You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2016/01/11 12:07:51 UTC
svn commit: r1724006 [1/2] - in /webservices/wss4j/branches/2_1_x-fixes:
ws-security-dom/src/main/java/org/apache/wss4j/dom/util/
ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/
ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/proce...
Author: coheigea
Date: Mon Jan 11 11:07:51 2016
New Revision: 1724006
URL: http://svn.apache.org/viewvc?rev=1724006&view=rev
Log:
More checkstyle work
Modified:
webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/X509Util.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/CustomTokenOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderReorderProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/TimestampOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/X509Util.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/X509Util.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/X509Util.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/X509Util.java Mon Jan 11 11:07:51 2016
@@ -117,8 +117,8 @@ public final class X509Util {
return decryptedData;
}
- public static PublicKey parseKeyValue( Element keyInfoElement,
- XMLSignatureFactory signatureFactory) throws WSSecurityException {
+ public static PublicKey parseKeyValue(Element keyInfoElement,
+ XMLSignatureFactory signatureFactory) throws WSSecurityException {
KeyValue keyValue = null;
try {
//
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java Mon Jan 11 11:07:51 2016
@@ -47,8 +47,8 @@ public class WSSecurityStreamReader exte
Throwable cause = e.getCause();
// Allow a WSSPolicyException
- if (returnSecurityError || initiator ||
- cause != null && cause.getCause() instanceof WSSPolicyException) {
+ if (returnSecurityError || initiator
+ || cause != null && cause.getCause() instanceof WSSPolicyException) {
throw e;
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java Mon Jan 11 11:07:51 2016
@@ -66,12 +66,14 @@ public class BinarySecurityTokenInputHan
binarySecurityTokenType.setId(IDGenerator.generateID(null));
}
- final WSInboundSecurityContext wsInboundSecurityContext = (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
+ final WSInboundSecurityContext wsInboundSecurityContext =
+ (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
final WSSSecurityProperties wssSecurityProperties = (WSSSecurityProperties) securityProperties;
final List<QName> elementPath = getElementPath(eventQueue);
final List<XMLSecEvent> xmlSecEvents = getResponsibleXMLSecEvents(eventQueue, index);
- final TokenContext tokenContext = new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
+ final TokenContext tokenContext =
+ new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
BinarySecurityTokenValidator binarySecurityTokenValidator =
wssSecurityProperties.getValidator(WSSConstants.TAG_wsse_BinarySecurityToken);
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java Mon Jan 11 11:07:51 2016
@@ -238,7 +238,8 @@ public class DecryptInputProcessor exten
protected void handleSecurityToken(InboundSecurityToken inboundSecurityToken, InboundSecurityContext inboundSecurityContext,
EncryptedDataType encryptedDataType) throws XMLSecurityException {
inboundSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_Encryption);
- TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = WSSUtils.createTokenSecurityEvent(inboundSecurityToken, encryptedDataType.getId());
+ TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent =
+ WSSUtils.createTokenSecurityEvent(inboundSecurityToken, encryptedDataType.getId());
inboundSecurityContext.registerSecurityEvent(tokenSecurityEvent);
}
@@ -373,22 +374,6 @@ public class DecryptInputProcessor exten
}
}
- /*
- <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-1612925417" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <xenc:EncryptionMethod xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
- <wsse:Reference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" URI="#EncKeyId-1483925398" />
- </wsse:SecurityTokenReference>
- </ds:KeyInfo>
- <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
- <xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
- ...
- </xenc:CipherValue>
- </xenc:CipherData>
- </xenc:EncryptedData>
- */
-
/**
* The DecryptedEventReaderInputProcessor reads the decrypted stream with a StAX reader and
* forwards the generated XMLEvents
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java Mon Jan 11 11:07:51 2016
@@ -80,13 +80,15 @@ public class EncryptedDataInputHandler e
//replay the EncryptedData event for the DecryptInputProcessor:
InputProcessor tmpProcessor = new AbstractInputProcessor(securityProperties) {
@Override
- public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
inputProcessorChain.removeProcessor(this);
return encryptedDataElement;
}
@Override
- public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
inputProcessorChain.removeProcessor(this);
return encryptedDataElement;
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java Mon Jan 11 11:07:51 2016
@@ -83,6 +83,7 @@ import org.apache.xml.security.stax.secu
import org.apache.xml.security.stax.securityEvent.SignedElementSecurityEvent;
import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityToken;
+import org.apache.xml.security.stax.securityToken.SecurityTokenConstants.TokenUsage;
import org.apache.xml.security.stax.securityToken.SecurityTokenFactory;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
import org.opensaml.security.credential.BasicCredential;
@@ -122,7 +123,8 @@ public class SAMLTokenInputHandler exten
final Element samlElement = samlTokenDocument.getDocumentElement();
final SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(samlElement);
- SamlTokenValidator samlTokenValidator = wssSecurityProperties.getValidator(new QName(samlElement.getNamespaceURI(), samlElement.getLocalName()));
+ SamlTokenValidator samlTokenValidator =
+ wssSecurityProperties.getValidator(new QName(samlElement.getNamespaceURI(), samlElement.getLocalName()));
if (samlTokenValidator == null) {
samlTokenValidator = new SamlTokenValidatorImpl();
}
@@ -230,7 +232,8 @@ public class SAMLTokenInputHandler exten
final List<XMLSecEvent> xmlSecEvents = getResponsibleXMLSecEvents(eventQueue, index);
final List<QName> elementPath = getElementPath(eventQueue);
- final TokenContext tokenContext = new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
+ final TokenContext tokenContext =
+ new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
//jdk 1.6 compiler bug? http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6302954
//type parameters of <T>T cannot be determined; no unique maximal instance exists for type variable T with
@@ -584,8 +587,10 @@ public class SAMLTokenInputHandler exten
private List<SignedElementSecurityEvent> samlTokenSignedElementSecurityEvents = new ArrayList<>();
private SignedPartSecurityEvent bodySignedPartSecurityEvent;
- SAMLTokenVerifierInputProcessor(XMLSecurityProperties securityProperties, SamlAssertionWrapper samlAssertionWrapper,
- SecurityTokenProvider<InboundSecurityToken> securityTokenProvider, InboundSecurityToken subjectSecurityToken) {
+ SAMLTokenVerifierInputProcessor(XMLSecurityProperties securityProperties,
+ SamlAssertionWrapper samlAssertionWrapper,
+ SecurityTokenProvider<InboundSecurityToken> securityTokenProvider,
+ InboundSecurityToken subjectSecurityToken) {
super(securityProperties);
this.setPhase(XMLSecurityConstants.Phase.POSTPROCESSING);
this.addAfterProcessor(OperationInputProcessor.class.getName());
@@ -691,12 +696,7 @@ public class SAMLTokenInputHandler exten
InboundSecurityToken securityToken = securityTokenProvider.getSecurityToken();
// Don't compare to the original SAML Token credentials...
