You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by am...@apache.org on 2012/03/01 10:54:07 UTC
svn commit: r1295489 [3/5] - in /axis/axis2/java/rampart/branches/1_6: ./
modules/rampart-core/src/main/java/org/apache/rampart/
modules/rampart-core/src/main/java/org/apache/rampart/builder/
modules/rampart-core/src/main/java/org/apache/rampart/handle...
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java Thu Mar 1 09:54:05 2012
@@ -34,6 +34,7 @@ import org.apache.rampart.RampartEngine;
import org.apache.rampart.RampartException;
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
@@ -41,7 +42,6 @@ import org.apache.ws.security.handler.WS
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
-import java.util.Vector;
import javax.xml.namespace.QName;
@@ -87,7 +87,7 @@ public class RampartReceiver implements
}
RampartEngine engine = new RampartEngine();
- Vector wsResult = null;
+ List<WSSecurityEngineResult> wsResult = null;
try {
wsResult = engine.process(msgContext);
@@ -103,10 +103,10 @@ public class RampartReceiver implements
return InvocationResponse.CONTINUE;
}
- Vector results = null;
- if ((results = (Vector) msgContext
+ List<WSHandlerResult> results = null;
+ if ((results = (List<WSHandlerResult>) msgContext
.getProperty(WSHandlerConstants.RECV_RESULTS)) == null) {
- results = new Vector();
+ results = new ArrayList<WSHandlerResult>();
msgContext.setProperty(WSHandlerConstants.RECV_RESULTS, results);
}
WSHandlerResult rResult = new WSHandlerResult("", wsResult);
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllReceiver.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllReceiver.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllReceiver.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllReceiver.java Thu Mar 1 09:54:05 2012
@@ -32,10 +32,8 @@ import org.apache.commons.logging.LogFac
import org.apache.rampart.RampartConstants;
import org.apache.rampart.util.Axis2Util;
import org.apache.rampart.util.HandlerParameterDecoder;
-import org.apache.ws.security.SOAPConstants;
-import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSSecurityEngineResult;
-import org.apache.ws.security.WSSecurityException;
+import org.apache.rampart.util.RampartUtil;
+import org.apache.ws.security.*;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
@@ -47,8 +45,9 @@ import javax.security.auth.callback.Call
import javax.xml.namespace.QName;
import java.security.cert.X509Certificate;
+import java.util.ArrayList;
import java.util.Iterator;
-import java.util.Vector;
+import java.util.List;
/**
* @deprecated
@@ -114,6 +113,9 @@ public class WSDoAllReceiver extends WSD
throw new AxisFault("Configuration error", e);
}
+ // Retrieves signature crypto and set it to decryption crypto
+ RampartUtil.setDecryptionCrypto(msgContext);
+
reqData.setMsgContext(msgContext);
if (((getOption(WSSHandlerConstants.INFLOW_SECURITY)) == null) &&
@@ -131,7 +133,7 @@ public class WSDoAllReceiver extends WSD
}
}
- Vector actions = new Vector();
+ List<java.lang.Integer> actions = new ArrayList<Integer>();
String action = null;
if ((action = (String) getOption(WSSHandlerConstants.ACTION_ITEMS)) == null) {
action = (String) getProperty(msgContext,
@@ -172,7 +174,7 @@ public class WSDoAllReceiver extends WSD
*/
CallbackHandler cbHandler = null;
if ((doAction & (WSConstants.ENCR | WSConstants.UT)) != 0) {
- cbHandler = getPasswordCB(reqData);
+ cbHandler = getPasswordCallbackHandler(reqData);
}
// Copy the WSHandlerConstants.SEND_SIGV over to the new message
@@ -206,7 +208,7 @@ public class WSDoAllReceiver extends WSD
doReceiverAction(doAction, reqData);
- Vector wsResult = null;
+ List<WSSecurityEngineResult> wsResult = null;
try {
wsResult = secEngine.processSecurityHeader(doc, actor, cbHandler,
reqData.getSigCrypto(), reqData.getDecCrypto());
@@ -280,15 +282,17 @@ public class WSDoAllReceiver extends WSD
* implementations with other validation algorithms for subclasses.
*/
- // Extract the signature action result from the action vector
+ // Extract the signature action result from the action list
WSSecurityEngineResult actionResult = WSSecurityUtil.fetchActionResult(
wsResult, WSConstants.SIGN);
if (actionResult != null) {
- X509Certificate returnCert = actionResult.getCertificate();
+ X509Certificate returnCert = (X509Certificate)actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
if (returnCert != null) {
- if (!verifyTrust(returnCert, reqData)) {
+ CertificateValidator certificateValidator = new CertificateValidator();
+
+ if (!certificateValidator.validateCertificate(returnCert, reqData.getSigCrypto())) {
throw new AxisFault(
"WSDoAllReceiver: The certificate used for the signature is not trusted");
}
@@ -305,12 +309,12 @@ public class WSDoAllReceiver extends WSD
* implementations with other validation algorithms for subclasses.
