You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/07/07 18:28:09 UTC

svn commit: r1689711 - /webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java

Author: coheigea
Date: Tue Jul  7 16:28:09 2015
New Revision: 1689711

URL: http://svn.apache.org/r1689711
Log:
Refinement of previous commit


Conflicts:
	ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java

Modified:
    webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java

Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java?rev=1689711&r1=1689710&r2=1689711&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java (original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java Tue Jul  7 16:28:09 2015
@@ -74,7 +74,6 @@ import org.apache.wss4j.dom.bsp.BSPEnfor
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.message.CallbackLookup;
 import org.apache.wss4j.dom.message.DOMCallbackLookup;
-import org.apache.wss4j.dom.message.token.BinarySecurity;
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
 import org.apache.wss4j.dom.message.token.Timestamp;
 import org.apache.wss4j.dom.str.STRParser;
@@ -481,62 +480,24 @@ public class SignatureProcessor implemen
                     WSSecurityUtil.storeElementInContext(context, element);
                 }
             }
-            if (element != null && "BinarySecurityToken".equals(element.getLocalName())
-                && WSConstants.WSSE_NS.equals(element.getNamespaceURI())
-                && isXopInclude(element)) {
-                // We don't write out the xop:Include bytes into the BinarySecurityToken by default
-                // But if the BST is signed, then we have to, or else Signature validation fails...
-                handleXopInclude(element, wsDocInfo);
-            } else if (element != null) {
-                // Handle EncryptedData children that might store the bytes in the attachment
-                List<Element> encElements = 
-                    WSSecurityUtil.findElements(element, "EncryptedData", WSConstants.ENC_NS);
-                for (Element encElement : encElements) {
-                    Element xencCipherValue = EncryptionUtils.getCipherValueFromEncryptedData(encElement);
-                    
-                    String xopURI = EncryptionUtils.getXOPURIFromCipherValue(xencCipherValue);
+            if (element != null) {
+                // Look for xop:Include Nodes
+                List<Element> includeElements = 
+                    WSSecurityUtil.findElements(element, "Include", WSConstants.XOP_NS);
+                for (Element includeElement : includeElements) {
+                    String xopURI = includeElement.getAttributeNS(null, "href");
                     if (xopURI != null) {
                         // Store the bytes in the attachment to calculate the signature
                         byte[] attachmentBytes = WSSecurityUtil.getBytesFromAttachment(xopURI, data);
                         String encodedBytes = Base64.encode(attachmentBytes);
 
-                        Element includeElement =
-                            WSSecurityUtil.getDirectChildElement(xencCipherValue, "Include", WSConstants.XOP_NS);
-
                         Node newCipherValueChild = 
-                            encElement.getOwnerDocument().createTextNode(encodedBytes);
-                        xencCipherValue.replaceChild(newCipherValueChild, includeElement);
+                            includeElement.getOwnerDocument().createTextNode(encodedBytes);
+                        includeElement.getParentNode().replaceChild(newCipherValueChild, includeElement);
                     }
                 }
             }
         }
-    }
-    
-    private boolean isXopInclude(Element element) {
-        Element elementChild =
-            WSSecurityUtil.getDirectChildElement(element, "Include", WSConstants.XOP_NS);
-        if (elementChild != null && elementChild.hasAttributeNS(null, "href")) {
-            String xopUri = elementChild.getAttributeNS(null, "href");
-            if (xopUri != null && xopUri.startsWith("cid:")) {
-                return true;
-            }
-        }
-        return false;
-    }
-    
-    private void handleXopInclude(Element element, WSDocInfo wsDocInfo) {
-        List<WSSecurityEngineResult> actionResults = wsDocInfo.getResultsByTag(WSConstants.BST);
-        if (actionResults != null) {
-            for (WSSecurityEngineResult result : actionResults) {
-                Element token = (Element)result.get(WSSecurityEngineResult.TAG_TOKEN_ELEMENT);
-                if (element.equals(token)) {
-                    BinarySecurity binarySecurity = 
-                        (BinarySecurity)result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
-                    binarySecurity.encodeRawToken();
-                    return;
-                }
-            }
-        }
     }
     
     /**