if (securityToken == httpsSecurityToken || securityToken == subjectSecurityToken
- || !(securityToken.getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_MainSignature)
- || securityToken.getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_Signature)
- || securityToken.getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_EndorsingEncryptedSupportingTokens)
- || securityToken.getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_EndorsingSupportingTokens)
- || securityToken.getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_SignedEndorsingEncryptedSupportingTokens)
- || securityToken.getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_SignedEndorsingSupportingTokens))) {
+ || !containsSignature(securityToken.getTokenUsages())) {
continue;
}
X509Certificate[] x509Certificates = securityToken.getX509Certificates();
@@ -774,5 +774,14 @@ public class SAMLTokenInputHandler exten
}
return null;
}
+
+ private boolean containsSignature(List<TokenUsage> tokenUses) {
+ return tokenUses.contains(WSSecurityTokenConstants.TokenUsage_MainSignature)
+ || tokenUses.contains(WSSecurityTokenConstants.TokenUsage_Signature)
+ || tokenUses.contains(WSSecurityTokenConstants.TokenUsage_EndorsingEncryptedSupportingTokens)
+ || tokenUses.contains(WSSecurityTokenConstants.TokenUsage_EndorsingSupportingTokens)
+ || tokenUses.contains(WSSecurityTokenConstants.TokenUsage_SignedEndorsingEncryptedSupportingTokens)
+ || tokenUses.contains(WSSecurityTokenConstants.TokenUsage_SignedEndorsingSupportingTokens);
+ }
}
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java Mon Jan 11 11:07:51 2016
@@ -60,12 +60,14 @@ public class SecurityContextTokenInputHa
final String identifier = (String) XMLSecurityUtils.getQNameType(securityContextTokenType.getAny(),
elementName);
- final WSInboundSecurityContext wsInboundSecurityContext = (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
+ final WSInboundSecurityContext wsInboundSecurityContext =
+ (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
final WSSSecurityProperties wssSecurityProperties = (WSSSecurityProperties) securityProperties;
final List<XMLSecEvent> xmlSecEvents = getResponsibleXMLSecEvents(eventQueue, index);
final List<QName> elementPath = getElementPath(eventQueue);
- final TokenContext tokenContext = new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
+ final TokenContext tokenContext =
+ new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
SecurityContextTokenValidator securityContextTokenValidator = wssSecurityProperties.getValidator(elementName);
if (securityContextTokenValidator == null) {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java Mon Jan 11 11:07:51 2016
@@ -176,12 +176,14 @@ public class SecurityTokenReferenceInput
return securityTokenReferenceId;
}
};
- inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(securityTokenReferenceId, securityTokenProvider);
+ inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(securityTokenReferenceId,
+ securityTokenProvider);
return xmlSecEvent;
} else if (xmlSecEndElement.getDocumentLevel() == 3
&& xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)
- && WSSUtils.isInSecurityHeader(xmlSecEndElement, ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
+ && WSSUtils.isInSecurityHeader(xmlSecEndElement,
+ ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
//we can now remove this processor from the chain
inputProcessorChain.removeProcessor(this);
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java Mon Jan 11 11:07:51 2016
@@ -55,7 +55,8 @@ public class SignatureConfirmationInputH
inputProcessorChain.getSecurityContext().registerSecurityEvent(signatureConfirmationSecurityEvent);
}
- private void checkBSPCompliance(InputProcessorChain inputProcessorChain, SignatureConfirmationType signatureConfirmationType) throws WSSecurityException {
+ private void checkBSPCompliance(InputProcessorChain inputProcessorChain, SignatureConfirmationType signatureConfirmationType)
+ throws WSSecurityException {
if (signatureConfirmationType.getId() == null) {
((WSInboundSecurityContext) inputProcessorChain.getSecurityContext()).handleBSPRule(BSPRule.R5441);
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java Mon Jan 11 11:07:51 2016
@@ -52,7 +52,8 @@ public class TimestampInputHandler exten
Deque<XMLSecEvent> eventQueue, Integer index) throws XMLSecurityException {
final WSSSecurityProperties wssSecurityProperties = (WSSSecurityProperties) securityProperties;
- final WSInboundSecurityContext wssecurityContextInbound = (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
+ final WSInboundSecurityContext wssecurityContextInbound =
+ (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
//Chapter 10 Security Timestamps: ...may only be present at most once per header (that is, per SOAP actor/role)
Boolean alreadyProcessed = wssecurityContextInbound.<Boolean>get(WSSConstants.TIMESTAMP_PROCESSED);
@@ -156,7 +157,8 @@ public class TimestampInputHandler exten
if (createdCalendar.getSecond() > 59) {
securityContext.handleBSPRule(BSPRule.R3213);
}
- String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getCreated().getOtherAttributes(), WSSConstants.ATT_NULL_ValueType);
+ String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getCreated().getOtherAttributes(),
+ WSSConstants.ATT_NULL_ValueType);
if (valueType != null) {
securityContext.handleBSPRule(BSPRule.R3225);
}
@@ -181,7 +183,8 @@ public class TimestampInputHandler exten
if (expiresCalendar.getSecond() > 59) {
securityContext.handleBSPRule(BSPRule.R3215);
}
- String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getExpires().getOtherAttributes(), WSSConstants.ATT_NULL_ValueType);
+ String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getExpires().getOtherAttributes(),
