You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2008/12/18 22:27:09 UTC
svn commit: r727830 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/
systests/src/test/java/org/apache/cxf/systest/ws/security/
Author: dkulp
Date: Thu Dec 18 13:27:09 2008
New Revision: 727830
URL: http://svn.apache.org/viewvc?rev=727830&view=rev
Log:
Fix problem of wrong Crypto's being used due to cache keys
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java?rev=727830&r1=727829&r2=727830&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java Thu Dec 18 13:27:09 2008
@@ -251,16 +251,13 @@
}
Object s = message.getContextualProperty(SecurityConstants.SIGNATURE_PROPERTIES);
Object e = message.getContextualProperty(SecurityConstants.ENCRYPT_PROPERTIES);
- if (isRequestor(message)) {
- message.put("SignaturePropRefId", "SigRefId");
- message.put("SigRefId", getProps(e, message));
- message.put("decryptionPropRefId", "DecRefId");
- message.put("DecRefId", getProps(s, message));
- } else {
- message.put("SignaturePropRefId", "SigRefId");
- message.put("SigRefId", getProps(s, message));
- message.put("decryptionPropRefId", "DecRefId");
- message.put("DecRefId", getProps(e, message));
+ if (e != null) {
+ message.put("SignaturePropRefId", "RefId-" + e.toString());
+ message.put("RefId-" + e.toString(), getProps(e, message));
+ }
+ if (s != null) {
+ message.put("decryptionPropRefId", "RefId-" + s.toString());
+ message.put("RefId-" + s.toString(), getProps(s, message));
}
ai.setAsserted(true);
policyAsserted(aim, abinding.getInitiatorToken());
@@ -291,15 +288,23 @@
s = e;
}
if (isRequestor(message)) {
- message.put("SignaturePropRefId", "SigRefId");
- message.put("SigRefId", getProps(e, message));
- message.put("decryptionPropRefId", "DecRefId");
- message.put("DecRefId", getProps(s, message));
+ if (e != null) {
+ message.put("SignaturePropRefId", "RefId-" + e.toString());
+ message.put("RefId-" + e.toString(), getProps(e, message));
+ }
+ if (s != null) {
+ message.put("decryptionPropRefId", "RefId-" + s.toString());
+ message.put("RefId-" + s.toString(), getProps(s, message));
+ }
} else {
- message.put("SignaturePropRefId", "SigRefId");
- message.put("SigRefId", getProps(s, message));
- message.put("decryptionPropRefId", "DecRefId");
- message.put("DecRefId", getProps(e, message));
+ if (s != null) {
+ message.put("SignaturePropRefId", "RefId-" + s.toString());
+ message.put("RefId-" + s.toString(), getProps(s, message));
+ }
+ if (e != null) {
+ message.put("decryptionPropRefId", "RefId-" + e.toString());
+ message.put("RefId-" + e.toString(), getProps(e, message));
+ }
}
ai.setAsserted(true);
policyAsserted(aim, abinding.getEncryptionToken());
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=727830&r1=727829&r2=727830&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java Thu Dec 18 13:27:09 2008
@@ -169,9 +169,9 @@
tokenId = getEncryptedKey();
}
}
- if (tok != null) {
+ if (tok == null) {
if (tokenId == null || tokenId.length() == 0) {
- //REVISIT - no tokenM
+ //REVISIT - no tokenId? Exception?
}
if (tokenId.startsWith("#")) {
tokenId = tokenId.substring(1);
Modified: cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java?rev=727830&r1=727829&r2=727830&view=diff
==============================================================================
--- cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java (original)
+++ cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java Thu Dec 18 13:27:09 2008
@@ -82,26 +82,22 @@
EndpointInfo ei = ep.getServer().getEndpoint().getEndpointInfo();
ei.setProperty(SecurityConstants.CALLBACK_HANDLER, new ServerPasswordCallback());
- ei.setProperty(SecurityConstants.SIGNATURE_USERNAME, "alice");
ei.setProperty(SecurityConstants.CALLBACK_HANDLER, new KeystorePasswordCallback());
ei.setProperty(SecurityConstants.SIGNATURE_PROPERTIES,
- SecurityPolicyTest.class.getResource("alice.properties").toString());
- ei.setProperty(SecurityConstants.ENCRYPT_USERNAME, "bob");
- ei.setProperty(SecurityConstants.ENCRYPT_PROPERTIES,
SecurityPolicyTest.class.getResource("bob.properties").toString());
+ ei.setProperty(SecurityConstants.ENCRYPT_PROPERTIES,
+ SecurityPolicyTest.class.getResource("alice.properties").toString());
ep = (EndpointImpl)Endpoint.publish(POLICY_SIGNENC_ADDRESS,
new DoubleItImplSignThenEncrypt());
ei = ep.getServer().getEndpoint().getEndpointInfo();
ei.setProperty(SecurityConstants.CALLBACK_HANDLER, new ServerPasswordCallback());
- ei.setProperty(SecurityConstants.SIGNATURE_USERNAME, "alice");
ei.setProperty(SecurityConstants.CALLBACK_HANDLER, new KeystorePasswordCallback());
ei.setProperty(SecurityConstants.SIGNATURE_PROPERTIES,
- SecurityPolicyTest.class.getResource("alice.properties").toString());
- ei.setProperty(SecurityConstants.ENCRYPT_USERNAME, "bob");
- ei.setProperty(SecurityConstants.ENCRYPT_PROPERTIES,
SecurityPolicyTest.class.getResource("bob.properties").toString());
+ ei.setProperty(SecurityConstants.ENCRYPT_PROPERTIES,
+ SecurityPolicyTest.class.getResource("alice.properties").toString());
}
@Test
@@ -110,24 +106,20 @@
DoubleItPortType pt;
pt = service.getDoubleItPortEncryptThenSign();
- ((BindingProvider)pt).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME, "alice");
((BindingProvider)pt).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
new KeystorePasswordCallback());
((BindingProvider)pt).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
getClass().getResource("alice.properties"));
- ((BindingProvider)pt).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME, "Bob");
((BindingProvider)pt).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
getClass().getResource("bob.properties"));
pt.doubleIt(BigInteger.valueOf(5));
pt = service.getDoubleItPortSignThenEncrypt();
- ((BindingProvider)pt).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME, "alice");
((BindingProvider)pt).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
new KeystorePasswordCallback());
((BindingProvider)pt).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
getClass().getResource("alice.properties"));
- ((BindingProvider)pt).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME, "Bob");
((BindingProvider)pt).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
getClass().getResource("bob.properties"));
pt.doubleIt(BigInteger.valueOf(5));