You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/03/16 18:45:30 UTC
cxf git commit: More ws-security related refactoring
Repository: cxf
Updated Branches:
refs/heads/master d4f9674ba -> f94861bd6
More ws-security related refactoring
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f94861bd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f94861bd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f94861bd
Branch: refs/heads/master
Commit: f94861bd6745e92bc1f69acaa907761f3bcc0613
Parents: d4f9674
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon Mar 16 17:43:59 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Mon Mar 16 17:43:59 2015 +0000
----------------------------------------------------------------------
.../apache/cxf/ws/security/SecurityUtils.java | 83 ++++++++++++++
.../KerberosTokenInterceptorProvider.java | 16 +--
.../policy/interceptors/NegotiationUtils.java | 12 +-
.../policy/interceptors/STSTokenHelper.java | 15 ++-
.../SecureConversationInInterceptor.java | 8 +-
.../SecureConversationOutInterceptor.java | 8 +-
.../SpnegoContextTokenOutInterceptor.java | 6 +-
.../tokenstore/EHCacheTokenStoreFactory.java | 5 +-
.../security/tokenstore/MemoryTokenStore.java | 2 +-
.../security/tokenstore/TokenStoreFactory.java | 33 ------
.../ws/security/trust/AbstractSTSClient.java | 32 ++----
.../apache/cxf/ws/security/trust/STSClient.java | 2 +-
.../cxf/ws/security/trust/STSLoginModule.java | 4 +-
.../ws/security/trust/STSTokenValidator.java | 23 +---
.../wss4j/AbstractWSS4JInterceptor.java | 2 +-
.../wss4j/AbstractWSS4JStaxInterceptor.java | 11 +-
.../wss4j/PolicyBasedWSS4JInInterceptor.java | 10 +-
.../ws/security/wss4j/SamlTokenInterceptor.java | 5 +-
.../ws/security/wss4j/WSS4JInInterceptor.java | 12 +-
.../security/wss4j/WSS4JStaxInInterceptor.java | 3 +-
.../cxf/ws/security/wss4j/WSS4JUtils.java | 112 +------------------
.../policyhandlers/AbstractBindingBuilder.java | 8 +-
.../AbstractCommonBindingHandler.java | 4 +-
.../StaxAsymmetricBindingHandler.java | 6 +-
.../StaxSymmetricBindingHandler.java | 9 +-
.../StaxTransportBindingHandler.java | 4 +-
26 files changed, 165 insertions(+), 270 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityUtils.java
index 7aec398..17f8d57 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityUtils.java
@@ -18,9 +18,20 @@
*/
package org.apache.cxf.ws.security;
+import java.io.IOException;
+import java.net.URL;
+
import javax.security.auth.callback.CallbackHandler;
+import org.apache.cxf.Bus;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.classloader.ClassLoaderUtils.ClassLoaderHolder;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
/**
@@ -47,4 +58,76 @@ public final class SecurityUtils {
return handler;
}
+ public static URL getConfigFileURL(Message message, String configFileKey, String configFileDefault) {
+ Object o = message.getContextualProperty(configFileKey);
+ if (o == null) {
+ o = configFileDefault;
+ }
+
+ return loadResource(message, o);
+ }
+
+ public static URL loadResource(Message message, Object o) {
+
+ if (o instanceof String) {
+ URL url = ClassLoaderUtils.getResource((String)o, SecurityUtils.class);
+ if (url != null) {
+ return url;
+ }
+ ClassLoaderHolder orig = null;
+ try {
+ ResourceManager manager = message.getExchange().get(Bus.class).getExtension(ResourceManager.class);
+ ClassLoader loader = manager.resolveResource((String)o, ClassLoader.class);
+ if (loader != null) {
+ orig = ClassLoaderUtils.setThreadContextClassloader(loader);
+ }
+ url = manager.resolveResource((String)o, URL.class);
+ if (url == null) {
+ try {
+ url = new URL((String)o);
+ } catch (IOException e) {
+ // Do nothing
+ }
+ }
+ return url;
+ } finally {
+ if (orig != null) {
+ orig.reset();
+ }
+ }
+ } else if (o instanceof URL) {
+ return (URL)o;
+ }
+ return null;
+ }
+
+ public static TokenStore getTokenStore(Message message) {
+ EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
+ synchronized (info) {
+ TokenStore tokenStore =
+ (TokenStore)message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
+ if (tokenStore == null) {
+ tokenStore = (TokenStore)info.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
+ }
+ if (tokenStore == null) {
+ TokenStoreFactory tokenStoreFactory = TokenStoreFactory.newInstance();
+ String cacheKey = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
+ String cacheIdentifier =
+ (String)message.getContextualProperty(SecurityConstants.CACHE_IDENTIFIER);
+ if (cacheIdentifier != null) {
+ cacheKey += "-" + cacheIdentifier;
+ } else if (info.getName() != null) {
+ int hashcode = info.getName().toString().hashCode();
+ if (hashcode < 0) {
+ cacheKey += hashcode;
+ } else {
+ cacheKey += "-" + hashcode;
+ }
+ }
+ tokenStore = tokenStoreFactory.newTokenStore(cacheKey, message);
+ info.setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, tokenStore);
+ }
+ return tokenStore;
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
index 6083f66..2c14dd3 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