+ WSSConstants.ATT_NULL_ValueType);
if (valueType != null) {
securityContext.handleBSPRule(BSPRule.R3226);
}
@@ -191,10 +194,4 @@ public class TimestampInputHandler exten
}
}
- /*
- <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-1106985890">
- <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2009-11-18T10:11:28.358Z</wsu:Created>
- <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2009-11-18T10:26:28.358Z</wsu:Expires>
- </wsu:Timestamp>
- */
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java Mon Jan 11 11:07:51 2016
@@ -97,10 +97,12 @@ public class UsernameTokenInputHandler e
}
}
- final WSInboundSecurityContext wsInboundSecurityContext = (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
+ final WSInboundSecurityContext wsInboundSecurityContext =
+ (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
final List<QName> elementPath = getElementPath(eventQueue);
- final TokenContext tokenContext = new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
+ final TokenContext tokenContext =
+ new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
UsernameTokenValidator usernameTokenValidator =
wssSecurityProperties.getValidator(WSSConstants.TAG_wsse_UsernameToken);
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java Mon Jan 11 11:07:51 2016
@@ -44,7 +44,9 @@ public class WSSEncryptedKeyInputHandler
org.slf4j.LoggerFactory.getLogger(WSSEncryptedKeyInputHandler.class);
@Override
- public void handle(InputProcessorChain inputProcessorChain, EncryptedKeyType encryptedKeyType, XMLSecEvent responsibleXMLSecStartXMLEvent, XMLSecurityProperties securityProperties) throws XMLSecurityException {
+ public void handle(InputProcessorChain inputProcessorChain, EncryptedKeyType encryptedKeyType,
+ XMLSecEvent responsibleXMLSecStartXMLEvent, XMLSecurityProperties securityProperties)
+ throws XMLSecurityException {
checkBSPCompliance(inputProcessorChain, encryptedKeyType);
// Check encryption algorithm against the required algorithm, if defined
@@ -110,22 +112,4 @@ public class WSSEncryptedKeyInputHandler
}
}
}
-
- /*
- <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncKeyId-1483925398">
- <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
- <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
- ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">pHoiKNGY2YsLBKxwIV+jURt858M=</wsse:KeyIdentifier>
- </wsse:SecurityTokenReference>
- </ds:KeyInfo>
- <xenc:CipherData>
- <xenc:CipherValue>Khsa9SN3ALNXOgGDKOqihvfwGsXb9QN/q4Fpi9uuThgz+3D4oRSMkrGSPCqwG13vddvHywGAA/XNbWNT+5Xivz3lURCDCc2H/92YlXXo/crQNJnPlLrLZ81bGOzbNo7lnYQBLp/77K7b1bhldZAeV9ZfEW7DjbOMZ+k1dnDCu3A=</xenc:CipherValue>
- </xenc:CipherData>
- <xenc:ReferenceList>
- <xenc:DataReference URI="#EncDataId-1612925417" />
- </xenc:ReferenceList>
- </xenc:EncryptedKey>
- */
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java Mon Jan 11 11:07:51 2016
@@ -171,7 +171,8 @@ public class WSSSignatureInputHandler ex
signatureType.getKeyInfo(), WSSecurityTokenConstants.KeyUsage_Signature_Verification,
securityProperties, inboundSecurityContext);
- SignatureTokenValidator signatureTokenValidator = ((WSSSecurityProperties) securityProperties).getValidator(WSSConstants.TAG_dsig_Signature);
+ SignatureTokenValidator signatureTokenValidator =
+ ((WSSSecurityProperties) securityProperties).getValidator(WSSConstants.TAG_dsig_Signature);
if (signatureTokenValidator == null) {
signatureTokenValidator = new SignatureTokenValidatorImpl();
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java Mon Jan 11 11:07:51 2016
@@ -224,7 +224,9 @@ public class WSSSignatureReferenceVerify
&& !WSSConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS.equals(algorithm)) {
securityContext.handleBSPRule(BSPRule.R5412);
}
- InclusiveNamespaces inclusiveNamespacesType = XMLSecurityUtils.getQNameType(transformType.getContent(), XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
+ InclusiveNamespaces inclusiveNamespacesType =
+ XMLSecurityUtils.getQNameType(transformType.getContent(),
+ XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
if (WSSConstants.NS_C14N_EXCL.equals(algorithm)
&& inclusiveNamespacesType != null
&& inclusiveNamespacesType.getPrefixList().size() == 0) {
@@ -236,12 +238,14 @@ public class WSSSignatureReferenceVerify
securityContext.handleBSPRule(BSPRule.R5413);
}
TransformationParametersType transformationParametersType =
- XMLSecurityUtils.getQNameType(transformType.getContent(), WSSConstants.TAG_wsse_TransformationParameters);
+ XMLSecurityUtils.getQNameType(transformType.getContent(),
+ WSSConstants.TAG_wsse_TransformationParameters);
if (transformationParametersType == null) {
securityContext.handleBSPRule(BSPRule.R3065);
} else {
CanonicalizationMethodType canonicalizationMethodType =
- XMLSecurityUtils.getQNameType(transformationParametersType.getAny(), WSSConstants.TAG_dsig_CanonicalizationMethod);
+ XMLSecurityUtils.getQNameType(transformationParametersType.getAny(),
+ WSSConstants.TAG_dsig_CanonicalizationMethod);
if (canonicalizationMethodType == null) {
securityContext.handleBSPRule(BSPRule.R3065);
}
@@ -354,13 +358,15 @@ public class WSSSignatureReferenceVerify
XMLSecurityUtils.getQNameType(transformType.getContent(), WSSConstants.TAG_wsse_TransformationParameters);
if (transformationParametersType != null) {
CanonicalizationMethodType canonicalizationMethodType =
- XMLSecurityUtils.getQNameType(transformationParametersType.getAny(), WSSConstants.TAG_dsig_CanonicalizationMethod);
+ XMLSecurityUtils.getQNameType(transformationParametersType.getAny(),
+ WSSConstants.TAG_dsig_CanonicalizationMethod);
if (canonicalizationMethodType != null) {
algorithm = canonicalizationMethodType.getAlgorithm();
InclusiveNamespaces inclusiveNamespacesType =
