You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/05/16 17:34:34 UTC
svn commit: r1103769 - in
/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message:
WSSecDerivedKeyBase.java token/SecurityTokenReference.java
Author: coheigea
Date: Mon May 16 15:34:33 2011
New Revision: 1103769
URL: http://svn.apache.org/viewvc?rev=1103769&view=rev
Log:
Fixed a NPE and added the ability to reference a token via a KeyIdentifier in a DerivedKeyToken
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecDerivedKeyBase.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecDerivedKeyBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecDerivedKeyBase.java?rev=1103769&r1=1103768&r2=1103769&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecDerivedKeyBase.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecDerivedKeyBase.java Mon May 16 15:34:33 2011
@@ -222,23 +222,48 @@ public abstract class WSSecDerivedKeyBas
dkt.setID(dktId);
if (strElem == null) {
- //Create the SecurityTokenRef to the Encrypted Key
- SecurityTokenReference strEncKey = new SecurityTokenReference(document);
- Reference ref = new Reference(document);
+ SecurityTokenReference secRef = new SecurityTokenReference(document);
+ String strUri = getWsConfig().getIdAllocator().createSecureId("STR-", secRef);
+ secRef.setID(strUri);
- if (tokenIdDirectId) {
- ref.setURI(tokenIdentifier);
- } else {
- ref.setURI("#" + tokenIdentifier);
- }
- if (customValueType != null && !"".equals(customValueType)) {
- ref.setValueType(customValueType);
- }
- if (!WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE.equals(customValueType)) {
- strEncKey.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+ switch (keyIdentifierType) {
+ case WSConstants.CUSTOM_KEY_IDENTIFIER:
+ secRef.setKeyIdentifier(customValueType, tokenIdentifier);
+ if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customValueType)) {
+ secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customValueType)) {
+ secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customValueType)) {
+ secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+ }
+ break;
+ default:
+ Reference ref = new Reference(document);
+
+ if (tokenIdDirectId) {
+ ref.setURI(tokenIdentifier);
+ } else {
+ ref.setURI("#" + tokenIdentifier);
+ }
+ if (customValueType != null && !"".equals(customValueType)) {
+ ref.setValueType(customValueType);
+ }
+ if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customValueType)) {
+ secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ ref.setValueType(customValueType);
+ } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customValueType)) {
+ secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customValueType)) {
+ secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+ ref.setValueType(customValueType);
+ } else if (!WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE.equals(customValueType)) {
+ secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+ }
+
+ secRef.setReference(ref);
}
- strEncKey.setReference(ref);
- dkt.setSecurityTokenReference(strEncKey);
+
+ dkt.setSecurityTokenReference(secRef);
} else {
dkt.setSecurityTokenReference(strElem);
}
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java?rev=1103769&r1=1103768&r2=1103769&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java Mon May 16 15:34:33 2011
@@ -308,9 +308,9 @@ public class SecurityTokenReference {
//
// Try to find a custom token
//
- if (cb != null && (WSConstants.WSC_SCT.equals(type))
+ if (cb != null && (WSConstants.WSC_SCT.equals(type)
|| WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(type)
- || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(type)) {
+ || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(type))) {
//try to find a custom token
WSPasswordCallback pwcb =
new WSPasswordCallback(id, WSPasswordCallback.CUSTOM_TOKEN);