You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by sh...@apache.org on 2010/12/22 08:07:06 UTC

svn commit: r1051777 - in /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart: builder/AsymmetricBindingBuilder.java builder/BindingBuilder.java util/RampartUtil.java

Author: shankar
Date: Wed Dec 22 07:07:05 2010
New Revision: 1051777

URL: http://svn.apache.org/viewvc?rev=1051777&view=rev
Log:
Applying patch from RAMPART-277

Modified:
    axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
    axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
    axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java

Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java?rev=1051777&r1=1051776&r2=1051777&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java Wed Dec 22 07:07:05 2010
@@ -175,7 +175,7 @@ public class AsymmetricBindingBuilder ex
                     encr.setDocument(doc);
                     RampartUtil.setEncryptionUser(rmd, encr);
                     encr.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
-                    RampartUtil.setKeyIdentifierType(rpd,encr, encryptionToken);
+                    RampartUtil.setKeyIdentifierType(rmd, encr, encryptionToken);
                     encr.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
                     encr.prepare(doc, RampartUtil.getEncryptionCrypto(config, rmd.getCustomClassLoader()));
 
@@ -528,7 +528,7 @@ public class AsymmetricBindingBuilder ex
                     
                     WSSecEncrypt encr = new WSSecEncrypt();
                     
-                    RampartUtil.setKeyIdentifierType(rpd, encr, encrToken);
+                    RampartUtil.setKeyIdentifierType(rmd, encr, encrToken);
                     
                     encr.setWsConfig(rmd.getConfig());
                     
@@ -765,7 +765,7 @@ public class AsymmetricBindingBuilder ex
 
             WSSecEncrypt encr = new WSSecEncrypt();
 
-            RampartUtil.setKeyIdentifierType(rpd, encr, encrToken);
+            RampartUtil.setKeyIdentifierType(rmd, encr, encrToken);
 
             encr.setWsConfig(rmd.getConfig());
 

Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java?rev=1051777&r1=1051776&r2=1051777&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java Wed Dec 22 07:07:05 2010
@@ -218,7 +218,7 @@ public abstract class BindingBuilder {
         WSSecEncryptedKey encrKey = new WSSecEncryptedKey();
         
         try {
-            RampartUtil.setKeyIdentifierType(rpd, encrKey, token);
+            RampartUtil.setKeyIdentifierType(rmd, encrKey, token);
             RampartUtil.setEncryptionUser(rmd, encrKey);
             encrKey.setKeySize(rpd.getAlgorithmSuite().getMaximumSymmetricKeyLength());
             encrKey.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
@@ -261,7 +261,7 @@ public abstract class BindingBuilder {
         
         log.debug("Token inclusion: " + token.getInclusion());
         
-        RampartUtil.setKeyIdentifierType(rpd, sig, token);
+        RampartUtil.setKeyIdentifierType(rmd, sig, token);
 
         String user = null;
         
@@ -345,7 +345,6 @@ public abstract class BindingBuilder {
         //Create the list to hold the tokens
         HashMap endSuppTokMap = new HashMap();
         
-
         if(suppTokens != null && suppTokens.getTokens() != null &&
                 suppTokens.getTokens().size() > 0) {
             log.debug("Processing supporting tokens");
@@ -412,10 +411,8 @@ public abstract class BindingBuilder {
                     //Add the UT
                     Element elem = utBuilder.getUsernameTokenElement();
                     elem = RampartUtil.insertSiblingAfter(rmd, this.getInsertionLocation(), elem);
-
-                    if (suppTokens.isEncryptedToken()) {
-                        encryptedTokensIdList.add(utBuilder.getId());
-                    }
+                    
+                    encryptedTokensIdList.add(utBuilder.getId());
                     
                     //Move the insert location to the next element
                     this.setInsertionLocation(elem);

Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?rev=1051777&r1=1051776&r2=1051777&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java Wed Dec 22 07:07:05 2010
@@ -1301,10 +1301,16 @@ public class RampartUtil {
      * the WSS11 and WSS10 assertions
      */
     
-    public static void setKeyIdentifierType(RampartPolicyData rpd, WSSecBase secBase,org.apache.ws.secpolicy.model.Token token) {
-		
-    	if (token.getInclusion() == SPConstants.INCLUDE_TOKEN_NEVER) {
-			
+    public static void setKeyIdentifierType(RampartMessageData rmd, WSSecBase secBase,org.apache.ws.secpolicy.model.Token token) {
+
+        // Use a reference rather than the binary security token if: the policy never allows the token to be
+        // included; or this is the recipient and the token should only be included in requests; or this is
+        // the initiator and the token should only be included in responses.
+        final boolean useReference = token.getInclusion() == SPConstants.INCLUDE_TOKEN_NEVER
+                                     || !rmd.isInitiator() && token.getInclusion() == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_RECIPIENT
+                                     || rmd.isInitiator() && token.getInclusion() == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_INITIATOR;
+        if (useReference) {
+
     		boolean tokenTypeSet = false;
     		
     		if(token instanceof X509Token) {
@@ -1323,6 +1329,7 @@ public class RampartUtil {
     		} 
     		
     		if (!tokenTypeSet) {
+                final RampartPolicyData rpd = rmd.getPolicyData();
 	    		Wss10 wss = rpd.getWss11();
 				if (wss == null) {
 					wss = rpd.getWss10();