- XMLSecurityUtils.getQNameType(canonicalizationMethodType.getContent(), XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
+ XMLSecurityUtils.getQNameType(canonicalizationMethodType.getContent(),
+ XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
Map<String, Object> transformerProperties = null;
if (inclusiveNamespacesType != null) {
@@ -381,7 +387,8 @@ public class WSSSignatureReferenceVerify
inputProcessorChain.getSecurityContext().registerSecurityEvent(algorithmSuiteSecurityEvent);
InclusiveNamespaces inclusiveNamespacesType =
- XMLSecurityUtils.getQNameType(transformType.getContent(), XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
+ XMLSecurityUtils.getQNameType(transformType.getContent(),
+ XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
Map<String, Object> transformerProperties = null;
if (inclusiveNamespacesType != null) {
@@ -404,8 +411,9 @@ public class WSSSignatureReferenceVerify
internalSignatureReferenceVerifier.setTransformer(parentTransformer);
+ String uri = XMLSecurityUtils.dropReferenceMarker(referenceType.getURI());
SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider =
- inputProcessorChain.getSecurityContext().getSecurityTokenProvider(XMLSecurityUtils.dropReferenceMarker(referenceType.getURI()));
+ inputProcessorChain.getSecurityContext().getSecurityTokenProvider(uri);
if (securityTokenProvider == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "noReference");
}
@@ -415,7 +423,8 @@ public class WSSSignatureReferenceVerify
}
SecurityTokenReference securityTokenReference = (SecurityTokenReference) securityToken;
//todo analyse and fix me: the following statement could be problematic
- inputProcessorChain.getDocumentContext().setIsInSignedContent(inputProcessorChain.getProcessors().indexOf(internalSignatureReferenceVerifier), internalSignatureReferenceVerifier);
+ int index = inputProcessorChain.getProcessors().indexOf(internalSignatureReferenceVerifier);
+ inputProcessorChain.getDocumentContext().setIsInSignedContent(index, internalSignatureReferenceVerifier);
XMLSecStartElement xmlSecStartElement = securityTokenReference.getXmlSecEvents().getLast().asStartElement();
internalSignatureReferenceVerifier.setStartElement(xmlSecStartElement);
Iterator<XMLSecEvent> xmlSecEventIterator = securityTokenReference.getXmlSecEvents().descendingIterator();
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -48,7 +48,8 @@ public class BinarySecurityTokenOutputPr
}
@Override
- public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
try {
GenericOutboundSecurityToken securityToken = null;
@@ -87,16 +88,20 @@ public class BinarySecurityTokenOutputPr
if (securityToken != null) {
if (WSSConstants.SIGNATURE.equals(action)
&& (includeToken || WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference.equals(keyIdentifier))
- && (securityToken.getTokenType() == null || WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
- FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor = new FinalBinarySecurityTokenOutputProcessor(securityToken);
+ && (securityToken.getTokenType() == null
+ || WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
+ FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
+ new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction());
finalBinarySecurityTokenOutputProcessor.addBeforeProcessor(WSSSignatureOutputProcessor.class.getName());
finalBinarySecurityTokenOutputProcessor.init(outputProcessorChain);
securityToken.setProcessor(finalBinarySecurityTokenOutputProcessor);
} else if (WSSConstants.SAML_TOKEN_SIGNED.equals(action) && includeToken
- && (securityToken.getTokenType() == null || WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
- FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor = new FinalBinarySecurityTokenOutputProcessor(securityToken);
+ && (securityToken.getTokenType() == null
+ || WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
+ FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
+ new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction());
finalBinarySecurityTokenOutputProcessor.addBeforeProcessor(WSSSignatureOutputProcessor.class.getName());
@@ -104,8 +109,10 @@ public class BinarySecurityTokenOutputPr
securityToken.setProcessor(finalBinarySecurityTokenOutputProcessor);
} else if (WSSConstants.ENCRYPT.equals(action)
&& (includeToken || WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference.equals(keyIdentifier))
- && (securityToken.getTokenType() == null || WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
- FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor = new FinalBinarySecurityTokenOutputProcessor(securityToken);
+ && (securityToken.getTokenType() == null
+ || WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
+ FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
+ new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction());
finalBinarySecurityTokenOutputProcessor.addAfterProcessor(EncryptEndingOutputProcessor.class.getName());
@@ -114,7 +121,8 @@ public class BinarySecurityTokenOutputPr
} else if (WSSConstants.ENCRYPT_WITH_KERBEROS_TOKEN.equals(getAction())
|| WSSConstants.SIGNATURE_WITH_KERBEROS_TOKEN.equals(getAction())
|| WSSConstants.KERBEROS_TOKEN.equals(getAction())) {
- FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor = new FinalBinarySecurityTokenOutputProcessor(securityToken);
+ FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
+ new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction());
finalBinarySecurityTokenOutputProcessor.addBeforeProcessor(WSSSignatureOutputProcessor.class.getName());
@@ -167,7 +175,8 @@ public class BinarySecurityTokenOutputPr
);
createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName);
if (WSSConstants.ENCRYPT_WITH_KERBEROS_TOKEN.equals(getAction())) {
- OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, WSSConstants.TAG_xenc_ReferenceList, getAction(), false);
+ OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, WSSConstants.TAG_xenc_ReferenceList,
+ getAction(), false);
WSSUtils.createReferenceListStructureForEncryption(this, subOutputProcessorChain);
}
} else {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/CustomTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/CustomTokenOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/CustomTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/CustomTokenOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -50,7 +50,8 @@ public class CustomTokenOutputProcessor
}
@Override
- public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
try {
String tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN);
if (tokenId == null) {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -57,14 +57,16 @@ public class DerivedKeyTokenOutputProces
}
@Override
- public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
try {
String tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_DERIVED_KEY);
if (tokenId == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
}
- SecurityTokenProvider<OutboundSecurityToken> wrappingSecurityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
+ SecurityTokenProvider<OutboundSecurityToken> wrappingSecurityTokenProvider =
+ outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
if (wrappingSecurityTokenProvider == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
}
@@ -93,7 +95,8 @@ public class DerivedKeyTokenOutputProces
}
}
- String defaultLabel = WSSConstants.WS_SecureConversation_DEFAULT_LABEL + WSSConstants.WS_SecureConversation_DEFAULT_LABEL;
+ String defaultLabel =
+ WSSConstants.WS_SecureConversation_DEFAULT_LABEL + WSSConstants.WS_SecureConversation_DEFAULT_LABEL;
byte[] label = defaultLabel.getBytes(StandardCharsets.UTF_8);
byte[] nonce = WSSConstants.generateBytes(16);
@@ -108,7 +111,8 @@ public class DerivedKeyTokenOutputProces
byte[] secret;
if (WSSecurityTokenConstants.SecurityContextToken.equals(wrappingSecurityToken.getTokenType())) {
WSPasswordCallback passwordCallback = new WSPasswordCallback(wsuIdDKT, WSPasswordCallback.SECRET_KEY);
- WSSUtils.doSecretKeyCallback(((WSSSecurityProperties)securityProperties).getCallbackHandler(), passwordCallback, wsuIdDKT);
+ WSSUtils.doSecretKeyCallback(((WSSSecurityProperties)securityProperties).getCallbackHandler(),
+ passwordCallback, wsuIdDKT);
if (passwordCallback.getKey() == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noKey",
new Object[] {wsuIdDKT});
@@ -166,7 +170,8 @@ public class DerivedKeyTokenOutputProces
}
outputProcessorChain.getSecurityContext().registerSecurityTokenProvider(wsuIdDKT, derivedKeysecurityTokenProvider);
FinalDerivedKeyTokenOutputProcessor finalDerivedKeyTokenOutputProcessor =
- new FinalDerivedKeyTokenOutputProcessor(derivedKeySecurityToken, offset, length, new String(Base64.encodeBase64(nonce)),
+ new FinalDerivedKeyTokenOutputProcessor(derivedKeySecurityToken, offset, length,
+ new String(Base64.encodeBase64(nonce)),
((WSSSecurityProperties)getSecurityProperties()).isUse200512Namespace(),
wrappingSecurityToken.getSha1Identifier());
finalDerivedKeyTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -84,7 +84,8 @@ public class EncryptOutputProcessor exte
}
@Override
- public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
if (xmlSecEvent.getEventType() == XMLStreamConstants.START_ELEMENT) {
XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
@@ -95,7 +96,8 @@ public class EncryptOutputProcessor exte
LOG.debug("Matched encryptionPart for encryption");
InternalEncryptionOutputProcessor internalEncryptionOutputProcessor;
String tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
- SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
+ SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider =
+ outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
OutboundSecurityToken securityToken = securityTokenProvider.getSecurityToken();
EncryptionPartDef encryptionPartDef = new EncryptionPartDef();
encryptionPartDef.setSecurePart(securePart);
@@ -191,7 +193,8 @@ public class EncryptOutputProcessor exte
SecurePart attachmentSecurePart = null;
- Map<Object, SecurePart> dynamicSecureParts = outputProcessorChain.getSecurityContext().getAsMap(XMLSecurityConstants.ENCRYPTION_PARTS);
+ Map<Object, SecurePart> dynamicSecureParts =
+ outputProcessorChain.getSecurityContext().getAsMap(XMLSecurityConstants.ENCRYPTION_PARTS);
Iterator<Map.Entry<Object, SecurePart>> securePartsMapIterator = dynamicSecureParts.entrySet().iterator();
String externalId = "";
while (securePartsMapIterator.hasNext()) {
@@ -337,7 +340,8 @@ public class EncryptOutputProcessor exte
* Creates the Data structure around the cipher data
*/
@Override
- protected void processEventInternal(XMLSecStartElement xmlSecStartElement, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ protected void processEventInternal(XMLSecStartElement xmlSecStartElement, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
List<QName> elementPath = xmlSecStartElement.getElementPath();
@@ -362,28 +366,11 @@ public class EncryptOutputProcessor exte
}
super.processEventInternal(xmlSecStartElement, outputProcessorChain);
- /*
- <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-1612925417"
- Type="http://www.w3.org/2001/04/xmlenc#Content">
- <xenc:EncryptionMethod xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
- Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
- <wsse:Reference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
- URI="#EncKeyId-1483925398" />
- </wsse:SecurityTokenReference>
- </ds:KeyInfo>
- <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
- <xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
- ...
