You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/06/14 16:49:35 UTC
svn commit: r1493101 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security:
SecurityConstants.java wss4j/AbstractWSS4JStaxInterceptor.java
wss4j/PolicyBasedWSS4JOutInterceptor.java
Author: coheigea
Date: Fri Jun 14 14:49:35 2013
New Revision: 1493101
URL: http://svn.apache.org/r1493101
Log:
[CXF-5056] - EndorsingSupportingTokens with both transport security and message layer security applied
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1493101&r1=1493100&r2=1493101&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Fri Jun 14 14:49:35 2013
@@ -445,7 +445,15 @@ public final class SecurityConstants {
* c) A CallbackHandler object to use to obtain the token
*/
public static final String STS_TOKEN_ON_BEHALF_OF = "ws-security.sts.token.on-behalf-of";
-
+
+ /**
+ * Set this to "false" in order to remove the SOAP mustUnderstand header from security headers generated based on
+ * a WS-SecurityPolicy.
+ *
+ * The default value is "true" which included the SOAP mustUnderstand header.
+ */
+ public static final String MUST_UNDERSTAND = "ws-security.must-understand";
+
//
// Internal tags
//
@@ -472,7 +480,7 @@ public final class SecurityConstants {
STS_TOKEN_DO_CANCEL, CACHE_ISSUED_TOKEN_IN_ENDPOINT,
DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS, STS_TOKEN_CRYPTO,
STS_TOKEN_PROPERTIES, STS_TOKEN_USERNAME, STS_TOKEN_ACT_AS, STS_TOKEN_ON_BEHALF_OF,
- TOKEN, TOKEN_ID, SUBJECT_ROLE_CLASSIFIER, SUBJECT_ROLE_CLASSIFIER_TYPE
+ TOKEN, TOKEN_ID, SUBJECT_ROLE_CLASSIFIER, SUBJECT_ROLE_CLASSIFIER_TYPE, MUST_UNDERSTAND
}));
ALL_PROPERTIES = Collections.unmodifiableSet(s);
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java?rev=1493101&r1=1493100&r2=1493101&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java Fri Jun 14 14:49:35 2013
@@ -153,6 +153,21 @@ public abstract class AbstractWSS4JStaxI
validateSAMLSubjectConf);
}
}
+
+ String actor = (String)msg.getContextualProperty(SecurityConstants.ACTOR);
+ if (actor != null) {
+ if (securityProperties != null) {
+ securityProperties.setActor(actor);
+ } else {
+ properties.put(ConfigurationConstants.ACTOR, actor);
+ }
+ }
+
+ boolean mustUnderstand =
+ MessageUtils.getContextualBoolean(msg, SecurityConstants.MUST_UNDERSTAND, true);
+ if (properties != null) {
+ properties.put(ConfigurationConstants.MUST_UNDERSTAND, Boolean.toString(mustUnderstand));
+ }
}
protected void configureCallbackHandler(SoapMessage soapMessage) throws WSSecurityException {
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java?rev=1493101&r1=1493100&r2=1493101&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java Fri Jun 14 14:49:35 2013
@@ -106,8 +106,11 @@ public class PolicyBasedWSS4JOutIntercep
Collection<AssertionInfo> ais;
SOAPMessage saaj = message.getContent(SOAPMessage.class);
- boolean mustUnderstand = true;
- String actor = null;
+ boolean mustUnderstand =
+ MessageUtils.getContextualBoolean(
+ message, SecurityConstants.MUST_UNDERSTAND, true
+ );
+ String actor = (String)message.getContextualProperty(SecurityConstants.ACTOR);
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information