WSSConfig Migration 1.6.18 -> 2.1.0

[St...@faa.gov]

In my ongoing quest to upgrade legacy code, I've noticed a slimming down of what's held in WSSConfig objects. That's fine, but I'm having trouble figuring out where things have moved, or if the things I'm looking for are necessary/relevant anymore. Here's a couple of specific cases:

1. At one point, I'm creating a WSSecurityEngine and setting some values on it, like so:
securityEngine.getWssConfig().setEnableSignatureConfirmation(true);

WSSConfig doesn't have that flag anymore as far as I can tell. Is this default behavior now, or is there some other way to enable that behavior? I see that I can set it on a RequestData, but I don't have one of those at the point I'm setting up the security engine.

2. WSSConfig used to have a method isWsiBSPCompliant(), which would trigger slightly different behaviors for me depending on its setting when I retrieved in from a RequestData object. Is that what the RequestData.isDisableBSPEnforcement() flag is now?

Thanx,

Stephen W. Chappell

Re: WSSConfig Migration 1.6.18 -> 2.1.0

[Colm O hEigeartaigh <co...@apache.org>]

> 1. WSSecurityUtil used to have some DOM methods that mostly look like they
> were moved to XMLUtils. But there's one I can't find -
> storeElementInContext. Is that one still around, or will I need to
> implement locally?
>

The functionality is now implement in WSDocInfo instead. See
WSDocInfo.setTokenOnContext


> 2. ReferenceListProcessor used to have a static getXPath method, but it
> looks like that was recently refactored out. Was that moved somewhere?
>

EncryptionUtils.

Colm.


> Thanx,
>
> Stephen W. Chappell
>
> -----Original Message-----
> From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
> Sent: Monday, July 13, 2015 5:59 AM
> To: users@ws.apache.org
> Cc: users@cxf.apache.org
> Subject: Re: WSSConfig Migration 1.6.18 -> 2.1.0
>
> Answers inline.
>
> On Fri, Jul 10, 2015 at 8:14 PM, <St...@faa.gov> wrote:
>
> >  WSSConfig doesn’t have that flag anymore as far as I can tell. Is
> > this default behavior now, or is there some other way to enable that
> > behavior? I see that I can set it on a RequestData, but I don’t have
> > one of those at the point I’m setting up the security engine.
> >
>
> You can change your code to create a RequestData Object instead when
> calling the WSSecurityEngine methods. The WSSecurityEngine methods that
> don't take RequestData just end up creating RequestData internally anyway:
>
>
> https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngine.java
>
>
> >
> > 2. WSSConfig used to have a method isWsiBSPCompliant(), which would
> > trigger slightly different behaviors for me depending on its setting
> > when I retrieved in from a RequestData object. Is that what the
> > RequestData.isDisableBSPEnforcement() flag is now?
> >
> >
> >
>
> Yeah, although it has the opposite semantics, as it is set to false by
> default, meaning that BSP enforcement is enabled. You can also disable
> specific BSP rules via the ignoredBSPRules List in RequestData.
>
> Colm.
>
>
> >  Thanx,
> >
> >
> >
> > *Stephen W. Chappell*
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: WSSConfig Migration 1.6.18 -> 2.1.0

[Colm O hEigeartaigh <co...@apache.org>]

> 1. WSSecurityUtil used to have some DOM methods that mostly look like they
> were moved to XMLUtils. But there's one I can't find -
> storeElementInContext. Is that one still around, or will I need to
> implement locally?
>

The functionality is now implement in WSDocInfo instead. See
WSDocInfo.setTokenOnContext


> 2. ReferenceListProcessor used to have a static getXPath method, but it
> looks like that was recently refactored out. Was that moved somewhere?
>

EncryptionUtils.

Colm.