- </xenc:CipherValue>
- </xenc:CipherData>
- </xenc:EncryptedData>
- */
}
@Override
- protected void createKeyInfoStructure(OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ protected void createKeyInfoStructure(OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo, true, null);
if (securityToken.getCustomTokenReference() != null) {
@@ -396,51 +383,62 @@ public class EncryptOutputProcessor exte
if (WSSecurityTokenConstants.KeyIdentifier_EncryptedKeySha1Identifier.equals(keyIdentifier)) {
List<XMLSecAttribute> attributes = new ArrayList<>(1);
attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_WSS_ENC_KEY_VALUE_TYPE));
- createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, false, attributes);
+ createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference,
+ false, attributes);
if (securityToken.getSha1Identifier() != null) {
- WSSUtils.createEncryptedKeySha1IdentifierStructure(this, outputProcessorChain, securityToken.getSha1Identifier());
+ WSSUtils.createEncryptedKeySha1IdentifierStructure(this, outputProcessorChain,
+ securityToken.getSha1Identifier());
} else {
- WSSUtils.createEncryptedKeySha1IdentifierStructure(this, outputProcessorChain, getEncryptionPartDef().getSymmetricKey());
+ WSSUtils.createEncryptedKeySha1IdentifierStructure(this, outputProcessorChain,
+ getEncryptionPartDef().getSymmetricKey());
}
} else if (WSSecurityTokenConstants.KeyIdentifier_KerberosSha1Identifier.equals(keyIdentifier)) {
List<XMLSecAttribute> attributes = new ArrayList<>(1);
attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_Kerberos5_AP_REQ));
- createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, false, attributes);
+ createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference,
+ false, attributes);
- WSSUtils.createKerberosSha1IdentifierStructure(this, outputProcessorChain, securityToken.getSha1Identifier());
+ WSSUtils.createKerberosSha1IdentifierStructure(this, outputProcessorChain,
+ securityToken.getSha1Identifier());
} else {
boolean isSAMLToken = false;
if (WSSecurityTokenConstants.KerberosToken.equals(securityToken.getTokenType())) {
List<XMLSecAttribute> attributes = new ArrayList<>(2);
attributes.add(createAttribute(WSSConstants.ATT_wsu_Id, IDGenerator.generateID(null)));
attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_GSS_Kerberos5_AP_REQ));
- createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, false, attributes);
+ createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference,
+ false, attributes);
} else if (WSSecurityTokenConstants.Saml10Token.equals(securityToken.getTokenType())
|| WSSecurityTokenConstants.Saml11Token.equals(securityToken.getTokenType())) {
List<XMLSecAttribute> attributes = new ArrayList<>(2);
attributes.add(createAttribute(WSSConstants.ATT_wsu_Id, IDGenerator.generateID(null)));
attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_SAML11_TOKEN_PROFILE_TYPE));
- createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, false, attributes);
+ createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference,
+ false, attributes);
isSAMLToken = true;
} else if (WSSecurityTokenConstants.Saml20Token.equals(securityToken.getTokenType())) {
List<XMLSecAttribute> attributes = new ArrayList<>(2);
attributes.add(createAttribute(WSSConstants.ATT_wsu_Id, IDGenerator.generateID(null)));
attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_SAML20_TOKEN_PROFILE_TYPE));
- createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, false, attributes);
+ createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference,
+ false, attributes);
isSAMLToken = true;
} else if (WSSecurityTokenConstants.EncryptedKeyToken.equals(securityToken.getTokenType())) {
List<XMLSecAttribute> attributes = new ArrayList<>(2);
attributes.add(createAttribute(WSSConstants.ATT_wsu_Id, IDGenerator.generateID(null)));
attributes.add(createAttribute(WSSConstants.ATT_wsse11_TokenType, WSSConstants.NS_WSS_ENC_KEY_VALUE_TYPE));
- createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, false, attributes);
+ createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference,
+ false, attributes);
} else {
- createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference, true, null);
+ createStartElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_wsse_SecurityTokenReference,
+ true, null);
}
if (isSAMLToken) {
// Always use KeyIdentifier regardless of the configured KeyIdentifier value
- WSSUtils.createSAMLKeyIdentifierStructure(this, outputProcessorChain, securityToken.getTokenType(), getEncryptionPartDef().getKeyId());
+ WSSUtils.createSAMLKeyIdentifierStructure(this, outputProcessorChain, securityToken.getTokenType(),
+ getEncryptionPartDef().getKeyId());
} else {
List<XMLSecAttribute> attributes = new ArrayList<>(1);
attributes.add(createAttribute(WSSConstants.ATT_NULL_URI, "#" + getEncryptionPartDef().getKeyId()));
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -65,7 +65,8 @@ public class EncryptedKeyOutputProcessor
}
@Override
- public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
try {
String tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTED_KEY);
@@ -104,7 +105,8 @@ public class EncryptedKeyOutputProcessor
boolean sharedToken = encTokenId.equals(sigTokenId);
- FinalEncryptedKeyOutputProcessor finalEncryptedKeyOutputProcessor = new FinalEncryptedKeyOutputProcessor(encryptedKeySecurityToken);
+ FinalEncryptedKeyOutputProcessor finalEncryptedKeyOutputProcessor =
+ new FinalEncryptedKeyOutputProcessor(encryptedKeySecurityToken);
finalEncryptedKeyOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalEncryptedKeyOutputProcessor.setAction(getAction());