@@ -41,18 +41,17 @@ import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.kerberos.KerberosClient;
import org.apache.cxf.ws.security.kerberos.KerberosUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.wss4j.KerberosTokenInterceptor;
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxInInterceptor;
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxOutInterceptor;
import org.apache.cxf.ws.security.wss4j.StaxSecurityContextInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
-import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.cxf.ws.security.wss4j.policyvalidators.KerberosTokenPolicyValidator;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
@@ -99,11 +98,6 @@ public class KerberosTokenInterceptorProvider extends AbstractPolicyInterceptorP
this.getInFaultInterceptors().add(PolicyBasedWSS4JStaxInInterceptor.INSTANCE);
}
-
- static final TokenStore getTokenStore(Message message) {
- return WSS4JUtils.getTokenStore(message);
- }
-
static class KerberosTokenOutInterceptor extends AbstractPhaseInterceptor<Message> {
public KerberosTokenOutInterceptor() {
super(Phase.PREPARE_SEND);
@@ -137,11 +131,11 @@ public class KerberosTokenInterceptorProvider extends AbstractPolicyInterceptorP
tok.getId());
message.getExchange().put(SecurityConstants.TOKEN_ID,
tok.getId());
- getTokenStore(message).add(tok);
+ SecurityUtils.getTokenStore(message).add(tok);
// Create another cache entry with the SHA1 Identifier as the key for easy retrieval
if (tok.getSHA1() != null) {
- getTokenStore(message).add(tok.getSHA1(), tok);
+ SecurityUtils.getTokenStore(message).add(tok.getSHA1(), tok);
}
}
} else {
@@ -210,7 +204,7 @@ public class KerberosTokenInterceptorProvider extends AbstractPolicyInterceptorP
if (valid) {
SecurityToken token = createSecurityToken(kerberosToken);
token.setSecret((byte[])wser.get(WSSecurityEngineResult.TAG_SECRET));
- getTokenStore(message).add(token);
+ SecurityUtils.getTokenStore(message).add(token);
message.getExchange().put(SecurityConstants.TOKEN_ID, token.getId());
return;
}
@@ -298,7 +292,7 @@ public class KerberosTokenInterceptorProvider extends AbstractPolicyInterceptorP
// Just consume this for now as it isn't critical...
}
- getTokenStore(message).add(token);
+ SecurityUtils.getTokenStore(message).add(token);
message.getExchange().put(SecurityConstants.TOKEN_ID, token.getId());
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
index 5180959..aab8fc3 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
@@ -43,11 +43,11 @@ import org.apache.cxf.ws.policy.EndpointPolicy;
import org.apache.cxf.ws.policy.PolicyEngine;
import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.trust.STSUtils;
-import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.neethi.Assertion;
import org.apache.neethi.Policy;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
@@ -91,10 +91,6 @@ final class NegotiationUtils {
return (Trust13)ai.getAssertion();
}
- static TokenStore getTokenStore(Message message) {
- return WSS4JUtils.getTokenStore(message);
- }
-
static Assertion getAddressingPolicy(AssertionInfoMap aim, boolean optional) {
Collection<AssertionInfo> lst = aim.get(MetadataConstants.USING_ADDRESSING_2004_QNAME);
Assertion assertion = null;
@@ -184,7 +180,7 @@ final class NegotiationUtils {
try {
Endpoint endpoint = message.getExchange().getEndpoint();
- TokenStore store = getTokenStore(message);
+ TokenStore store = SecurityUtils.getTokenStore(message);
if (secConv) {
endpoint = STSUtils.createSCEndpoint(bus,
namespace,
@@ -257,7 +253,7 @@ final class NegotiationUtils {
(SecurityContextToken)wser.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getIdentifier());
- SecurityToken token = getTokenStore(message).getToken(tok.getIdentifier());
+ SecurityToken token = SecurityUtils.getTokenStore(message).getToken(tok.getIdentifier());
if (token == null || token.isExpired()) {
byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
if (secret != null) {
@@ -265,7 +261,7 @@ final class NegotiationUtils {
token.setToken(tok.getElement());
token.setSecret(secret);
token.setTokenType(tok.getTokenType());
- getTokenStore(message).add(token);
+ SecurityUtils.getTokenStore(message).add(token);
}
}
if (token != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenHelper.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenHelper.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenHelper.java
index a4d3f41..0177d08 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenHelper.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenHelper.java
@@ -26,7 +26,6 @@ import java.util.logging.Level;
import java.util.logging.Logger;
import org.w3c.dom.Element;
-
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.Fault;
@@ -36,12 +35,12 @@ import org.apache.cxf.ws.addressing.AddressingProperties;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.trust.STSUtils;
-import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.dom.WSConstants;
@@ -98,7 +97,7 @@ public final class STSTokenHelper {
message.put(SecurityConstants.TOKEN_ID, tok.getId());
}
// ?
