You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2014/04/07 07:18:48 UTC
svn commit: r1585390 - in /webservices/wss4j/trunk/ws-security-stax/src:
main/java/org/apache/wss4j/stax/WSSec.java
main/java/org/apache/wss4j/stax/ext/WSSUtils.java
test/java/org/apache/wss4j/stax/test/InteroperabilityTest.java
Author: coheigea
Date: Mon Apr 7 05:18:48 2014
New Revision: 1585390
URL: http://svn.apache.org/r1585390
Log:
Don't load schemas by default
Modified:
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/WSSec.java
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSUtils.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InteroperabilityTest.java
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/WSSec.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/WSSec.java?rev=1585390&r1=1585389&r2=1585390&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/WSSec.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/WSSec.java Mon Apr 7 05:18:48 2014
@@ -21,13 +21,9 @@ package org.apache.wss4j.stax;
import java.net.URISyntaxException;
import java.util.HashSet;
-import javax.xml.XMLConstants;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
-import javax.xml.transform.Source;
-import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.Schema;
-import javax.xml.validation.SchemaFactory;
import org.apache.wss4j.common.crypto.WSProviderConfig;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -36,14 +32,13 @@ import org.apache.wss4j.stax.ext.Outboun
import org.apache.wss4j.stax.ext.WSSConfigurationException;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.wss4j.stax.ext.WSSUtils;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.stax.config.ConfigurationProperties;
import org.apache.xml.security.stax.config.Init;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.stax.impl.util.ConcreteLSInput;
import org.apache.xml.security.utils.ClassLoaderUtils;
-import org.w3c.dom.ls.LSInput;
-import org.w3c.dom.ls.LSResourceResolver;
import org.xml.sax.SAXException;
/**
@@ -74,50 +69,11 @@ public class WSSec {
org.apache.xml.security.binding.excc14n.ObjectFactory.class
)
);
- SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
- schemaFactory.setResourceResolver(new LSResourceResolver() {
- @Override
- public LSInput resolveResource(String type, String namespaceURI, String publicId, String systemId, String baseURI) {
- if ("http://www.w3.org/2001/XMLSchema.dtd".equals(systemId)) {
- ConcreteLSInput concreteLSInput = new ConcreteLSInput();
- concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/XMLSchema.dtd", WSSec.class));
- return concreteLSInput;
- } else if ("XMLSchema.dtd".equals(systemId)) {
- ConcreteLSInput concreteLSInput = new ConcreteLSInput();
- concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/XMLSchema.dtd", WSSec.class));
- return concreteLSInput;
- } else if ("datatypes.dtd".equals(systemId)) {
- ConcreteLSInput concreteLSInput = new ConcreteLSInput();
- concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/datatypes.dtd", WSSec.class));
- return concreteLSInput;
- } else if ("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd".equals(systemId)) {
- ConcreteLSInput concreteLSInput = new ConcreteLSInput();
- concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/xmldsig-core-schema.xsd", WSSec.class));
- return concreteLSInput;
- } else if ("http://www.w3.org/2001/xml.xsd".equals(systemId)) {
- ConcreteLSInput concreteLSInput = new ConcreteLSInput();
- concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/xml.xsd", WSSec.class));
- return concreteLSInput;
- }
- return null;
- }
- });
-
- Schema schema = schemaFactory.newSchema(
- new Source[]{
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/exc-c14n.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xmldsig-core-schema.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xenc-schema.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xenc-schema-11.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xmldsig11-schema.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/oasis-wss-wssecurity-secext-1.1.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/ws-secureconversation-200502.xsd", WSSec.class)),
- new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/ws-secureconversation-1.3.xsd", WSSec.class)),
- }
- );
- WSSConstants.setJaxbSchemas(schema);
+ String loadSchemas = ConfigurationProperties.getProperty("LoadSchemas");
+ if (Boolean.parseBoolean(loadSchemas)) {
+ Schema schema = WSSUtils.loadWSSecuritySchemas();
+ WSSConstants.setJaxbSchemas(schema);
+ }
} catch (XMLSecurityException e) {
throw new RuntimeException(e.getMessage(), e);
} catch (JAXBException e) {
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSUtils.java?rev=1585390&r1=1585389&r2=1585390&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSUtils.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSUtils.java Mon Apr 7 05:18:48 2014
@@ -19,6 +19,7 @@
package org.apache.wss4j.stax.ext;
import org.apache.commons.codec.binary.Base64;
+import org.apache.wss4j.stax.WSSec;
import org.apache.wss4j.stax.impl.SecurityHeaderOrder;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.securityEvent.*;
@@ -28,18 +29,29 @@ import org.apache.xml.security.stax.ext.
