doc the SOAP envelope parent document
+ * @param keyTransportAlgo specifies which algorithm to use to encrypt the symmetric key
* @return an <code>xenc:EncryptedKey</code> element
* @deprecated use createEncryptedKey(Document doc, String keyTransportAlgo) instead
*/
@@ -364,10 +359,10 @@
}
protected Element createCipherValue(Document doc, Element encryptedKey) {
- Element cipherData = doc.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":CipherData");
- Element cipherValue = doc.createElementNS(WSConstants.ENC_NS,
- WSConstants.ENC_PREFIX + ":CipherValue");
+ Element cipherData =
+ doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherData");
+ Element cipherValue =
+ doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherValue");
cipherData.appendChild(cipherValue);
encryptedKey.appendChild(cipherData);
return cipherValue;
@@ -381,12 +376,10 @@
* allows to insert the EncryptedKey element at any position in the Security
* header.
*
- * @param secHeader
- * The security header that holds the Signature element.
+ * @param secHeader The security header that holds the Signature element.
*/
public void prependToHeader(WSSecHeader secHeader) {
- WSSecurityUtil.prependChildElement(
- secHeader.getSecurityHeader(), encryptedKeyElement);
+ WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), encryptedKeyElement);
}
/**
@@ -397,8 +390,7 @@
* allows to insert the EncryptedKey element at any position in the Security
* header.
*
- * @param secHeader
- * The security header that holds the Signature element.
+ * @param secHeader The security header that holds the Signature element.
*/
public void appendToHeader(WSSecHeader secHeader) {
Element secHeaderElement = secHeader.getSecurityHeader();
@@ -412,13 +404,13 @@
* The method can be called any time after <code>prepare()</code>. This
* allows to insert the BST element at any position in the Security header.
*
- * @param secHeader
- * The security header that holds the BST element.
+ * @param secHeader The security header that holds the BST element.
*/
public void prependBSTElementToHeader(WSSecHeader secHeader) {
if (bstToken != null) {
WSSecurityUtil.prependChildElement(
- secHeader.getSecurityHeader(), bstToken.getElement());
+ secHeader.getSecurityHeader(), bstToken.getElement()
+ );
}
bstToken = null;
}
@@ -430,8 +422,7 @@
* The method can be called any time after <code>prepare()</code>. This
* allows to insert the BST element at any position in the Security header.
*
- * @param secHeader
- * The security header that holds the BST element.
+ * @param secHeader The security header that holds the BST element.
*/
public void appendBSTElementToHeader(WSSecHeader secHeader) {
if (bstToken != null) {
@@ -455,8 +446,7 @@
* <code>DirectReference</code> then use this certificate to get the
* public key for encryption.
*
- * @param cert
- * is the X509 certificate to use for encryption
+ * @param cert is the X509 certificate to use for encryption
*/
public void setUseThisCert(X509Certificate cert) {
useThisCert = cert;
@@ -481,16 +471,15 @@
* @return Returns the BinarySecurityToken element.
*/
public Element getBinarySecurityTokenElement() {
- if(this.bstToken != null) {
+ if (this.bstToken != null) {
return this.bstToken.getElement();
- } else {
- return null;
}
+ return null;
}
public void setKeySize(int keySize) throws WSSecurityException {
- if(keySize < 64) {
- //Minimum size has to be 64 bits - E.g. A DES key
+ if (keySize < 64) {
+ // Minimum size has to be 64 bits - E.g. A DES key
throw new WSSecurityException("invalidKeySize");
}
this.keySize = keySize;
@@ -514,7 +503,7 @@
* BinaruSecurityToken element.
*/
public String getBSTTokenId() {
- if(this.bstToken == null) {
+ if (this.bstToken == null) {
return null;
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecHeader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecHeader.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecHeader.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecHeader.java Thu Feb 26 12:47:45 2009
@@ -29,8 +29,6 @@
*
* Setup a Security header with a specified actor and mustunderstand flag.
*
- * <p/>
- *
* The defaults for actor and mustunderstand are: empty <code>actor</code> and
* <code>mustunderstand</code> is true.
*
@@ -54,8 +52,7 @@
/**
* Constructor.
*
- * @param actor
- * The actor name of the <code>wsse:Security</code> header
+ * @param actor The actor name of the <code>wsse:Security</code> header
*/
public WSSecHeader(String actor) {
this(actor, true);
@@ -64,10 +61,8 @@
/**
* Constructor.
*
- * @param act
- * The actor name of the <code>wsse:Security</code> header
- * @param mu
- * Set <code>mustUnderstand</code> to true or false
+ * @param act The actor name of the <code>wsse:Security</code> header
+ * @param mu Set <code>mustUnderstand</code> to true or false
*/
public WSSecHeader(String act, boolean mu) {
actor = act;
@@ -77,8 +72,7 @@
/**
* set actor name.