- WSS4JUtils.getTokenStore(message).add(tok);
+ SecurityUtils.getTokenStore(message).add(tok);
return tok;
}
@@ -115,7 +114,7 @@ public final class STSTokenHelper {
if (tok == null) {
String tokId = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
if (tokId != null) {
- tok = WSS4JUtils.getTokenStore(message).getToken(tokId);
+ tok = SecurityUtils.getTokenStore(message).getToken(tokId);
}
}
} else {
@@ -123,7 +122,7 @@ public final class STSTokenHelper {
if (tok == null) {
String tokId = (String)message.get(SecurityConstants.TOKEN_ID);
if (tokId != null) {
- tok = WSS4JUtils.getTokenStore(message).getToken(tokId);
+ tok = SecurityUtils.getTokenStore(message).getToken(tokId);
}
}
}
@@ -213,7 +212,7 @@ public final class STSTokenHelper {
message.getExchange().get(Endpoint.class).remove(SecurityConstants.TOKEN_ID);
message.getExchange().remove(SecurityConstants.TOKEN_ID);
message.getExchange().remove(SecurityConstants.TOKEN);
- NegotiationUtils.getTokenStore(message).remove(tok.getId());
+ SecurityUtils.getTokenStore(message).remove(tok.getId());
// If the user has explicitly disabled Renewing then we can't renew a token,
// so just get a new one
@@ -322,7 +321,7 @@ public final class STSTokenHelper {
Element actAsToken,
String appliesTo,
boolean enableAppliesTo) throws Exception {
- TokenStore tokenStore = WSS4JUtils.getTokenStore(message);
+ TokenStore tokenStore = SecurityUtils.getTokenStore(message);
String key = appliesTo;
if (!enableAppliesTo || key == null || "".equals(key)) {
key = ASSOCIATED_TOKEN;
@@ -387,7 +386,7 @@ public final class STSTokenHelper {
if (issuedToken == null) {
return;
}
- TokenStore tokenStore = WSS4JUtils.getTokenStore(message);
+ TokenStore tokenStore = SecurityUtils.getTokenStore(message);
String key = appliesTo;
if (!enableAppliesTo || key == null || "".equals(key)) {
key = ASSOCIATED_TOKEN;
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
index ada01ef..930b8a8 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
@@ -47,6 +47,7 @@ import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInterceptorProvider.HttpsTokenInInterceptor;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
@@ -57,7 +58,6 @@ import org.apache.cxf.ws.security.trust.STSUtils;
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor;
-import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.neethi.All;
import org.apache.neethi.Assertion;
import org.apache.neethi.ExactlyOne;
@@ -445,7 +445,7 @@ class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessa
if (st == null) {
String id = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
if (id != null) {
- st = WSS4JUtils.getTokenStore(message).getToken(id);
+ st = SecurityUtils.getTokenStore(message).getToken(id);
}
}
if (st != null && !st.isExpired()) {
@@ -526,7 +526,7 @@ class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessa
if (tok == null) {
String tokId = (String)m2.getContextualProperty(SecurityConstants.TOKEN_ID);
if (tokId != null) {
- tok = NegotiationUtils.getTokenStore(m2).getToken(tokId);
+ tok = SecurityUtils.getTokenStore(m2).getToken(tokId);
}
}
@@ -549,7 +549,7 @@ class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessa
}
client.cancelSecurityToken(tok);
- NegotiationUtils.getTokenStore(m2).remove(tok.getId());
+ SecurityUtils.getTokenStore(m2).remove(tok.getId());
m2.put(SecurityConstants.TOKEN, null);
} catch (RuntimeException e) {
throw e;
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
index ee84f92..bba1952 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
@@ -36,6 +36,7 @@ import org.apache.cxf.ws.addressing.AddressingProperties;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider.IssuedTokenOutInterceptor;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
@@ -74,8 +75,7 @@ class SecureConversationOutInterceptor extends AbstractPhaseInterceptor<SoapMess
if (tok == null) {
String tokId = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
if (tokId != null) {
- tok = NegotiationUtils
- .getTokenStore(message).getToken(tokId);
+ tok = SecurityUtils.getTokenStore(message).getToken(tokId);
}
}
if (tok == null) {
@@ -91,7 +91,7 @@ class SecureConversationOutInterceptor extends AbstractPhaseInterceptor<SoapMess
message.getExchange().get(Endpoint.class).put(SecurityConstants.TOKEN_ID, tok.getId());
message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
message.getExchange().put(SecurityConstants.TOKEN, tok);
- NegotiationUtils.getTokenStore(message).add(tok);
+ SecurityUtils.getTokenStore(message).add(tok);
}
PolicyUtils.assertPolicy(aim, SPConstants.BOOTSTRAP_POLICY);
} else {
@@ -119,7 +119,7 @@ class SecureConversationOutInterceptor extends AbstractPhaseInterceptor<SoapMess
message.getExchange().get(Endpoint.class).remove(SecurityConstants.TOKEN_ID);
message.getExchange().remove(SecurityConstants.TOKEN_ID);
message.getExchange().remove(SecurityConstants.TOKEN);
- NegotiationUtils.getTokenStore(message).remove(tok.getId());
+ SecurityUtils.getTokenStore(message).remove(tok.getId());
STSClient client = STSUtils.getClient(message, "sct");
AddressingProperties maps =
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
index 14b4d62..af7b0ac 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
@@ -62,12 +62,12 @@ class SpnegoContextTokenOutInterceptor extends AbstractPhaseInterceptor<SoapMess
String tokId = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
SecurityToken tok = null;
if (tokId != null) {
- tok = NegotiationUtils.getTokenStore(message).getToken(tokId);
