You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/02/25 18:17:33 UTC
git commit: Include Encryption tokens for certain scenarios

Repository: cxf
Updated Branches:
  refs/heads/master fdb8de24a -> c92b639c2


Include Encryption tokens for certain scenarios


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c92b639c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c92b639c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c92b639c

Branch: refs/heads/master
Commit: c92b639c2ad2f67533b21dcd4a6543e28cb676bf
Parents: fdb8de2
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Feb 25 16:58:07 2014 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Feb 25 16:58:27 2014 +0000

----------------------------------------------------------------------
 .../policyhandlers/StaxAsymmetricBindingHandler.java  | 14 ++++++++++++++
 .../policyhandlers/StaxSymmetricBindingHandler.java   | 13 +++++++++++++
 2 files changed, 27 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c92b639c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
index 8563e3a..a34f068 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
@@ -53,6 +53,7 @@ import org.apache.wss4j.policy.model.SpnegoContextToken;
 import org.apache.wss4j.policy.model.X509Token;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.stax.ext.SecurePart;
 import org.apache.xml.security.stax.ext.SecurePart.Modifier;
 import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
@@ -378,6 +379,19 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
             }
             
             properties.setEncryptionKeyIdentifier(getKeyIdentifierType(recToken, encrToken));
+            
+            // Find out do we also need to include the token as per the Inclusion requirement
+            WSSecurityTokenConstants.KeyIdentifier keyIdentifier = properties.getEncryptionKeyIdentifier();
+            if (encrToken instanceof X509Token 
+                && isTokenRequired(encrToken.getIncludeTokenType())
+                && (WSSecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)
+                    || WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier.equals(keyIdentifier)
+                    || WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference.equals(
+                        keyIdentifier))) {
+                properties.setIncludeEncryptionToken(true);
+            } else {
+                properties.setIncludeEncryptionToken(false);
+            }
 
             properties.setEncryptionKeyTransportAlgorithm(
                        algorithmSuite.getAlgorithmSuiteType().getAsymmetricKeyWrap());

http://git-wip-us.apache.org/repos/asf/cxf/blob/c92b639c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
index a961951..63d5041 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
@@ -475,6 +475,19 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
                     properties.setEncryptSymmetricEncryptionKey(false);
                 }
             }
+            
+            // Find out do we also need to include the token as per the Inclusion requirement
+            WSSecurityTokenConstants.KeyIdentifier keyIdentifier = properties.getEncryptionKeyIdentifier();
+            if (encrToken instanceof X509Token 
+                && isTokenRequired(encrToken.getIncludeTokenType())
+                && (WSSecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)
+                    || WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier.equals(keyIdentifier)
+                    || WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference.equals(
+                        keyIdentifier))) {
+                properties.setIncludeEncryptionToken(true);
+            } else {
+                properties.setIncludeEncryptionToken(false);
+            }
 
             properties.setEncryptionKeyTransportAlgorithm(
                        algorithmSuite.getAlgorithmSuiteType().getAsymmetricKeyWrap());