XMLSecurityConstants.Action action = getAction();
@@ -192,27 +194,6 @@ public class EncryptedKeyOutputProcessor
this.outputReferenceList = outputReferenceList;
}
- /*
- <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncKeyId-1483925398">
- <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
- <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">
- pHoiKNGY2YsLBKxwIV+jURt858M=
- </wsse:KeyIdentifier>
- </wsse:SecurityTokenReference>
- </ds:KeyInfo>
- <xenc:CipherData>
- <xenc:CipherValue>
- Khsa9SN3ALNXOgGDKOqihvfwGsXb9QN/q4Fpi9uuThgz+3D4oRSMkrGSPCqwG13vddvHywGAA/XNbWNT+5Xivz3lURCDCc2H/92YlXXo/crQNJnPlLrLZ81bGOzbNo7lnYQBLp/77K7b1bhldZAeV9ZfEW7DjbOMZ+k1dnDCu3A=
- </xenc:CipherValue>
- </xenc:CipherData>
- <xenc:ReferenceList>
- <xenc:DataReference URI="#EncDataId-1612925417" />
- </xenc:ReferenceList>
- </xenc:EncryptedKey>
- */
-
@Override
public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
throws XMLStreamException, XMLSecurityException {
@@ -244,7 +225,8 @@ public class EncryptedKeyOutputProcessor
byte[] oaepParams = getSecurityProperties().getEncryptionKeyTransportOAEPParams();
if (oaepParams != null) {
- createStartElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc_OAEPparams, false, null);
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc_OAEPparams,
+ false, null);
createCharactersAndOutputAsEvent(subOutputProcessorChain, Base64.encodeBase64String(oaepParams));
createEndElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc_OAEPparams);
}
@@ -253,14 +235,16 @@ public class EncryptedKeyOutputProcessor
if (encryptionKeyTransportDigestAlgorithm != null) {
attributes = new ArrayList<>(1);
attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Algorithm, encryptionKeyTransportDigestAlgorithm));
- createStartElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_dsig_DigestMethod, true, attributes);
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_dsig_DigestMethod,
+ true, attributes);
createEndElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_dsig_DigestMethod);
}
if (encryptionKeyTransportMGFAlgorithm != null) {
attributes = new ArrayList<>(1);
attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Algorithm, encryptionKeyTransportMGFAlgorithm));
- createStartElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc11_MGF, true, attributes);
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc11_MGF,
+ true, attributes);
createEndElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc11_MGF);
}
}
@@ -286,7 +270,8 @@ public class EncryptedKeyOutputProcessor
XMLSecurityConstants.NS_XENC_RSAOAEPMGF1P.equals(encryptionKeyTransportAlgorithm)) {
String jceDigestAlgorithm = "SHA-1";
- String encryptionKeyTransportDigestAlgorithm = getSecurityProperties().getEncryptionKeyTransportDigestAlgorithm();
+ String encryptionKeyTransportDigestAlgorithm =
+ getSecurityProperties().getEncryptionKeyTransportDigestAlgorithm();
if (encryptionKeyTransportDigestAlgorithm != null) {
jceDigestAlgorithm = JCEAlgorithmMapper.translateURItoJCEID(encryptionKeyTransportDigestAlgorithm);
}
@@ -331,7 +316,8 @@ public class EncryptedKeyOutputProcessor
}
}
- createCharactersAndOutputAsEvent(subOutputProcessorChain, new Base64(76, new byte[]{'\n'}).encodeToString(encryptedEphemeralKey));
+ createCharactersAndOutputAsEvent(subOutputProcessorChain,
+ new Base64(76, new byte[]{'\n'}).encodeToString(encryptedEphemeralKey));
} catch (NoSuchPaddingException | NoSuchAlgorithmException
| InvalidKeyException | IllegalBlockSizeException
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -175,8 +175,10 @@ public class SAMLTokenOutputProcessor ex
}
};
- outputProcessorChain.getSecurityContext().registerSecurityTokenProvider(binarySecurityTokenId, securityTokenProvider);
- outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, binarySecurityTokenId);
+ outputProcessorChain.getSecurityContext().registerSecurityTokenProvider(binarySecurityTokenId,
+ securityTokenProvider);
+ outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
+ binarySecurityTokenId);
securityToken = bstSecurityToken;
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -57,7 +57,8 @@ public class SecurityContextTokenOutputP
if (tokenId == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
}
- SecurityTokenProvider<OutboundSecurityToken> wrappingSecurityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
+ SecurityTokenProvider<OutboundSecurityToken> wrappingSecurityTokenProvider =
+ outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
if (wrappingSecurityTokenProvider == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
}
@@ -69,7 +70,8 @@ public class SecurityContextTokenOutputP
final String wsuId = IDGenerator.generateID(null);
final String identifier = IDGenerator.generateID(null);
- final GenericOutboundSecurityToken securityContextSecurityToken = new GenericOutboundSecurityToken(wsuId, WSSecurityTokenConstants.SecurityContextToken) {
+ final GenericOutboundSecurityToken securityContextSecurityToken =
+ new GenericOutboundSecurityToken(wsuId, WSSecurityTokenConstants.SecurityContextToken) {
@Override
public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
@@ -141,7 +143,8 @@ public class SecurityContextTokenOutputP
private final String identifier;
private final boolean use200512Namespace;
- FinalSecurityContextTokenOutputProcessor(OutboundSecurityToken securityToken, String identifier, boolean use200512Namespace) throws XMLSecurityException {
+ FinalSecurityContextTokenOutputProcessor(OutboundSecurityToken securityToken, String identifier, boolean use200512Namespace)
+ throws XMLSecurityException {
super();
this.securityToken = securityToken;
this.identifier = identifier;