+ tok = SecurityUtils.getTokenStore(message).getToken(tokId);
if (tok != null && tok.isExpired()) {
message.getExchange().get(Endpoint.class).remove(SecurityConstants.TOKEN_ID);
message.getExchange().remove(SecurityConstants.TOKEN_ID);
- NegotiationUtils.getTokenStore(message).remove(tokId);
+ SecurityUtils.getTokenStore(message).remove(tokId);
tok = null;
}
}
@@ -81,7 +81,7 @@ class SpnegoContextTokenOutInterceptor extends AbstractPhaseInterceptor<SoapMess
}
message.getExchange().get(Endpoint.class).put(SecurityConstants.TOKEN_ID, tok.getId());
message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
- NegotiationUtils.getTokenStore(message).add(tok);
+ SecurityUtils.getTokenStore(message).add(tok);
}
} else {
// server side should be checked on the way in
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/EHCacheTokenStoreFactory.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/EHCacheTokenStoreFactory.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/EHCacheTokenStoreFactory.java
index 74ee172..61b8ded 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/EHCacheTokenStoreFactory.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/EHCacheTokenStoreFactory.java
@@ -22,6 +22,8 @@ package org.apache.cxf.ws.security.tokenstore;
import java.net.URL;
import org.apache.cxf.message.Message;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
/**
@@ -30,7 +32,8 @@ import org.apache.cxf.message.Message;
public class EHCacheTokenStoreFactory extends TokenStoreFactory {
public TokenStore newTokenStore(String key, Message message) {
- URL configFileURL = getConfigFileURL(message);
+ URL configFileURL = SecurityUtils.getConfigFileURL(message, SecurityConstants.CACHE_CONFIG_FILE,
+ "cxf-ehcache.xml");
return new EHCacheTokenStore(key, message.getExchange().getBus(), configFileURL);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
index ed719a4..ac8d930 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
@@ -33,7 +33,7 @@ public class MemoryTokenStore implements TokenStore {
public static final long DEFAULT_TTL = 60L * 5L;
public static final long MAX_TTL = DEFAULT_TTL * 12L;
- private Map<String, CacheEntry> tokens = new ConcurrentHashMap<String, CacheEntry>();
+ private Map<String, CacheEntry> tokens = new ConcurrentHashMap<>();
private long ttl = DEFAULT_TTL;
public void add(SecurityToken token) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/TokenStoreFactory.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/TokenStoreFactory.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/TokenStoreFactory.java
index c34d21f..dfb6eb2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/TokenStoreFactory.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/TokenStoreFactory.java
@@ -19,13 +19,7 @@
package org.apache.cxf.ws.security.tokenstore;
-import java.io.IOException;
-import java.net.URL;
-
-import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.message.Message;
-import org.apache.cxf.resource.ResourceManager;
-import org.apache.cxf.ws.security.SecurityConstants;
/**
* An abstract factory to return a TokenStore instance. It returns an EHCacheTokenStoreFactory
@@ -60,31 +54,4 @@ public abstract class TokenStoreFactory {
public abstract TokenStore newTokenStore(String key, Message message);
- protected URL getConfigFileURL(Message message) {
- Object o = message.getContextualProperty(SecurityConstants.CACHE_CONFIG_FILE);
- if (o == null) {
- o = "cxf-ehcache.xml";
- }
-
- if (o instanceof String) {
- URL url = null;
- ResourceManager rm = message.getExchange().getBus().getExtension(ResourceManager.class);
- url = rm.resolveResource((String)o, URL.class);
- try {
- if (url == null) {
- url = ClassLoaderUtils.getResource((String)o, TokenStoreFactory.class);
- }
- if (url == null) {
- url = new URL((String)o);
- }
- return url;
- } catch (IOException e) {
- // Do nothing
- }
- } else if (o instanceof URL) {
- return (URL)o;
- }
- return null;
- }
-
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 0e757c6..a9a11dc 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -54,7 +54,6 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusException;
import org.apache.cxf.binding.soap.SoapBindingConstants;
import org.apache.cxf.binding.soap.model.SoapOperationInfo;
-import org.apache.cxf.common.classloader.ClassLoaderUtils;
//import org.apache.cxf.common.i18n.Message;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.ModCountCopyOnWriteArrayList;
@@ -75,7 +74,6 @@ import org.apache.cxf.interceptor.InterceptorProvider;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.PhaseInterceptorChain;
-import org.apache.cxf.resource.ResourceManager;
import org.apache.cxf.rt.security.claims.ClaimCollection;
import org.apache.cxf.service.Service;
import org.apache.cxf.service.model.BindingInfo;
@@ -100,6 +98,7 @@ import org.apache.cxf.ws.policy.attachment.reference.ReferenceResolver;
import org.apache.cxf.ws.policy.attachment.reference.RemoteReferenceResolver;
import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.trust.claims.ClaimsCallback;
import org.apache.cxf.ws.security.trust.delegation.DelegationCallback;
@@ -191,16 +190,12 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
protected String context;
protected X509Certificate useKeyCertificate;
- protected Map<String, Object> ctx = new HashMap<String, Object>();
+ protected Map<String, Object> ctx = new HashMap<>();
- protected List<Interceptor<? extends Message>> in
- = new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
