You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by ve...@apache.org on 2011/10/19 00:04:37 UTC
svn commit: r1185899 - in /axis/axis2/java/rampart/branches/1_5_x: ./
modules/documentation/src/site/xdoc/download/1.5.1/
modules/rampart-core/src/main/java/org/apache/rampart/
modules/rampart-core/src/main/java/org/apache/rampart/util/
modules/rampart...
Author: veithen
Date: Tue Oct 18 22:04:37 2011
New Revision: 1185899
URL: http://svn.apache.org/viewvc?rev=1185899&view=rev
Log:
RAMPART-278: Merged r1052172 and r1052173 to the 1.5 branch.
Added:
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/src/test/resources/rampart/policy/31.xml
- copied unchanged from r1052173, axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/31.xml
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/src/test/resources/rampart/services-31.xml
- copied unchanged from r1052173, axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-31.xml
Modified:
axis/axis2/java/rampart/branches/1_5_x/ (props changed)
axis/axis2/java/rampart/branches/1_5_x/modules/documentation/src/site/xdoc/download/1.5.1/download.xml (props changed)
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/pom.xml
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
Propchange: axis/axis2/java/rampart/branches/1_5_x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Oct 18 22:04:37 2011
@@ -1 +1 @@
-/axis/axis2/java/rampart/trunk:1072178,1072180,1072182,1072187,1072313,1072316,1083686,1089599,1130570,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413
+/axis/axis2/java/rampart/trunk:1052172-1052173,1072178,1072180,1072182,1072187,1072313,1072316,1083686,1089599,1130570,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413
Propchange: axis/axis2/java/rampart/branches/1_5_x/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Oct 18 22:04:37 2011
@@ -1 +1 @@
-/axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/download/1.5.1/download.xml:1072178,1072180,1072182,1072187,1072313,1072316,1083686,1089599,1130570,1131278,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413
+/axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/download/1.5.1/download.xml:1052172-1052173,1072178,1072180,1072182,1072187,1072313,1072316,1083686,1089599,1130570,1131278,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413
Modified: axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java?rev=1185899&r1=1185898&r2=1185899&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java (original)
+++ axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java Tue Oct 18 22:04:37 2011
@@ -31,6 +31,7 @@ import org.apache.ws.security.message.to
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
import org.jaxen.XPath;
import org.jaxen.JaxenException;
@@ -555,16 +556,34 @@ public class PolicyBasedResultsValidator
Vector actuallySigned = new Vector();
if (actionResults != null) {
for (int j = 0; j < actionResults.length; j++) {
+
WSSecurityEngineResult actionResult = actionResults[j];
- Set signedIDs = (Set) actionResult
- .get(WSSecurityEngineResult.TAG_SIGNED_ELEMENT_IDS);
- for (Iterator i = signedIDs.iterator(); i.hasNext();) {
- String e = (String) i.next();
-
- Element element = WSSecurityUtil.findElementById(envelope, e,
- WSConstants.WSU_NS);
- actuallySigned.add(element);
+ List wsDataRefs = (List)actionResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+
+ // if header was encrypted before it was signed, protected
+ // element is 'EncryptedHeader.' the actual element is
+ // first child element
+
+ for (Iterator k = wsDataRefs.iterator(); k.hasNext();) {
+ WSDataRef wsDataRef = (WSDataRef)k.next();
+ Element protectedElement = wsDataRef.getProtectedElement();
+ if (protectedElement.getLocalName().equals("EncryptedHeader")) {
+ NodeList nodeList = protectedElement.getChildNodes();
+ for (int x = 0; x < nodeList.getLength(); x++) {
+ if (nodeList.item(x).getNodeType() == Node.ELEMENT_NODE) {
+ String ns = ((Element)nodeList.item(x)).getNamespaceURI();
+ String ln = ((Element)nodeList.item(x)).getLocalName();
+ actuallySigned.add(new QName(ns,ln));
+ break;
+ }
+ }
+ } else {
+ String ns = protectedElement.getNamespaceURI();
+ String ln = protectedElement.getLocalName();
+ actuallySigned.add(new QName(ns,ln));
+ }
}
+
}
}
@@ -573,15 +592,15 @@ public class PolicyBasedResultsValidator
if (wsep.getType() == WSConstants.PART_TYPE_BODY) {
