You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ru...@apache.org on 2008/01/23 18:56:06 UTC
svn commit: r614592 - in /webservices/rampart/trunk/java/modules:
rampart-core/src/main/java/org/apache/rampart/handler/
rampart-integration/src/test/java/org/apache/axis2/security/
rampart-integration/src/test/resources/security/ rampart-trust/src/mai...
Author: ruchithf
Date: Wed Jan 23 09:56:01 2008
New Revision: 614592
URL: http://svn.apache.org/viewvc?rev=614592&view=rev
Log:
Fixed the build break
Updated the token class to make sure we intern namespace strgin objects of the token xml
Added verification to check for an empty security header
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java Wed Jan 23 09:56:01 2008
@@ -26,11 +26,13 @@
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.rampart.RampartMessageData;
+import org.apache.rampart.util.HandlerParameterDecoder;
import org.apache.ws.secpolicy.model.Binding;
import org.apache.ws.security.handler.WSHandlerConstants;
import java.util.Iterator;
import java.util.List;
+import java.util.Vector;
/**
* Handler to verify the message security after dispatch
@@ -128,6 +130,19 @@
throw new AxisFault("InvalidSecurity");
}
+ //Check for an empty security processing results when parameter based
+ //configuration is used
+ if(msgContext.getParameter(WSSHandlerConstants.INFLOW_SECURITY) != null ||
+ msgContext.getProperty(WSSHandlerConstants.INFLOW_SECURITY) != null) {
+ if(msgContext.getProperty(WSHandlerConstants.RECV_RESULTS) == null) {
+ throw new AxisFault("InvalidSecurity");
+ } else {
+ if(((Vector)msgContext.getProperty(WSHandlerConstants.RECV_RESULTS)).size() == 0) {
+ throw new AxisFault("InvalidSecurity");
+ }
+ }
+ }
+
return InvocationResponse.CONTINUE;
}
Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/axis2/security/AddressingMTOMSecurityTest.java Wed Jan 23 09:56:01 2008
@@ -42,7 +42,6 @@
ofc.setSignatureKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
ofc.setEncryptionKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
ofc.setSignatureParts("{Element}{" + ADDR_NS + "}To;" +
- "{Element}{" + ADDR_NS + "}ReplyTo;" +
"{Element}{" + ADDR_NS + "}MessageID;" +
"{Element}{" + WSU_NS + "}Timestamp");
ofc.setOptimizeParts(
@@ -85,7 +84,6 @@
ofc.setSignatureKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
ofc.setEncryptionKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
ofc.setSignatureParts("{Element}{" + ADDR_NS + "}To;" +
- "{Element}{" + ADDR_NS + "}ReplyTo;" +
"{Element}{" + ADDR_NS + "}MessageID;" +
"{Element}{" + WSU_NS + "}Timestamp");
ofc.setOptimizeParts(
Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.client.axis2.xml Wed Jan 23 09:56:01 2008
@@ -22,7 +22,7 @@
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
<encryptionUser>bob</encryptionUser>
- <signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}ReplyTo;{Element}{http://www.w3.org/2005/08/addressing}MessageID;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
+ <signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}MessageID;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
<optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
</action>
Modified: webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml (original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/security/complete.service.xml Wed Jan 23 09:56:01 2008
@@ -22,7 +22,7 @@
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
<encryptionUser>alice</encryptionUser>
- <signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}ReplyTo;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
+ <signatureParts>{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
<optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
</action>
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java?rev=614592&r1=614591&r2=614592&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java Wed Jan 23 09:56:01 2008
@@ -135,8 +135,10 @@
Date created,
Date expires) throws TrustException {
this.id = id;
- this.token = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
- tokenElem.getXMLStreamReader()).getDocumentElement();
+ StAXOMBuilder stAXOMBuilder = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
+ tokenElem.getXMLStreamReader());
+ stAXOMBuilder.setNamespaceURIInterning(true);
+ this.token = stAXOMBuilder.getDocumentElement();
this.created = created;
this.expires = expires;
}
@@ -145,8 +147,10 @@
OMElement tokenElem,
OMElement lifetimeElem) throws TrustException {
this.id = id;
- this.token = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
- tokenElem.getXMLStreamReader()).getDocumentElement();
+ StAXOMBuilder stAXOMBuilder = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(),
+ tokenElem.getXMLStreamReader());
+ stAXOMBuilder.setNamespaceURIInterning(true);
+ this.token = stAXOMBuilder.getDocumentElement();
this.processLifeTime(lifetimeElem);
}