- protected List<Interceptor<? extends Message>> out
- = new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
- protected List<Interceptor<? extends Message>> outFault
- = new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
- protected List<Interceptor<? extends Message>> inFault
- = new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
+ protected List<Interceptor<? extends Message>> in = new ModCountCopyOnWriteArrayList<>();
+ protected List<Interceptor<? extends Message>> out = new ModCountCopyOnWriteArrayList<>();
+ protected List<Interceptor<? extends Message>> outFault = new ModCountCopyOnWriteArrayList<>();
+ protected List<Interceptor<? extends Message>> inFault = new ModCountCopyOnWriteArrayList<>();
protected List<Feature> features;
public AbstractSTSClient(Bus b) {
@@ -1559,15 +1554,11 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
protected CallbackHandler createHandler() {
Object o = getProperty(SecurityConstants.CALLBACK_HANDLER);
- if (o instanceof String) {
- try {
- Class<?> cls = ClassLoaderUtils.loadClass((String)o, this.getClass());
- o = cls.newInstance();
- } catch (Exception e) {
- throw new Fault(e);
- }
+ try {
+ return SecurityUtils.getCallbackHandler(o);
+ } catch (Exception e) {
+ throw new Fault(e);
}
- return (CallbackHandler)o;
}
protected Object getProperty(String s) {
@@ -1592,8 +1583,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
Object o = getProperty(SecurityConstants.STS_TOKEN_PROPERTIES + (decrypt ? ".decrypt" : ""));
- ResourceManager manager = bus.getExtension(ResourceManager.class);
- URL propsURL = WSS4JUtils.getPropertiesFileURL(o, manager, this.getClass());
+ URL propsURL = SecurityUtils.loadResource(message, o);
Properties properties = WSS4JUtils.getProps(o, propsURL);
if (properties != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
index afdaaea..899f509 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
@@ -114,7 +114,7 @@ public class STSClient extends AbstractSTSClient {
el = DOMUtils.getFirstElement(el);
String reason = null;
boolean valid = false;
- List<SecurityToken> tokens = new LinkedList<SecurityToken>();
+ List<SecurityToken> tokens = new LinkedList<>();
while (el != null) {
if ("Status".equals(el.getLocalName())) {
Element e2 = DOMUtils.getFirstChildWithName(el, el.getNamespaceURI(), "Code");
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
index 465a4c9..ec4e816 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
@@ -147,7 +147,7 @@ public class STSLoginModule implements LoginModule {
private static final Logger LOG = LogUtils.getL7dLogger(STSLoginModule.class);
private static final String TOKEN_STORE_KEY = "sts.login.module.tokenstore";
- private Set<Principal> roles = new HashSet<Principal>();
+ private Set<Principal> roles = new HashSet<>();
private Principal userPrincipal;
private Subject subject;
private CallbackHandler callbackHandler;
@@ -162,7 +162,7 @@ public class STSLoginModule implements LoginModule {
private String keyType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
private String tokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
private String namespace;
- private Map<String, Object> stsClientProperties = new HashMap<String, Object>();
+ private Map<String, Object> stsClientProperties = new HashMap<>();
@Override
public void initialize(Subject subj, CallbackHandler cbHandler, Map<String, ?> sharedState,
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
index 2a76672..3db4a43 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
@@ -28,13 +28,11 @@ import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.w3c.dom.Element;
-import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.message.Message;
-import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
-import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.cxf.ws.security.trust.delegation.DelegationCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl;
@@ -176,24 +174,7 @@ public class STSTokenValidator implements Validator {
return null;
}
- EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
- synchronized (info) {
- TokenStore tokenStore =
- (TokenStore)message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- if (tokenStore == null) {
- tokenStore = (TokenStore)info.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- }
- if (tokenStore == null) {
- TokenStoreFactory tokenStoreFactory = TokenStoreFactory.newInstance();
- String cacheKey = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
- if (info.getName() != null) {
- cacheKey += "-" + info.getName().toString().hashCode();
- }
- tokenStore = tokenStoreFactory.newTokenStore(cacheKey, message);
- info.setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, tokenStore);
- }
- return tokenStore;
- }
+ return SecurityUtils.getTokenStore(message);
}
protected boolean isValidatedLocally(Credential credential, RequestData data)
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
index 0c62232..d520907 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
@@ -202,7 +202,7 @@ public abstract class AbstractWSS4JInterceptor extends WSHandler implements Soap
PasswordEncryptor passwordEncryptor = getPasswordEncryptor(reqData);
return
WSS4JUtils.loadCryptoFromPropertiesFile(
- message, propFilename, this.getClass(), classLoader, passwordEncryptor
+ message, propFilename, classLoader, passwordEncryptor
);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
index 97a96ce..d7b27a1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
