You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2012/09/20 12:30:04 UTC
svn commit: r1387948 - in
/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security:
./ processor/ validate/
Author: coheigea
Date: Thu Sep 20 10:30:03 2012
New Revision: 1387948
URL: http://svn.apache.org/viewvc?rev=1387948&view=rev
Log:
[WSS-404] - Store Subject from JAAS LoginContext in WSSecurityEngineResult
Conflicts:
src/main/java/org/apache/ws/security/validate/Credential.java
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/Credential.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/JAASUsernameTokenValidator.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java?rev=1387948&r1=1387947&r2=1387948&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java Thu Sep 20 10:30:03 2012
@@ -42,7 +42,7 @@ public class WSSecurityEngineResult exte
/**
*
*/
- private static final long serialVersionUID = 458604104267263765L;
+ private static final long serialVersionUID = 8877354445092724300L;
/**
* Tag denoting the SAML Assertion found, if applicable.
@@ -190,6 +190,13 @@ public class WSSecurityEngineResult exte
public static final String TAG_PRINCIPAL = "principal";
/**
+ * Tag denoting the security subject found, if applicable.
+ *
+ * The value under this tag is of type javax.security.auth.Subject.
+ */
+ public static final String TAG_SUBJECT = "subject";
+
+ /**
* Tag denoting references to a List of Data ref URIs.
*
* The value under this tag is of type List.
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java?rev=1387948&r1=1387947&r2=1387948&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java Thu Sep 20 10:30:03 2012
@@ -105,6 +105,7 @@ public class BinarySecurityTokenProcesso
} else if (certs != null && certs[0] != null) {
result.put(WSSecurityEngineResult.TAG_PRINCIPAL, certs[0].getSubjectX500Principal());
}
+ result.put(WSSecurityEngineResult.TAG_SUBJECT, credential.getSubject());
}
wsDocInfo.addResult(result);
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java?rev=1387948&r1=1387947&r2=1387948&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java Thu Sep 20 10:30:03 2012
@@ -97,6 +97,7 @@ public class UsernameTokenProcessor impl
principal.setPasswordType(token.getPasswordType());
result.put(WSSecurityEngineResult.TAG_PRINCIPAL, principal);
}
+ result.put(WSSecurityEngineResult.TAG_SUBJECT, credential.getSubject());
}
wsDocInfo.addTokenElement(elem);
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/Credential.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/Credential.java?rev=1387948&r1=1387947&r2=1387948&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/Credential.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/Credential.java Thu Sep 20 10:30:03 2012
@@ -22,6 +22,7 @@ package org.apache.ws.security.validate;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
+import javax.security.auth.Subject;
import org.apache.ws.security.message.token.BinarySecurity;
import org.apache.ws.security.message.token.SecurityContextToken;
@@ -46,6 +47,7 @@ public class Credential {
private SecurityContextToken securityContextToken;
private Principal principal;
private byte[] secretKey;
+ private Subject subject;
/**
* Set a SecurityContextToken to be validated
@@ -208,4 +210,20 @@ public class Credential {
return principal;
}
+ /**
+ * Set the subject that may result from the Validation process
+ * @param subject the subject that may result from the Validation process
+ */
+ public void setSubject(Subject subject) {
+ this.subject = subject;
+ }
+
+ /**
+ * Get the subject that may result from the Validation process
+ * @return the subject that may result from the Validation process
+ */
+ public Subject getSubject() {
+ return subject;
+ }
+
}
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/JAASUsernameTokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/JAASUsernameTokenValidator.java?rev=1387948&r1=1387947&r2=1387948&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/JAASUsernameTokenValidator.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/JAASUsernameTokenValidator.java Thu Sep 20 10:30:03 2012
@@ -19,6 +19,7 @@
package org.apache.ws.security.validate;
+import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
@@ -102,7 +103,8 @@ public class JAASUsernameTokenValidator
CallbackHandler handler = getCallbackHandler(user, password);
LoginContext ctx = new LoginContext(getContextName(), handler);
ctx.login();
- ctx.getSubject();
+ Subject subject = ctx.getSubject();
+ credential.setSubject(subject);
} catch (LoginException ex) {
log.info("Authentication failed", ex);
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java?rev=1387948&r1=1387947&r2=1387948&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java Thu Sep 20 10:30:03 2012
@@ -209,6 +209,7 @@ public class KerberosTokenValidator impl
);
}
credential.setPrincipal(principal);
+ credential.setSubject(subject);
// Try to extract the session key from the token if a KerberosTokenDecoder implementation is
// available