You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ru...@apache.org on 2008/01/23 18:56:06 UTC

svn commit: r614592 - in /webservices/rampart/trunk/java/modules: rampart-core/src/main/java/org/apache/rampart/handler/ rampart-integration/src/test/java/org/apache/axis2/security/ rampart-integration/src/test/resources/security/ rampart-trust/src/mai...

Author: ruchithf
Date: Wed Jan 23 09:56:01 2008
New Revision: 614592

URL: http://svn.apache.org/viewvc?rev=614592&view=rev
Log:
Fixed the build break
Updated the token class to make sure we intern namespace strgin objects of the token xml
Added verification to check for an empty security header


Modified:
    webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
    webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java
    webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml
    webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml
    webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java

Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java Wed Jan 23 09:56:01 2008
@@ -26,11 +26,13 @@
 import org.apache.neethi.Policy;
 import org.apache.neethi.PolicyEngine;
 import org.apache.rampart.RampartMessageData;
+import org.apache.rampart.util.HandlerParameterDecoder;
 import org.apache.ws.secpolicy.model.Binding;
 import org.apache.ws.security.handler.WSHandlerConstants;
 
 import java.util.Iterator;
 import java.util.List;
+import java.util.Vector;
 
 /**
  * Handler to verify the message security after dispatch
@@ -128,6 +130,19 @@
             throw new AxisFault("InvalidSecurity");
         }
         
+        //Check for an empty security processing results when parameter based 
+        //configuration is used
+        if(msgContext.getParameter(WSSHandlerConstants.INFLOW_SECURITY) != null ||
+                msgContext.getProperty(WSSHandlerConstants.INFLOW_SECURITY) != null) {
+            if(msgContext.getProperty(WSHandlerConstants.RECV_RESULTS) == null) {
+                    throw new AxisFault("InvalidSecurity");
+            } else {
+                if(((Vector)msgContext.getProperty(WSHandlerConstants.RECV_RESULTS)).size() == 0) {
+                    throw new AxisFault("InvalidSecurity");
+                }
+            }
+        }
+
         return InvocationResponse.CONTINUE;
         
     }

Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java Wed Jan 23 09:56:01 2008
@@ -42,7 +42,6 @@
         ofc.setSignatureKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
         ofc.setEncryptionKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
         ofc.setSignatureParts("{Element}{" + ADDR_NS + "}To;" +
-                                "{Element}{" + ADDR_NS + "}ReplyTo;" +
                                 "{Element}{" + ADDR_NS + "}MessageID;" +
                                 "{Element}{" + WSU_NS + "}Timestamp");
         ofc.setOptimizeParts(
@@ -85,7 +84,6 @@
         ofc.setSignatureKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
         ofc.setEncryptionKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
         ofc.setSignatureParts("{Element}{" + ADDR_NS + "}To;" +
-                                "{Element}{" + ADDR_NS + "}ReplyTo;" +
                                 "{Element}{" + ADDR_NS + "}MessageID;" +
                                 "{Element}{" + WSU_NS + "}Timestamp");
         ofc.setOptimizeParts(

Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml Wed Jan 23 09:56:01 2008
@@ -22,7 +22,7 @@
         <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
         <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
         <encryptionUser>bob</encryptionUser>
-        <signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}ReplyTo;{Element}{http://www.w3.org/2005/08/addressing}MessageID;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
+        <signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}MessageID;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
 
         <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
       </action>

Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml Wed Jan 23 09:56:01 2008
@@ -22,7 +22,7 @@
         <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
         <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
         <encryptionUser>alice</encryptionUser>
-        <signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}ReplyTo;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
+        <signatureParts>{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
 
         <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
       </action>

Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java Wed Jan 23 09:56:01 2008
@@ -135,8 +135,10 @@
                  Date created,
                  Date expires) throws TrustException {
         this.id = id;
-        this.token = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
-                tokenElem.getXMLStreamReader()).getDocumentElement();
+        StAXOMBuilder stAXOMBuilder = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
+                tokenElem.getXMLStreamReader());
+        stAXOMBuilder.setNamespaceURIInterning(true);
+        this.token = stAXOMBuilder.getDocumentElement();
         this.created = created;
         this.expires = expires;
     }
@@ -145,8 +147,10 @@
                  OMElement tokenElem,
                  OMElement lifetimeElem) throws TrustException {
         this.id = id;
-        this.token = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
-                tokenElem.getXMLStreamReader()).getDocumentElement();
+        StAXOMBuilder stAXOMBuilder = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
+                tokenElem.getXMLStreamReader());
+        stAXOMBuilder.setNamespaceURIInterning(true);
+        this.token = stAXOMBuilder.getDocumentElement();
         this.processLifeTime(lifetimeElem);
     }