@@ -47,7 +47,6 @@ import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.PhaseInterceptor;
-import org.apache.cxf.resource.ResourceManager;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
@@ -382,7 +381,7 @@ public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
PasswordEncryptor passwordEncryptor = getPasswordEncryptor(soapMessage, securityProperties);
return
WSS4JUtils.loadCryptoFromPropertiesFile(
- soapMessage, propFilename, this.getClass(), getClassLoader(), passwordEncryptor
+ soapMessage, propFilename, getClassLoader(), passwordEncryptor
);
}
@@ -433,9 +432,7 @@ public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
} else if (e instanceof Crypto) {
return (Crypto)e;
} else {
- ResourceManager manager =
- message.getExchange().getBus().getExtension(ResourceManager.class);
- URL propsURL = WSS4JUtils.getPropertiesFileURL(e, manager, this.getClass());
+ URL propsURL = SecurityUtils.loadResource(message, e);
Properties props = WSS4JUtils.getProps(e, propsURL);
if (props == null) {
LOG.fine("Cannot find Crypto Encryption properties: " + e);
@@ -463,9 +460,7 @@ public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
} else if (s instanceof Crypto) {
return (Crypto)s;
} else {
- ResourceManager manager =
- message.getExchange().getBus().getExtension(ResourceManager.class);
- URL propsURL = WSS4JUtils.getPropertiesFileURL(s, manager, this.getClass());
+ URL propsURL = SecurityUtils.loadResource(message, s);
Properties props = WSS4JUtils.getProps(s, propsURL);
if (props == null) {
LOG.fine("Cannot find Crypto Signature properties: " + s);
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
index abeb41c..12aebb9 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
@@ -49,12 +49,12 @@ import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.helpers.MapNamespaceContext;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.resource.ResourceManager;
import org.apache.cxf.security.transport.TLSSessionInfo;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope;
import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType;
@@ -407,9 +407,7 @@ public class PolicyBasedWSS4JInInterceptor extends WSS4JInInterceptor {
if (e instanceof Crypto) {
encrCrypto = (Crypto)e;
} else if (e != null) {
- ResourceManager manager =
- message.getExchange().getBus().getExtension(ResourceManager.class);
- URL propsURL = WSS4JUtils.getPropertiesFileURL(e, manager, this.getClass());
+ URL propsURL = SecurityUtils.loadResource(message, e);
Properties props = WSS4JUtils.getProps(e, propsURL);
if (props == null) {
LOG.fine("Cannot find Crypto Encryption properties: " + e);
@@ -456,9 +454,7 @@ public class PolicyBasedWSS4JInInterceptor extends WSS4JInInterceptor {
if (s instanceof Crypto) {
signCrypto = (Crypto)s;
} else if (s != null) {
- ResourceManager manager =
- message.getExchange().getBus().getExtension(ResourceManager.class);
- URL propsURL = WSS4JUtils.getPropertiesFileURL(s, manager, this.getClass());
+ URL propsURL = SecurityUtils.loadResource(message, s);
Properties props = WSS4JUtils.getProps(s, propsURL);
if (props == null) {
LOG.fine("Cannot find Crypto Signature properties: " + s);
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index eb5ab1f..dd91cf2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -38,7 +38,6 @@ import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.security.DefaultSecurityContext;
-import org.apache.cxf.resource.ResourceManager;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.security.transport.TLSSessionInfo;
import org.apache.cxf.ws.policy.AssertionInfo;
@@ -300,9 +299,7 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
return null;
}
- ResourceManager manager =
- message.getExchange().getBus().getExtension(ResourceManager.class);
- URL propsURL = WSS4JUtils.getPropertiesFileURL(o, manager, this.getClass());
+ URL propsURL = SecurityUtils.loadResource(message, o);
Properties properties = WSS4JUtils.getProps(o, propsURL);
if (properties != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 5e49194..c175b58 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -712,10 +712,8 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor {
Endpoint ep = ((SoapMessage)reqData.getMsgContext()).getExchange().get(Endpoint.class);
if (ep != null && ep.getEndpointInfo() != null) {
TokenStore store =
- WSS4JUtils.getTokenStore((SoapMessage)reqData.getMsgContext(), false);
- if (store != null) {
- return new TokenStoreCallbackHandler(null, store);
- }
+ SecurityUtils.getTokenStore((SoapMessage)reqData.getMsgContext());
+ return new TokenStoreCallbackHandler(null, store);
}
throw sec;
}
@@ -723,10 +721,8 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor {
Endpoint ep = ((SoapMessage)reqData.getMsgContext()).getExchange().get(Endpoint.class);
if (ep != null && ep.getEndpointInfo() != null) {
- TokenStore store = WSS4JUtils.getTokenStore((SoapMessage)reqData.getMsgContext(), false);
- if (store != null) {
- return new TokenStoreCallbackHandler(cbHandler, store);
- }
+ TokenStore store = SecurityUtils.getTokenStore((SoapMessage)reqData.getMsgContext());
+ return new TokenStoreCallbackHandler(cbHandler, store);
}
return cbHandler;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
index 0c82445..112d333 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
@@ -44,6 +44,7 @@ import org.apache.cxf.interceptor.StaxInInterceptor;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.wss4j.common.ConfigurationConstants;
@@ -127,7 +128,7 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor {
