You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by ve...@apache.org on 2015/12/26 21:37:39 UTC
svn commit: r1721756 - in /axis/axis2/java/rampart/branches/1_6: ./
modules/rampart-core/src/main/java/org/apache/rampart/
modules/rampart-samples/src/test/java/org/apache/rampart/samples/runner/
modules/rampart-trust/src/main/java/org/apache/rahas/imp...
Author: veithen
Date: Sat Dec 26 20:37:39 2015
New Revision: 1721756
URL: http://svn.apache.org/viewvc?rev=1721756&view=rev
Log:
RAMPART-381: Merge r1721721 to the 1.6 branch.
Modified:
axis/axis2/java/rampart/branches/1_6/ (props changed)
axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
axis/axis2/java/rampart/branches/1_6/modules/rampart-samples/src/test/java/org/apache/rampart/samples/runner/SampleTest.java
axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java
Propchange: axis/axis2/java/rampart/branches/1_6/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Dec 26 20:37:39 2015
@@ -1 +1 @@
-/axis/axis2/java/rampart/trunk:1072266-1072267,1072300,1072313-1072314,1072316,1072321,1072324,1073746,1074043,1074447,1074534,1075676,1075683-1075684,1083686,1087998,1088013,1088558,1088571,1089599,1090533,1090540,1090570,1129515,1129552,1130570,1131278,1132548,1132564,1134446,1134683,1137396,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175271,1175324,1177260,1177279,1177413,1178193,1180718,1186491,1190533,1190600,1194848,1194994,1220915,1221926,1221937,1221940,1222136,1222418,1235059,1240337,1240373,1299342,1299389-1299390,1303198,1327863,1327890,1327893,1329145-1329146,1330675,1330682,1330695,1338876,1350592,1353719,1355738,1357818,1377230,1383060,1409175,1455319,1455337,1455697,1456067,1470135,1470281,1478156,1479069-1479070,1479160,1479183,1479188,1479299,1566329,1610243,1610817,1611122,1612072,1612138,1718154,1718156-1718157,1718159-1718160,1718174-1718175,1718198,1718225,1718231-1718232,1718682-1718683,1718937,1718941,1719191,1719197,1719227,1719229,171923
2,1719236-1719237,1719502,1719522,1719525,1719538,1719557,1719636-1719637,1720480,1720677,1721007,1721012,1721059,1721246,1721321,1721431,1721512,1721514,1721640,1721694,1721717,1721719-1721720
+/axis/axis2/java/rampart/trunk:1072266-1072267,1072300,1072313-1072314,1072316,1072321,1072324,1073746,1074043,1074447,1074534,1075676,1075683-1075684,1083686,1087998,1088013,1088558,1088571,1089599,1090533,1090540,1090570,1129515,1129552,1130570,1131278,1132548,1132564,1134446,1134683,1137396,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175271,1175324,1177260,1177279,1177413,1178193,1180718,1186491,1190533,1190600,1194848,1194994,1220915,1221926,1221937,1221940,1222136,1222418,1235059,1240337,1240373,1299342,1299389-1299390,1303198,1327863,1327890,1327893,1329145-1329146,1330675,1330682,1330695,1338876,1350592,1353719,1355738,1357818,1377230,1383060,1409175,1455319,1455337,1455697,1456067,1470135,1470281,1478156,1479069-1479070,1479160,1479183,1479188,1479299,1566329,1610243,1610817,1611122,1612072,1612138,1718154,1718156-1718157,1718159-1718160,1718174-1718175,1718198,1718225,1718231-1718232,1718682-1718683,1718937,1718941,1719191,1719197,1719227,1719229,171923
2,1719236-1719237,1719502,1719522,1719525,1719538,1719557,1719636-1719637,1720480,1720677,1721007,1721012,1721059,1721246,1721321,1721431,1721512,1721514,1721640,1721694,1721717,1721719-1721721
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java?rev=1721756&r1=1721755&r2=1721756&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java Sat Dec 26 20:37:39 2015
@@ -321,8 +321,12 @@ public class PolicyBasedResultsValidator
}
} else if (token instanceof IssuedToken) {
- //TODO is is enough to check for ST_UNSIGNED results ??
- WSSecurityEngineResult samlResult = WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
+ WSSecurityEngineResult samlResult = WSSecurityUtil.fetchActionResult(results, WSConstants.ST_SIGNED);
+ // Then check for unsigned saml tokens
+ if (samlResult == null) {
+ log.debug("No signed SAMLToken found. Looking for unsigned SAMLTokens");
+ samlResult = WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
+ }
if (samlResult == null) {
throw new RampartException("samlTokenMissing");
}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-samples/src/test/java/org/apache/rampart/samples/runner/SampleTest.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-samples/src/test/java/org/apache/rampart/samples/runner/SampleTest.java?rev=1721756&r1=1721755&r2=1721756&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-samples/src/test/java/org/apache/rampart/samples/runner/SampleTest.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-samples/src/test/java/org/apache/rampart/samples/runner/SampleTest.java Sat Dec 26 20:37:39 2015
@@ -52,8 +52,8 @@ public class SampleTest extends TestCase
suite.addTest(new SampleTest("policy", "02"));
suite.addTest(new SampleTest("policy", "03"));
suite.addTest(new SampleTest("policy", "04"));
+ suite.addTest(new SampleTest("policy", "05"));
// TODO: these are failing
-// suite.addTest(new SampleTest("policy", "05"));
// suite.addTest(new SampleTest("policy", "06"));
// suite.addTest(new SampleTest("policy", "07"));
suite.addTest(new SampleTest("policy", "08"));
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java?rev=1721756&r1=1721755&r2=1721756&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java Sat Dec 26 20:37:39 2015
@@ -1,5 +1,6 @@
package org.apache.rahas.impl.util;
+import org.apache.axiom.util.UIDGenerator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.RahasConstants;
@@ -31,8 +32,6 @@ import org.opensaml.xml.schema.impl.XSSt
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.signature.*;
-import org.opensaml.xml.signature.KeyInfo;
-import org.opensaml.xml.signature.X509Data;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -458,7 +457,8 @@ public class SAMLUtils {
assertion.setIssuer(issuerName);
assertion.setConditions(SAMLUtils.createConditions(notBefore, notOnOrAfter));
assertion.getStatements().addAll(statements);
-
+ assertion.setID(UIDGenerator.generateUID());
+ assertion.setIssueInstant(new DateTime());
return assertion;
}
@@ -706,7 +706,7 @@ public class SAMLUtils {
// Encoding type set to http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0
// #Base64Binary
keyIdentifier.setEncodingType(KeyIdentifier.ENCODING_TYPE_BASE64_BINARY);
- keyIdentifier.setValueType(WSSecurityConstants.THUMB_PRINT_SHA1);
+ keyIdentifier.setValueType(WSSecurityConstants.WS_SECURITY11_NS+"#ThumbprintSHA1");
keyIdentifier.setValue(getThumbprintSha1(certificate));
securityTokenReference.getUnknownXMLObjects().add(keyIdentifier);