You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2013/07/20 15:54:17 UTC
svn commit: r1505134 - in /webservices/wss4j/trunk/ws-security-policy-stax/src: main/java/org/apache/wss4j/policy/stax/ main/java/org/apache/wss4j/policy/stax/assertionStates/ test/java/org/apache/wss4j/policy/stax/test/

Author: giger
Date: Sat Jul 20 13:54:17 2013
New Revision: 1505134

URL: http://svn.apache.org/r1505134
Log:
fix body encryption assertion

Modified:
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/EncryptedPartsAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/EncryptedPartsTest.java

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java?rev=1505134&r1=1505133&r2=1505134&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java Sat Jul 20 13:54:17 2013
@@ -183,7 +183,11 @@ public class PolicyInputProcessor extend
                             = new EncryptedPartSecurityEvent(null, false, null);
                     encryptedPartSecurityEvent.setElementPath(elementPath);
                     policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
-                } else if (documentLevel == 3 && WSSUtils.isInSOAPBody(elementPath)) {
+                }
+                //the body element has documentLevel 2 but we have to use 3 because
+                //the body element itself is never encrypted but child elements are. So we
+                //test for the body child element.
+                else if (documentLevel == 3 && WSSUtils.isInSOAPBody(elementPath)) {
 
                     EncryptedPartSecurityEvent encryptedPartSecurityEvent
                             = new EncryptedPartSecurityEvent(null, false, null);

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/EncryptedPartsAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/EncryptedPartsAssertionState.java?rev=1505134&r1=1505133&r2=1505134&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/EncryptedPartsAssertionState.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/EncryptedPartsAssertionState.java Sat Jul 20 13:54:17 2013
@@ -59,14 +59,14 @@ public class EncryptedPartsAssertionStat
         EncryptedPartSecurityEvent encryptedPartSecurityEvent = (EncryptedPartSecurityEvent) securityEvent;
         EncryptedParts encryptedParts = (EncryptedParts) getAssertion();
 
-        if (encryptedParts.isBody()
-                && (WSSUtils.pathMatches(WSSConstants.SOAP_11_BODY_PATH, encryptedPartSecurityEvent.getElementPath(), true, false))) {
+        //we'll never get events with the exact body path but child elements so we can just check if we are in the body
+        if (encryptedParts.isBody() && WSSUtils.isInSOAPBody(encryptedPartSecurityEvent.getElementPath())) {
             if (encryptedPartSecurityEvent.isEncrypted()) {
                 setAsserted(true);
                 return true;
             } else {
                 setAsserted(false);
-                setErrorMessage("Element " + WSSUtils.pathAsString(encryptedPartSecurityEvent.getElementPath()) + " must be encrypted");
+                setErrorMessage("SOAP-Body must be encrypted");
                 return false;
             }
         }

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/EncryptedPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/EncryptedPartsTest.java?rev=1505134&r1=1505133&r2=1505134&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/EncryptedPartsTest.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/EncryptedPartsTest.java Sat Jul 20 13:54:17 2013
@@ -153,7 +153,7 @@ public class EncryptedPartsTest extends 
         } catch (WSSecurityException e) {
             Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
             Assert.assertEquals(e.getCause().getMessage(),
-                    "Element /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Body must be encrypted");
+                    "SOAP-Body must be encrypted");
             Assert.assertEquals(e.getFaultCode(), WSSecurityException.INVALID_SECURITY);
         }
     }