final TokenStoreCallbackHandler callbackHandler =
new TokenStoreCallbackHandler(
- secProps.getCallbackHandler(), WSS4JUtils.getTokenStore(soapMessage)
+ secProps.getCallbackHandler(), SecurityUtils.getTokenStore(soapMessage)
);
secProps.setCallbackHandler(callbackHandler);
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
index d69e94d..accc4df 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
@@ -32,18 +32,14 @@ import org.apache.cxf.Bus;
import org.apache.cxf.binding.soap.SoapFault;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.SoapVersion;
-import org.apache.cxf.common.classloader.ClassLoaderUtils;
-import org.apache.cxf.common.classloader.ClassLoaderUtils.ClassLoaderHolder;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.resource.ResourceManager;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.cache.CXFEHCacheReplayCache;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.tokenstore.TokenStore;
-import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.wss4j.common.cache.ReplayCache;
import org.apache.wss4j.common.cache.ReplayCacheFactory;
import org.apache.wss4j.common.crypto.Crypto;
@@ -109,7 +105,8 @@ public final class WSS4JUtils {
cacheKey += "-" + hashcode;
}
}
- URL configFile = getConfigFileURL(message);
+ URL configFile = SecurityUtils.getConfigFileURL(message, SecurityConstants.CACHE_CONFIG_FILE,
+ "cxf-ehcache.xml");
if (ReplayCacheFactory.isEhCacheInstalled()) {
Bus bus = message.getExchange().getBus();
@@ -127,67 +124,6 @@ public final class WSS4JUtils {
return null;
}
- private static URL getConfigFileURL(Message message) {
- Object o = message.getContextualProperty(SecurityConstants.CACHE_CONFIG_FILE);
- if (o == null) {
- o = "/cxf-ehcache.xml";
- }
-
- if (o instanceof String) {
- URL url = null;
- ResourceManager rm = message.getExchange().get(Bus.class).getExtension(ResourceManager.class);
- url = rm.resolveResource((String)o, URL.class);
- try {
- if (url == null) {
- url = ClassLoaderUtils.getResource((String)o, ReplayCacheFactory.class);
- }
- if (url == null) {
- url = new URL((String)o);
- }
- return url;
- } catch (IOException e) {
- // Do nothing
- }
- } else if (o instanceof URL) {
- return (URL)o;
- }
- return null;
- }
-
- public static TokenStore getTokenStore(Message message) {
- return getTokenStore(message, true);
- }
-
- public static TokenStore getTokenStore(Message message, boolean create) {
- EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
- synchronized (info) {
- TokenStore tokenStore =
- (TokenStore)message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- if (tokenStore == null) {
- tokenStore = (TokenStore)info.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
- }
- if (create && tokenStore == null) {
- TokenStoreFactory tokenStoreFactory = TokenStoreFactory.newInstance();
- String cacheKey = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
- String cacheIdentifier =
- (String)message.getContextualProperty(SecurityConstants.CACHE_IDENTIFIER);
- if (cacheIdentifier != null) {
- cacheKey += "-" + cacheIdentifier;
- } else if (info.getName() != null) {
- int hashcode = info.getName().toString().hashCode();
- if (hashcode < 0) {
- cacheKey += hashcode;
- } else {
- cacheKey += "-" + hashcode;
- }
- }
- tokenStore = tokenStoreFactory.newTokenStore(cacheKey, message);
- info.setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, tokenStore);
- }
- return tokenStore;
- }
- }
-
public static String parseAndStoreStreamingSecurityToken(
org.apache.xml.security.stax.securityToken.SecurityToken securityToken,
Message message
@@ -195,7 +131,7 @@ public final class WSS4JUtils {
if (securityToken == null) {
return null;
}
- SecurityToken existingToken = getTokenStore(message).getToken(securityToken.getId());
+ SecurityToken existingToken = SecurityUtils.getTokenStore(message).getToken(securityToken.getId());
if (existingToken == null || existingToken.isExpired()) {
Date created = new Date();
Date expires = new Date();
@@ -229,7 +165,7 @@ public final class WSS4JUtils {
}
}
- getTokenStore(message).add(cachedTok);
+ SecurityUtils.getTokenStore(message).add(cachedTok);
return cachedTok.getId();
}
@@ -294,50 +230,14 @@ public final class WSS4JUtils {
return properties;
}
- public static URL getPropertiesFileURL(
- Object o, ResourceManager manager, Class<?> callingClass
- ) {
- if (o instanceof String) {
- ClassLoaderHolder orig = null;
- try {
- URL url = ClassLoaderUtils.getResource((String)o, callingClass);
- if (url == null) {
- ClassLoader loader = manager.resolveResource((String)o, ClassLoader.class);
- if (loader != null) {
- orig = ClassLoaderUtils.setThreadContextClassloader(loader);
- }
- url = manager.resolveResource((String)o, URL.class);
- }
- if (url == null) {
- try {
- url = new URL((String)o);
- } catch (IOException e) {
- // Do nothing
- }
- }
- return url;
- } finally {
- if (orig != null) {
- orig.reset();
- }
- }
- } else if (o instanceof URL) {
- return (URL)o;
- }
- return null;
- }
-
public static Crypto loadCryptoFromPropertiesFile(
Message message,
String propFilename,
- Class<?> callingClass,
ClassLoader classLoader,
PasswordEncryptor passwordEncryptor
) throws WSSecurityException {
try {
- ResourceManager manager =
- message.getExchange().getBus().getExtension(ResourceManager.class);
- URL url = getPropertiesFileURL(propFilename, manager, callingClass);
+ URL url = SecurityUtils.loadResource(message, propFilename);
if (url != null) {
Properties props = new Properties();
