You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/01/11 17:27:17 UTC

svn commit: r1057714 - in /cxf/trunk/rt/ws/security: pom.xml src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java

Author: coheigea
Date: Tue Jan 11 16:27:17 2011
New Revision: 1057714

URL: http://svn.apache.org/viewvc?rev=1057714&view=rev
Log:
[CXF-3236] - Add support for an Issued Token extracted from a SAML assertion
 - Upgrading to use WSS4J 1.5.11-SNAPSHOT temporarily, which will be released soon. 

Modified:
    cxf/trunk/rt/ws/security/pom.xml
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java

Modified: cxf/trunk/rt/ws/security/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/pom.xml?rev=1057714&r1=1057713&r2=1057714&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/pom.xml (original)
+++ cxf/trunk/rt/ws/security/pom.xml Tue Jan 11 16:27:17 2011
@@ -91,7 +91,7 @@
         <dependency>
             <groupId>org.apache.ws.security</groupId>
             <artifactId>wss4j</artifactId>
-            <version>1.5.10</version>
+            <version>1.5.11-SNAPSHOT</version>
             <exclusions>
                 <exclusion>
                     <groupId>axis</groupId>

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1057714&r1=1057713&r2=1057714&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Tue Jan 11 16:27:17 2011
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.ws.security.policy.interceptors;
 
+import java.security.Principal;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Vector;
@@ -47,6 +48,9 @@ import org.apache.cxf.ws.security.trust.
 import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor;
 import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor;
 import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.ws.security.CustomTokenPrincipal;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.handler.WSHandlerConstants;
 import org.apache.ws.security.handler.WSHandlerResult;
 
@@ -216,13 +220,10 @@ public class IssuedTokenInterceptorProvi
                                     (WSHandlerResult) results.get(i);
     
                             Vector wsSecEngineResults = rResult.getResults();
-    
-                            for (int j = 0; j < wsSecEngineResults.size(); j++) {
-                                //WSSecurityEngineResult wser =
-                                //        (WSSecurityEngineResult) wsSecEngineResults.get(j);
-                                //Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
-                                //how to find if it's due to an IssuedToken?
+                            SecurityToken token = findIssuedToken(wsSecEngineResults);
+                            if (token != null) {
                                 found = true;
+                                message.getExchange().put(SecurityConstants.TOKEN, token);
                             }
                         }
                     }
@@ -237,5 +238,34 @@ public class IssuedTokenInterceptorProvi
                 }
             }
         }
+        
+        private SecurityToken findIssuedToken(Vector wsSecEngineResults) {
+            for (int j = 0; j < wsSecEngineResults.size(); j++) {
+                WSSecurityEngineResult wser =
+                    (WSSecurityEngineResult) wsSecEngineResults.get(j);
+                Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
+                if (actInt.intValue() == WSConstants.SIGN) {
+                    Principal principal = 
+                        (Principal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
+                    if (principal instanceof CustomTokenPrincipal) {
+                        CustomTokenPrincipal customPrincipal = 
+                            (CustomTokenPrincipal)principal;
+                        byte[] secretKey = 
+                            (byte[])wser.get(WSSecurityEngineResult.TAG_DECRYPTED_KEY);
+                        if (secretKey != null) {
+                            SecurityToken token = 
+                                new SecurityToken(
+                                    customPrincipal.getName(), 
+                                    (java.util.Calendar)null, 
+                                    (java.util.Calendar)null
+                                );
+                            token.setSecret(secretKey);
+                            return token;
+                        }
+                    }
+                }
+            }
+            return null;
+        }
     }
 }