You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/10/21 12:41:48 UTC

svn commit: r1534086 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java

Author: coheigea
Date: Mon Oct 21 10:41:48 2013
New Revision: 1534086

URL: http://svn.apache.org/r1534086
Log:
Fixing Cancel operation for SecureConversation

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1534086&r1=1534085&r2=1534086&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java Mon Oct 21 10:41:48 2013
@@ -28,6 +28,7 @@ import java.util.logging.Logger;
 import javax.xml.namespace.QName;
 
 import org.w3c.dom.Element;
+
 import org.apache.cxf.binding.soap.SoapBindingConstants;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor;
@@ -61,7 +62,7 @@ import org.apache.neethi.Policy;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
-import org.apache.wss4j.policy.SPConstants.SPVersion;
+import org.apache.wss4j.policy.SPConstants.IncludeTokenType;
 import org.apache.wss4j.policy.model.AbstractBinding;
 import org.apache.wss4j.policy.model.Header;
 import org.apache.wss4j.policy.model.ProtectionToken;
@@ -73,7 +74,6 @@ import org.apache.xml.security.utils.Bas
 
 class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
     static final Logger LOG = LogUtils.getL7dLogger(SecureConversationInInterceptor.class);
-
     
     public SecureConversationInInterceptor() {
         super(Phase.PRE_STREAM);
@@ -154,20 +154,19 @@ class SecureConversationInInterceptor ex
                     final SecureConversationToken secureConversationToken = 
                         new SecureConversationToken(
                             SPConstants.SPVersion.SP12,
-                            SPConstants.IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT,
+                            SPConstants.IncludeTokenType.INCLUDE_TOKEN_NEVER,
                             null,
                             null,
                             null,
                             new Policy()
                         );
-                    secureConversationToken.setOptional(true);
                     
-                    class InternalProtectionToken extends ProtectionToken {
-                        public InternalProtectionToken(SPVersion version, Policy nestedPolicy) {
-                            super(version, nestedPolicy);
-                            super.setToken(secureConversationToken);
-                        }
-                    }
+                    Policy sctPolicy = new Policy();
+                    ExactlyOne sctPolicyEa = new ExactlyOne();
+                    sctPolicy.addPolicyComponent(sctPolicyEa);
+                    All sctPolicyAll = new All();
+                    sctPolicyAll.addPolicyComponent(secureConversationToken);
+                    sctPolicyEa.addPolicyComponent(sctPolicyAll);
                     
                     Policy bindingPolicy = new Policy();
                     ExactlyOne bindingPolicyEa = new ExactlyOne();
@@ -176,15 +175,15 @@ class SecureConversationInInterceptor ex
                     
                     AbstractBinding origBinding = getBinding(aim);
                     bindingPolicyAll.addPolicyComponent(origBinding.getAlgorithmSuite());
+                    bindingPolicyAll.addPolicyComponent(new ProtectionToken(SPConstants.SPVersion.SP12, sctPolicy));
                     bindingPolicyAll.addAssertion(
                         new PrimitiveAssertion(SP12Constants.INCLUDE_TIMESTAMP));
+                    bindingPolicyAll.addAssertion(
+                        new PrimitiveAssertion(SP12Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
                     bindingPolicyEa.addPolicyComponent(bindingPolicyAll);
                     
                     DefaultSymmetricBinding binding = 
                         new DefaultSymmetricBinding(SPConstants.SPVersion.SP12, bindingPolicy);
-                    binding.setProtectionToken(
-                        new InternalProtectionToken(SPConstants.SPVersion.SP12, new Policy())
-                    );
                     binding.setOnlySignEntireHeadersAndBody(true);
                     binding.setProtectTokens(false);
                     
@@ -392,7 +391,10 @@ class SecureConversationInInterceptor ex
                     return;
                 }
                 for (AssertionInfo inf : ais) {
-                    if (foundSCT) {
+                    SecureConversationToken token = (SecureConversationToken)inf.getAssertion();
+                    IncludeTokenType inclusion = token.getIncludeTokenType();
+                    if (foundSCT || token.isOptional()
+                        || (!foundSCT && inclusion == IncludeTokenType.INCLUDE_TOKEN_NEVER)) {
                         inf.setAsserted(true);
                     } else {
                         inf.setNotAsserted("No SecureConversation token found in message.");