try (InputStream in = url.openStream()) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 4f2574e..38edb3e 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -51,7 +51,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import org.apache.cxf.Bus;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.saaj.SAAJUtils;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
@@ -63,7 +62,6 @@ import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.helpers.MapNamespaceContext;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.resource.ResourceManager;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
@@ -303,7 +301,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
}
protected final TokenStore getTokenStore() {
- return WSS4JUtils.getTokenStore(message);
+ return SecurityUtils.getTokenStore(message);
}
protected WSSecTimestamp createTimestamp() {
@@ -1472,9 +1470,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
return crypto;
}
- ResourceManager manager =
- message.getExchange().get(Bus.class).getExtension(ResourceManager.class);
- URL propsURL = WSS4JUtils.getPropertiesFileURL(o, manager, this.getClass());
+ URL propsURL = SecurityUtils.loadResource(message, o);
Properties properties = WSS4JUtils.getProps(o, propsURL);
if (properties != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractCommonBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractCommonBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractCommonBindingHandler.java
index e175f67..ae36dcc 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractCommonBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractCommonBindingHandler.java
@@ -33,9 +33,9 @@ import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.policy.PolicyException;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.neethi.Assertion;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -470,7 +470,7 @@ public abstract class AbstractCommonBindingHandler {
if (st == null) {
String id = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
if (id != null) {
- st = WSS4JUtils.getTokenStore(message).getToken(id);
+ st = SecurityUtils.getTokenStore(message).getToken(id);
}
}
return st;
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
index 2d1ebb1..c515749 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
@@ -32,8 +32,8 @@ import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.policy.SPConstants;
@@ -134,7 +134,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
WSSSecurityProperties properties = getProperties();
TokenStoreCallbackHandler callbackHandler =
new TokenStoreCallbackHandler(
- properties.getCallbackHandler(), WSS4JUtils.getTokenStore(message)
+ properties.getCallbackHandler(), SecurityUtils.getTokenStore(message)
);
properties.setCallbackHandler(callbackHandler);
} else if (initiatorToken instanceof SamlToken) {
@@ -261,7 +261,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
WSSSecurityProperties properties = getProperties();
TokenStoreCallbackHandler callbackHandler =
new TokenStoreCallbackHandler(
- properties.getCallbackHandler(), WSS4JUtils.getTokenStore(message)
+ properties.getCallbackHandler(), SecurityUtils.getTokenStore(message)
);
properties.setCallbackHandler(callbackHandler);
} else if (initiatorToken instanceof SamlToken) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
index 15c106b..139f233 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
@@ -35,6 +35,7 @@ import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.wss4j.common.ConfigurationConstants;
@@ -117,7 +118,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
WSSSecurityProperties properties = getProperties();
TokenStoreCallbackHandler callbackHandler =
new TokenStoreCallbackHandler(
- properties.getCallbackHandler(), WSS4JUtils.getTokenStore(message)
+ properties.getCallbackHandler(), SecurityUtils.getTokenStore(message)
);
properties.setCallbackHandler(callbackHandler);
@@ -202,7 +203,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
}
// Get hold of the token from the token storage
- tok = WSS4JUtils.getTokenStore(message).getToken(tokenId);
+ tok = SecurityUtils.getTokenStore(message).getToken(tokenId);
}
// Store key
@@ -334,7 +335,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
return;
}
if (sigTok == null) {
- sigTok = WSS4JUtils.getTokenStore(message).getToken(sigTokId);
+ sigTok = SecurityUtils.getTokenStore(message).getToken(sigTokId);
}
// Store key
@@ -603,7 +604,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
tempTok.setKey(symmetricKey);
tempTok.setSecret(symmetricKey.getEncoded());
- WSS4JUtils.getTokenStore(message).add(tempTok);
+ SecurityUtils.getTokenStore(message).add(tempTok);
return tempTok.getId();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f94861bd/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
index 1beb200..f07412e 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
@@ -33,9 +33,9 @@ import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.SecurityUtils;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
import org.apache.wss4j.policy.SPConstants;
@@ -315,7 +315,7 @@ public class StaxTransportBindingHandler extends AbstractStaxBindingHandler {
// Set up CallbackHandler which wraps the configured Handler
TokenStoreCallbackHandler callbackHandler =
new TokenStoreCallbackHandler(
- properties.getCallbackHandler(), WSS4JUtils.getTokenStore(message)
+ properties.getCallbackHandler(), SecurityUtils.getTokenStore(message)
);
properties.setCallbackHandler(callbackHandler);