*
- * @param act
- * The actor name of the <code>wsse:Security</code> header
+ * @param act The actor name of the <code>wsse:Security</code> header
*/
public void setActor(String act) {
actor = act;
@@ -88,8 +82,7 @@
* Set the <code>mustUnderstand</code> flag for the
* <code>wsse:Security</code> header.
*
- * @param mu
- * Set <code>mustUnderstand</code> to true or false
+ * @param mu Set <code>mustUnderstand</code> to true or false
*/
public void setMustUnderstand(boolean mu) {
mustunderstand = mu;
@@ -111,10 +104,11 @@
* false if non empty security header
*/
public boolean isEmpty(Document doc) {
-
if (securityHeader == null) {
- securityHeader = WSSecurityUtil.findWsseSecurityHeaderBlock(doc, doc
- .getDocumentElement(), actor, false);
+ securityHeader =
+ WSSecurityUtil.findWsseSecurityHeaderBlock(
+ doc, doc.getDocumentElement(), actor, false
+ );
if (securityHeader == null) {
return true;
}
@@ -122,65 +116,63 @@
if (securityHeader.getChildNodes().getLength() == 0) {
return true;
- } else {
- return false;
}
+ return false;
}
/**
* Creates a security header and inserts it as child into the SOAP Envelope.
*
- * <p/>
- *
* Check if a WS Security header block for an actor is already available in
* the document. If a header block is found return it, otherwise a new
* wsse:Security header block is created and the attributes set
*
- * @param doc
- * A SOAP envelope as <code>Document</code>
+ * @param doc A SOAP envelope as <code>Document</code>
* @return A <code>wsse:Security</code> element
*/
public Element insertSecurityHeader(Document doc) {
-
- /*
- * If there is already a security header in this instance just return it
- */
+ //
+ // If there is already a security header in this instance just return it
+ //
if (securityHeader != null) {
return securityHeader;
}
- SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
- .getDocumentElement());
+ SOAPConstants soapConstants =
+ WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
- securityHeader = WSSecurityUtil.findWsseSecurityHeaderBlock(doc, doc
- .getDocumentElement(), actor, true);
+ securityHeader =
+ WSSecurityUtil.findWsseSecurityHeaderBlock(
+ doc, doc.getDocumentElement(), actor, true
+ );
String soapPrefix =
WSSecurityUtil.setNamespace(
- securityHeader,
- soapConstants.getEnvelopeURI(),
- WSConstants.DEFAULT_SOAP_PREFIX
+ securityHeader, soapConstants.getEnvelopeURI(), WSConstants.DEFAULT_SOAP_PREFIX
);
if (actor != null && actor.length() > 0) {
- securityHeader.setAttributeNS(soapConstants.getEnvelopeURI(),
- soapPrefix
- + ":"
- + soapConstants.getRoleAttributeQName()
- .getLocalPart(), actor);
+ securityHeader.setAttributeNS(
+ soapConstants.getEnvelopeURI(),
+ soapPrefix + ":" + soapConstants.getRoleAttributeQName().getLocalPart(),
+ actor
+ );
}
if (mustunderstand) {
- securityHeader.setAttributeNS(soapConstants.getEnvelopeURI(),
- soapPrefix + ":" + WSConstants.ATTR_MUST_UNDERSTAND,
- soapConstants.getMustUnderstand());
+ securityHeader.setAttributeNS(
+ soapConstants.getEnvelopeURI(),
+ soapPrefix + ":" + WSConstants.ATTR_MUST_UNDERSTAND,
+ soapConstants.getMustUnderstand()
+ );
}
return securityHeader;
}
public void removeSecurityHeader(Document doc) {
-
if (securityHeader == null) {
- securityHeader = WSSecurityUtil.findWsseSecurityHeaderBlock(doc, doc
- .getDocumentElement(), actor, false);
+ securityHeader =
+ WSSecurityUtil.findWsseSecurityHeaderBlock(
+ doc, doc.getDocumentElement(), actor, false
+ );
if (securityHeader == null) {
return;
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSecurityContextToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSecurityContextToken.java?rev=748120&r1=748119&r2=748120&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSecurityContextToken.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSecurityContextToken.java Thu Feb 26 12:47:45 2009
@@ -57,7 +57,7 @@
private int wscVersion = ConversationConstants.DEFAULT_VERSION;
public void prepare(Document doc, Crypto crypto)
- throws WSSecurityException, ConversationException {
+ throws WSSecurityException, ConversationException {
if (sct == null) {
if (this.identifier != null) {
@@ -75,7 +75,7 @@
}
public void prependSCTElementToHeader(Document doc, WSSecHeader secHeader)
- throws WSSecurityException {
+ throws WSSecurityException {
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), sct.getElement());
}
@@ -127,9 +127,8 @@
public String getSctId() {
if (this.sct != null) {
return this.sct.getID();
- } else {
- return this.sctId;
}
+ return this.sctId;
}
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org