- Element body;
+ QName bodyQName;
if (WSConstants.URI_SOAP11_ENV.equals(envelope.getNamespaceURI())) {
- body = WSSecurityUtil.findBodyElement(rmd.getDocument(), new SOAP11Constants());
+ bodyQName = new SOAP11Constants().getBodyQName();
} else {
- body = WSSecurityUtil.findBodyElement(rmd.getDocument(), new SOAP12Constants());
+ bodyQName = new SOAP12Constants().getBodyQName();
}
- if (!actuallySigned.contains(body) && !rmd.getPolicyData().isSignBodyOptional()) {
+ if (!actuallySigned.contains(bodyQName) && !rmd.getPolicyData().isSignBodyOptional()) {
// soap body is not signed
throw new RampartException("bodyNotSigned");
}
@@ -591,6 +610,7 @@ public class PolicyBasedResultsValidator
Element element = (Element) WSSecurityUtil.findElement(
envelope, wsep.getName(), wsep.getNamespace() );
+
if( element == null ) {
// The signedpart header or element we are checking is not present in
// soap envelope - this is allowed
@@ -598,7 +618,7 @@ public class PolicyBasedResultsValidator
}
// header or the element present in soap envelope - verify that it is part of signature
- if( actuallySigned.contains( element) ) {
+ if( actuallySigned.contains( new QName(element.getNamespaceURI(), element.getLocalName())) ) {
continue;
}
Modified: axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java?rev=1185899&r1=1185898&r2=1185899&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java (original)
+++ axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java Tue Oct 18 22:04:37 2011
@@ -205,7 +205,9 @@ public class Axis2Util {
OMNamespace ns = (OMNamespace) nsIter.next();
header.declareNamespace(ns);
}
- Iterator children = element.getChildElements();
+ // retrieve all child nodes (including any text nodes)
+ // and re-attach to header block
+ Iterator children = element.getChildren();
while (children.hasNext()) {
OMNode child = (OMNode)children.next();
children.remove();
Modified: axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/pom.xml
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/pom.xml?rev=1185899&r1=1185898&r2=1185899&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/pom.xml (original)
+++ axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/pom.xml Tue Oct 18 22:04:37 2011
@@ -249,6 +249,12 @@
<copy overwrite="yes" file="src/test/resources/rampart/services-30.xml" tofile="target/temp-ramp/META-INF/services.xml" />
<jar jarfile="target/test-resources/rampart_service_repo/services/SecureService30.aar" basedir="target/temp-ramp" />
+ <!-- Service 31 -->
+ <copy overwrite="yes"
+ file="src/test/resources/rampart/services-31.xml"
+ tofile="target/temp-ramp/META-INF/services.xml"/>
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService31.aar"
+ basedir="target/temp-ramp"/>
<!-- Service SC-1 -->
<copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties" />
Modified: axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1185899&r1=1185898&r2=1185899&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java (original)
+++ axis/axis2/java/rampart/branches/1_5_x/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java Tue Oct 18 22:04:37 2011
@@ -21,6 +21,8 @@ import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axiom.om.util.AXIOMUtil;
+import org.apache.axiom.soap.SOAPHeaderBlock;
import org.apache.axis2.Constants;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
@@ -77,7 +79,7 @@ public class RampartTest extends TestCas
"Unlimited Strength Jurisdiction Policy !!!");
}
- for (int i = 1; i <= 30; i++) { //<-The number of tests we have
+ for (int i = 1; i <= 31; i++) { //<-The number of tests we have
if(!basic256Supported && (i == 3 || i == 4 || i == 5)) {
//Skip the Basic256 tests
continue;
@@ -106,7 +108,16 @@ public class RampartTest extends TestCas
context.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy("/rampart/policy/" + i + ".xml"));
serviceClient.setOptions(options);
-
+
+ if (i == 31) {
+ OMNamespace omNamespace = OMAbstractFactory.getOMFactory().createOMNamespace(
+ "http://sample.com", "myNs");
+ SOAPHeaderBlock header = OMAbstractFactory.getSOAP12Factory()
+ .createSOAPHeaderBlock("VitalHeader", omNamespace);
+ header.addChild(AXIOMUtil.stringToOM("<foo>This is a sample Header</foo>"));
+ serviceClient.addHeader(header);
+ }
+
// Invoking the serive in the TestCase-28 should fail. So handling it differently..
if (i == 28) {
try {