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
import org.apache.xml.security.stax.impl.EncryptionPartDef;
+import org.apache.xml.security.stax.impl.util.ConcreteLSInput;
import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityToken;
+import org.apache.xml.security.utils.ClassLoaderUtils;
+import org.w3c.dom.ls.LSInput;
+import org.w3c.dom.ls.LSResourceResolver;
+import org.xml.sax.SAXException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.xml.XMLConstants;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
+import javax.xml.transform.Source;
+import javax.xml.transform.stream.StreamSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.SchemaFactory;
+
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Key;
@@ -650,4 +662,51 @@ public class WSSUtils extends XMLSecurit
}
return tmp;
}
+
+ public static Schema loadWSSecuritySchemas() throws SAXException {
+ SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
+ schemaFactory.setResourceResolver(new LSResourceResolver() {
+ @Override
+ public LSInput resolveResource(String type, String namespaceURI, String publicId, String systemId, String baseURI) {
+ if ("http://www.w3.org/2001/XMLSchema.dtd".equals(systemId)) {
+ ConcreteLSInput concreteLSInput = new ConcreteLSInput();
+ concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/XMLSchema.dtd", WSSec.class));
+ return concreteLSInput;
+ } else if ("XMLSchema.dtd".equals(systemId)) {
+ ConcreteLSInput concreteLSInput = new ConcreteLSInput();
+ concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/XMLSchema.dtd", WSSec.class));
+ return concreteLSInput;
+ } else if ("datatypes.dtd".equals(systemId)) {
+ ConcreteLSInput concreteLSInput = new ConcreteLSInput();
+ concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/datatypes.dtd", WSSec.class));
+ return concreteLSInput;
+ } else if ("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd".equals(systemId)) {
+ ConcreteLSInput concreteLSInput = new ConcreteLSInput();
+ concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/xmldsig-core-schema.xsd", WSSec.class));
+ return concreteLSInput;
+ } else if ("http://www.w3.org/2001/xml.xsd".equals(systemId)) {
+ ConcreteLSInput concreteLSInput = new ConcreteLSInput();
+ concreteLSInput.setByteStream(ClassLoaderUtils.getResourceAsStream("schemas/xml.xsd", WSSec.class));
+ return concreteLSInput;
+ }
+ return null;
+ }
+ });
+
+ Schema schema = schemaFactory.newSchema(
+ new Source[]{
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/exc-c14n.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xmldsig-core-schema.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xenc-schema.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xenc-schema-11.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/xmldsig11-schema.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/oasis-wss-wssecurity-secext-1.1.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/ws-secureconversation-200502.xsd", WSSec.class)),
+ new StreamSource(ClassLoaderUtils.getResourceAsStream("schemas/ws-secureconversation-1.3.xsd", WSSec.class)),
+ }
+ );
+ return schema;
+ }
}
Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InteroperabilityTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InteroperabilityTest.java?rev=1585390&r1=1585389&r2=1585390&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InteroperabilityTest.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InteroperabilityTest.java Mon Apr 7 05:18:48 2014
@@ -41,6 +41,7 @@ import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
+import javax.xml.validation.Schema;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpression;
@@ -1261,6 +1262,8 @@ public class InteroperabilityTest extend
securityProperties.addIgnoreBSPRule(bspRules.next());
}
+ Schema schema = WSSUtils.loadWSSecuritySchemas();
+ WSSConstants.setJaxbSchemas(schema);
try {
Document document = doInboundSecurity(securityProperties,
xmlInputFactory.createXMLStreamReader(