> Thanx,
>
> Stephen W. Chappell
>
> -----Original Message-----
> From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
> Sent: Monday, July 13, 2015 5:59 AM
> To: users@ws.apache.org
> Cc: users@cxf.apache.org
> Subject: Re: WSSConfig Migration 1.6.18 -> 2.1.0
>
> Answers inline.
>
> On Fri, Jul 10, 2015 at 8:14 PM, <St...@faa.gov> wrote:
>
> >  WSSConfig doesn’t have that flag anymore as far as I can tell. Is
> > this default behavior now, or is there some other way to enable that
> > behavior? I see that I can set it on a RequestData, but I don’t have
> > one of those at the point I’m setting up the security engine.
> >
>
> You can change your code to create a RequestData Object instead when
> calling the WSSecurityEngine methods. The WSSecurityEngine methods that
> don't take RequestData just end up creating RequestData internally anyway:
>
>
> https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngine.java
>
>
> >
> > 2. WSSConfig used to have a method isWsiBSPCompliant(), which would
> > trigger slightly different behaviors for me depending on its setting
> > when I retrieved in from a RequestData object. Is that what the
> > RequestData.isDisableBSPEnforcement() flag is now?
> >
> >
> >
>
> Yeah, although it has the opposite semantics, as it is set to false by
> default, meaning that BSP enforcement is enabled. You can also disable
> specific BSP rules via the ignoredBSPRules List in RequestData.
>
> Colm.
>
>
> >  Thanx,
> >
> >
> >
> > *Stephen W. Chappell*
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

RE: WSSConfig Migration 1.6.18 -> 2.1.0

[St...@faa.gov]

Thanx, Colm. There's a few more things that have migrated somewhere that I'm having trouble finding ...

1. WSSecurityUtil used to have some DOM methods that mostly look like they were moved to XMLUtils. But there's one I can't find - storeElementInContext. Is that one still around, or will I need to implement locally?

2. ReferenceListProcessor used to have a static getXPath method, but it looks like that was recently refactored out. Was that moved somewhere?

Thanx,

Stephen W. Chappell

-----Original Message-----
From: Colm O hEigeartaigh [mailto:coheigea@apache.org] 
Sent: Monday, July 13, 2015 5:59 AM
To: users@ws.apache.org
Cc: users@cxf.apache.org
Subject: Re: WSSConfig Migration 1.6.18 -> 2.1.0

Answers inline.

On Fri, Jul 10, 2015 at 8:14 PM, <St...@faa.gov> wrote:

>  WSSConfig doesn’t have that flag anymore as far as I can tell. Is 
> this default behavior now, or is there some other way to enable that 
> behavior? I see that I can set it on a RequestData, but I don’t have 
> one of those at the point I’m setting up the security engine.
>

You can change your code to create a RequestData Object instead when calling the WSSecurityEngine methods. The WSSecurityEngine methods that don't take RequestData just end up creating RequestData internally anyway:

https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngine.java


>
> 2. WSSConfig used to have a method isWsiBSPCompliant(), which would 
> trigger slightly different behaviors for me depending on its setting 
> when I retrieved in from a RequestData object. Is that what the
> RequestData.isDisableBSPEnforcement() flag is now?
>
>
>

Yeah, although it has the opposite semantics, as it is set to false by default, meaning that BSP enforcement is enabled. You can also disable specific BSP rules via the ignoredBSPRules List in RequestData.

Colm.


>  Thanx,
>
>
>
> *Stephen W. Chappell*
>



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

RE: WSSConfig Migration 1.6.18 -> 2.1.0

[St...@faa.gov]

Thanx, Colm. There's a few more things that have migrated somewhere that I'm having trouble finding ...

1. WSSecurityUtil used to have some DOM methods that mostly look like they were moved to XMLUtils. But there's one I can't find - storeElementInContext. Is that one still around, or will I need to implement locally?

2. ReferenceListProcessor used to have a static getXPath method, but it looks like that was recently refactored out. Was that moved somewhere?