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -49,7 +49,8 @@ public class SecurityHeaderOutputProcess
}
@Override
- public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
boolean eventHandled = false;
@@ -125,7 +126,8 @@ public class SecurityHeaderOutputProcess
//so output one and add securityHeader
//create subchain and output soap-header and securityHeader
- OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this, xmlSecStartElement.getParentXMLSecStartElement());
+ OutputProcessorChain subOutputProcessorChain =
+ outputProcessorChain.createSubChain(this, xmlSecStartElement.getParentXMLSecStartElement());
createStartElementAndOutputAsEvent(subOutputProcessorChain,
new QName(soapMessageVersion, WSSConstants.TAG_soap_Header_LocalName, WSSConstants.PREFIX_SOAPENV), true, null);
boolean mustUnderstand = ((WSSSecurityProperties) getSecurityProperties()).isMustUnderstand();
@@ -144,8 +146,10 @@ public class SecurityHeaderOutputProcess
case XMLStreamConstants.END_ELEMENT:
XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
int documentLevel = xmlSecEndElement.getDocumentLevel();
+ String soapMessageVersionNS =
+ WSSUtils.getSOAPMessageVersionNamespace(xmlSecEndElement.getParentXMLSecStartElement());
if (documentLevel == 2 && WSSConstants.TAG_soap_Header_LocalName.equals(xmlSecEndElement.getName().getLocalPart())
- && xmlSecEndElement.getName().getNamespaceURI().equals(WSSUtils.getSOAPMessageVersionNamespace(xmlSecEndElement.getParentXMLSecStartElement()))) {
+ && xmlSecEndElement.getName().getNamespaceURI().equals(soapMessageVersionNS)) {
OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
boolean mustUnderstand = ((WSSSecurityProperties) getSecurityProperties()).isMustUnderstand();
buildSecurityHeader(xmlSecEndElement.getName().getNamespaceURI(), subOutputProcessorChain, mustUnderstand);
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderReorderProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderReorderProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderReorderProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SecurityHeaderReorderProcessor.java Mon Jan 11 11:07:51 2016
@@ -87,7 +87,8 @@ public class SecurityHeaderReorderProces
}
@Override
- public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
+ public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
+ throws XMLStreamException, XMLSecurityException {
int documentLevel = xmlSecEvent.getDocumentLevel();
if (documentLevel < 3 ||
@@ -102,7 +103,8 @@ public class SecurityHeaderReorderProces
if (xmlSecEvent.isEndElement() && xmlSecEvent.asEndElement().getName().equals(WSSConstants.TAG_wsse_Security)) {
OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
- Iterator<Map.Entry<XMLSecurityConstants.Action, Map<SecurityHeaderOrder, Deque<XMLSecEvent>>>> iterator = actionEventMap.entrySet().iterator();
+ Iterator<Map.Entry<XMLSecurityConstants.Action, Map<SecurityHeaderOrder, Deque<XMLSecEvent>>>> iterator =
+ actionEventMap.entrySet().iterator();
loop:
while (iterator.hasNext()) {
Map.Entry<XMLSecurityConstants.Action, Map<SecurityHeaderOrder, Deque<XMLSecEvent>>> next = iterator.next();
@@ -156,7 +158,8 @@ public class SecurityHeaderReorderProces
case XMLStreamConstants.START_ELEMENT:
XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
- List<SecurityHeaderOrder> securityHeaderOrderList = outputProcessorChain.getSecurityContext().getAsList(SecurityHeaderOrder.class);
+ List<SecurityHeaderOrder> securityHeaderOrderList =
+ outputProcessorChain.getSecurityContext().getAsList(SecurityHeaderOrder.class);
SecurityHeaderOrder securityHeaderOrder = securityHeaderOrderList.get(securityHeaderIndex);
if (!xmlSecStartElement.getName().equals(WSSConstants.TAG_xenc_EncryptedData) &&
!xmlSecStartElement.getName().equals(securityHeaderOrder.getSecurityHeaderElementName())) {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -71,7 +71,9 @@ public class SignatureConfirmationOutput
List<XMLSecAttribute> attributes = new ArrayList<>(2);
attributes.add(createAttribute(WSSConstants.ATT_wsu_Id, IDGenerator.generateID(null)));
- attributes.add(createAttribute(WSSConstants.ATT_NULL_Value, new Base64(76, new byte[]{'\n'}).encodeToString(signatureValueSecurityEvent.getSignatureValue())));
+ String base64SigValue =
+ new Base64(76, new byte[]{'\n'}).encodeToString(signatureValueSecurityEvent.getSignatureValue());
+ attributes.add(createAttribute(WSSConstants.ATT_NULL_Value, base64SigValue));
createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, true, attributes);
createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName);
}
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/TimestampOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/TimestampOutputProcessor.java?rev=1724006&r1=1724005&r2=1724006&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/TimestampOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/TimestampOutputProcessor.java Mon Jan 11 11:07:51 2016
@@ -66,7 +66,8 @@ public class TimestampOutputProcessor ex
final QName headerElementName = WSSConstants.TAG_wsu_Timestamp;
OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, headerElementName, getAction(), false);
- XMLGregorianCalendar created = WSSConstants.datatypeFactory.newXMLGregorianCalendar(new GregorianCalendar(TimeZone.getTimeZone("UTC")));
+ XMLGregorianCalendar created =
+ WSSConstants.datatypeFactory.newXMLGregorianCalendar(new GregorianCalendar(TimeZone.getTimeZone("UTC")));
GregorianCalendar expiresCalendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
expiresCalendar.add(Calendar.SECOND, ((WSSSecurityProperties) getSecurityProperties()).getTimestampTTL());