You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/01/11 17:27:17 UTC
svn commit: r1057714 - in /cxf/trunk/rt/ws/security: pom.xml
src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Author: coheigea
Date: Tue Jan 11 16:27:17 2011
New Revision: 1057714
URL: http://svn.apache.org/viewvc?rev=1057714&view=rev
Log:
[CXF-3236] - Add support for an Issued Token extracted from a SAML assertion
- Upgrading to use WSS4J 1.5.11-SNAPSHOT temporarily, which will be released soon.
Modified:
cxf/trunk/rt/ws/security/pom.xml
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Modified: cxf/trunk/rt/ws/security/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/pom.xml?rev=1057714&r1=1057713&r2=1057714&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/pom.xml (original)
+++ cxf/trunk/rt/ws/security/pom.xml Tue Jan 11 16:27:17 2011
@@ -91,7 +91,7 @@
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
- <version>1.5.10</version>
+ <version>1.5.11-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>axis</groupId>
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1057714&r1=1057713&r2=1057714&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Tue Jan 11 16:27:17 2011
@@ -19,6 +19,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
+import java.security.Principal;
import java.util.Arrays;
import java.util.Collection;
import java.util.Vector;
@@ -47,6 +48,9 @@ import org.apache.cxf.ws.security.trust.
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.ws.security.CustomTokenPrincipal;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
@@ -216,13 +220,10 @@ public class IssuedTokenInterceptorProvi
(WSHandlerResult) results.get(i);
Vector wsSecEngineResults = rResult.getResults();
-
- for (int j = 0; j < wsSecEngineResults.size(); j++) {
- //WSSecurityEngineResult wser =
- // (WSSecurityEngineResult) wsSecEngineResults.get(j);
- //Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- //how to find if it's due to an IssuedToken?
+ SecurityToken token = findIssuedToken(wsSecEngineResults);
+ if (token != null) {
found = true;
+ message.getExchange().put(SecurityConstants.TOKEN, token);
}
}
}
@@ -237,5 +238,34 @@ public class IssuedTokenInterceptorProvi
}
}
}
+
+ private SecurityToken findIssuedToken(Vector wsSecEngineResults) {
+ for (int j = 0; j < wsSecEngineResults.size(); j++) {
+ WSSecurityEngineResult wser =
+ (WSSecurityEngineResult) wsSecEngineResults.get(j);
+ Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
+ if (actInt.intValue() == WSConstants.SIGN) {
+ Principal principal =
+ (Principal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
+ if (principal instanceof CustomTokenPrincipal) {
+ CustomTokenPrincipal customPrincipal =
+ (CustomTokenPrincipal)principal;
+ byte[] secretKey =
+ (byte[])wser.get(WSSecurityEngineResult.TAG_DECRYPTED_KEY);
+ if (secretKey != null) {
+ SecurityToken token =
+ new SecurityToken(
+ customPrincipal.getName(),
+ (java.util.Calendar)null,
+ (java.util.Calendar)null
+ );
+ token.setSecret(secretKey);
+ return token;
+ }
+ }
+ }
+ }
+ return null;
+ }
}
}