You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ow...@apache.org on 2013/04/03 20:44:48 UTC
svn commit: r1464152 -
/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
Author: owulff
Date: Wed Apr 3 18:44:48 2013
New Revision: 1464152
URL: http://svn.apache.org/r1464152
Log:
Make CXF bus configurable
Modified:
cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
Modified: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java?rev=1464152&r1=1464151&r2=1464152&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java (original)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java Wed Apr 3 18:44:48 2013
@@ -38,6 +38,7 @@ import org.apache.cxf.fediz.service.idp.
import org.apache.cxf.staxutils.W3CDOMStreamWriter;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.trust.STSUtils;
import org.apache.ws.security.WSConstants;
import org.slf4j.Logger;
@@ -79,6 +80,8 @@ public class STSClientAction {
protected String tokenType;
protected boolean useWfreshForTTL = true;
+
+ protected Bus bus;
private boolean claimsRequired = true;
@@ -151,9 +154,10 @@ public class STSClientAction {
public SecurityToken submit(UsernamePasswordCredentials credentials, RequestContext context)
throws Exception {
- Bus bus = BusFactory.getDefaultBus();
+ Bus cxfBus = getBus();
- IdpSTSClient sts = new IdpSTSClient(bus);
+ //IdpSTSClient sts = new IdpSTSClient(bus);
+ STSClient sts = new STSClient(cxfBus);
sts.setAddressingNamespace(HTTP_WWW_W3_ORG_2005_08_ADDRESSING);
paramTokenType(sts);
sts.setKeyType(HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER);
@@ -172,7 +176,7 @@ public class STSClientAction {
}
if (isClaimsRequired()) {
- addClaims(this.appliesTo, bus, sts);
+ addClaims(this.appliesTo, cxfBus, sts);
}
sts.getProperties().put(SecurityConstants.USERNAME,
@@ -187,35 +191,7 @@ public class STSClientAction {
}
- private void processWsdlLocation(RequestContext context) {
- if (!isPortSet) {
- try {
- URL url = new URL(this.wsdlLocation);
- URL updatedUrl = new URL(url.getProtocol(), url.getHost(),
- WebUtils.getHttpServletRequest(context).getLocalPort(), url.getFile());
-
- setSTSWsdlUrl(updatedUrl.toString());
- LOG.info("STS WSDL URL updated to " + updatedUrl.toString());
- } catch (MalformedURLException e) {
- LOG.error("Invalid Url '" + this.wsdlLocation + "': " + e.getMessage());
- }
- }
- }
- /**
- * Usage of 'wfresh' parameter, picked up from the webflow context,
- * like time-to-live of security token to be issued..
- */
- private void configureTTL(IdpSTSClient sts, RequestContext requestContext) {
- String wfresh = (String)WebUtils.getAttributeFromExternalContext(requestContext, "wfresh");
- if (wfresh != null) {
- int ttl = Integer.parseInt(wfresh);
- if (ttl > 0) {
- sts.setTtl(ttl * 60);
- sts.setEnableLifetime(true);
- }
- }
- }
/**
* @param credentials
@@ -228,9 +204,9 @@ public class STSClientAction {
public String submit(SecurityToken credentials, String wtrealm, RequestContext context)
throws Exception {
- Bus bus = BusFactory.getDefaultBus();
+ Bus cxfBus = getBus();
- IdpSTSClient sts = new IdpSTSClient(bus);
+ IdpSTSClient sts = new IdpSTSClient(cxfBus);
sts.setAddressingNamespace(HTTP_WWW_W3_ORG_2005_08_ADDRESSING);
paramTokenType(sts);
sts.setKeyType(HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER);
@@ -244,7 +220,7 @@ public class STSClientAction {
HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512, wsdlEndpoint));
if (this.claimsRequired) {
- addClaims(wtrealm, bus, sts);
+ addClaims(wtrealm, cxfBus, sts);
}
sts.setOnBehalfOf(credentials.getToken());
@@ -254,11 +230,50 @@ public class STSClientAction {
LOG.info("Token [RP_TOKEN] produced succesfully.");
return StringEscapeUtils.escapeXml(rpToken);
}
+
+ public void setBus(Bus bus) {
+ this.bus = bus;
+ }
- private void addClaims(String wtrealm, Bus bus, IdpSTSClient sts)
+ public Bus getBus() {
+ // do not store a referance to the default bus
+ return (bus != null) ? bus : BusFactory.getDefaultBus();
+ }
+
+ private void processWsdlLocation(RequestContext context) {
+ if (!isPortSet) {
+ try {
+ URL url = new URL(this.wsdlLocation);
+ URL updatedUrl = new URL(url.getProtocol(), url.getHost(),
+ WebUtils.getHttpServletRequest(context).getLocalPort(), url.getFile());
+
+ setSTSWsdlUrl(updatedUrl.toString());
+ LOG.info("STS WSDL URL updated to " + updatedUrl.toString());
+ } catch (MalformedURLException e) {
+ LOG.error("Invalid Url '" + this.wsdlLocation + "': " + e.getMessage());
+ }
+ }
+ }
+
+ /**
+ * Usage of 'wfresh' parameter, picked up from the webflow context,
+ * like time-to-live of security token to be issued..
+ */
+ private void configureTTL(STSClient sts, RequestContext requestContext) {
+ String wfresh = (String)WebUtils.getAttributeFromExternalContext(requestContext, "wfresh");
+ if (wfresh != null) {
+ int ttl = Integer.parseInt(wfresh);
+ if (ttl > 0) {
+ sts.setTtl(ttl * 60);
+ sts.setEnableLifetime(true);
+ }
+ }
+ }
+
+ private void addClaims(String wtrealm, Bus cxfBus, STSClient sts)
throws ParserConfigurationException, XMLStreamException {
List<String> realmClaims = null;
- ApplicationContext ctx = (ApplicationContext) bus
+ ApplicationContext ctx = (ApplicationContext) cxfBus
.getExtension(ApplicationContext.class);
@SuppressWarnings("unchecked")
@@ -278,7 +293,7 @@ public class STSClientAction {
}
}
- private void paramTokenType(IdpSTSClient sts) {
+ private void paramTokenType(STSClient sts) {
if (tokenType == null) {
sts.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
} else {