Thanx,

Stephen W. Chappell

-----Original Message-----
From: Colm O hEigeartaigh [mailto:coheigea@apache.org] 
Sent: Monday, July 13, 2015 5:59 AM
To: users@ws.apache.org
Cc: users@cxf.apache.org
Subject: Re: WSSConfig Migration 1.6.18 -> 2.1.0

Answers inline.

On Fri, Jul 10, 2015 at 8:14 PM, <St...@faa.gov> wrote:

>  WSSConfig doesn’t have that flag anymore as far as I can tell. Is 
> this default behavior now, or is there some other way to enable that 
> behavior? I see that I can set it on a RequestData, but I don’t have 
> one of those at the point I’m setting up the security engine.
>

You can change your code to create a RequestData Object instead when calling the WSSecurityEngine methods. The WSSecurityEngine methods that don't take RequestData just end up creating RequestData internally anyway:

https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngine.java


>
> 2. WSSConfig used to have a method isWsiBSPCompliant(), which would 
> trigger slightly different behaviors for me depending on its setting 
> when I retrieved in from a RequestData object. Is that what the
> RequestData.isDisableBSPEnforcement() flag is now?
>
>
>

Yeah, although it has the opposite semantics, as it is set to false by default, meaning that BSP enforcement is enabled. You can also disable specific BSP rules via the ignoredBSPRules List in RequestData.

Colm.


>  Thanx,
>
>
>
> *Stephen W. Chappell*
>



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: WSSConfig Migration 1.6.18 -> 2.1.0

[Colm O hEigeartaigh <co...@apache.org>]

Answers inline.

On Fri, Jul 10, 2015 at 8:14 PM, <St...@faa.gov> wrote:

>  WSSConfig doesn’t have that flag anymore as far as I can tell. Is this
> default behavior now, or is there some other way to enable that behavior? I
> see that I can set it on a RequestData, but I don’t have one of those at
> the point I’m setting up the security engine.
>

You can change your code to create a RequestData Object instead when
calling the WSSecurityEngine methods. The WSSecurityEngine methods that
don't take RequestData just end up creating RequestData internally anyway:

https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngine.java


>
> 2. WSSConfig used to have a method isWsiBSPCompliant(), which would
> trigger slightly different behaviors for me depending on its setting when I
> retrieved in from a RequestData object. Is that what the
> RequestData.isDisableBSPEnforcement() flag is now?
>
>
>

Yeah, although it has the opposite semantics, as it is set to false by
default, meaning that BSP enforcement is enabled. You can also disable
specific BSP rules via the ignoredBSPRules List in RequestData.

Colm.


>  Thanx,
>
>
>
> *Stephen W. Chappell*
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: WSSConfig Migration 1.6.18 -> 2.1.0

[Colm O hEigeartaigh <co...@apache.org>]

Answers inline.

On Fri, Jul 10, 2015 at 8:14 PM, <St...@faa.gov> wrote:

>  WSSConfig doesn’t have that flag anymore as far as I can tell. Is this
> default behavior now, or is there some other way to enable that behavior? I
> see that I can set it on a RequestData, but I don’t have one of those at
> the point I’m setting up the security engine.
>

You can change your code to create a RequestData Object instead when
calling the WSSecurityEngine methods. The WSSecurityEngine methods that
don't take RequestData just end up creating RequestData internally anyway:

https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngine.java


>
> 2. WSSConfig used to have a method isWsiBSPCompliant(), which would
> trigger slightly different behaviors for me depending on its setting when I
> retrieved in from a RequestData object. Is that what the
> RequestData.isDisableBSPEnforcement() flag is now?
>
>
>

Yeah, although it has the opposite semantics, as it is set to false by
default, meaning that BSP enforcement is enabled. You can also disable
specific BSP rules via the ignoredBSPRules List in RequestData.

Colm.


>  Thanx,
>
>
>
> *Stephen W. Chappell*
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com