*/
- // Extract the timestamp action result from the action vector
+ // Extract the timestamp action result from the action list
actionResult = WSSecurityUtil.fetchActionResult(wsResult,
WSConstants.TS);
if (actionResult != null) {
- Timestamp timestamp = actionResult.getTimestamp();
+ Timestamp timestamp = (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
if (timestamp != null) {
String ttl = null;
@@ -330,7 +334,8 @@ public class WSDoAllReceiver extends WSD
ttl_i = reqData.getTimeToLive();
}
- if (!verifyTimestamp(timestamp, ttl_i)) {
+ // TODO configure future time to live
+ if (!timestamp.verifyCreated(ttl_i, 60)) {
throw new AxisFault(
"WSDoAllReceiver: The timestamp could not be validated");
}
@@ -351,10 +356,10 @@ public class WSDoAllReceiver extends WSD
* DoAllSender will use this in certain situations such as:
* USE_REQ_SIG_CERT to encrypt
*/
- Vector results = null;
- if ((results = (Vector) getProperty(msgContext,
+ List<WSHandlerResult> results = null;
+ if ((results = (List<WSHandlerResult>) getProperty(msgContext,
WSHandlerConstants.RECV_RESULTS)) == null) {
- results = new Vector();
+ results = new ArrayList<WSHandlerResult>();
msgContext.setProperty(WSHandlerConstants.RECV_RESULTS, results);
}
WSHandlerResult rResult = new WSHandlerResult(actor, wsResult);
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllSender.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllSender.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllSender.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSDoAllSender.java Thu Mar 1 09:54:05 2012
@@ -28,6 +28,7 @@ import org.apache.rampart.RampartConstan
import org.apache.rampart.util.Axis2Util;
import org.apache.rampart.util.HandlerParameterDecoder;
import org.apache.rampart.util.MessageOptimizer;
+import org.apache.rampart.util.RampartUtil;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
@@ -35,7 +36,8 @@ import org.apache.ws.security.handler.WS
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
-import java.util.Vector;
+import java.util.ArrayList;
+import java.util.List;
/**
* @deprecated
@@ -44,12 +46,17 @@ public class WSDoAllSender extends WSDoA
private static final Log log = LogFactory.getLog(WSDoAllSender.class);
private static Log mlog = LogFactory.getLog(RampartConstants.MESSAGE_LOG);
+
+ // TODO can we get rid of this ?
+ private static final String SND_SECURITY = "SND_SECURITY";
public WSDoAllSender() {
super();
inHandler = false;
}
+
+
public void processMessage(MessageContext msgContext) throws AxisFault {
@@ -57,8 +64,9 @@ public class WSDoAllSender extends WSDoA
WSSHandlerConstants.USE_DOOM);
boolean useDoom = useDoomValue != null
&& Constants.VALUE_TRUE.equalsIgnoreCase(useDoomValue);
-
+
RequestData reqData = new RequestData();
+
try {
//If the msgs are msgs to an STS then use basic WS-Sec
processBasic(msgContext, useDoom, reqData);
@@ -95,6 +103,9 @@ public class WSDoAllSender extends WSDoA
} catch (Exception e) {
throw new AxisFault("Configureation error", e);
}
+
+ // If encryption crypto is not already set use signatureCrypto as encryption crypto.
+ RampartUtil.setEncryptionCrypto(msgContext);
if (doDebug) {
log.debug("WSDoAllSender: enter invoke()");
@@ -132,7 +143,7 @@ public class WSDoAllSender extends WSDoA
}
}
- Vector actions = new Vector();
+ List<Integer> actions = new ArrayList<Integer>();
String action = null;
if ((action = (String) getOption(WSSHandlerConstants.ACTION_ITEMS)) == null) {
action = (String) getProperty(msgContext, WSSHandlerConstants.ACTION_ITEMS);
@@ -189,15 +200,15 @@ public class WSDoAllSender extends WSDoA
* a chained handler.
*/
if ((doc = (Document) ((MessageContext)reqData.getMsgContext())
- .getProperty(WSHandlerConstants.SND_SECURITY)) == null) {
+ .getProperty(SND_SECURITY)) == null) {
try {
doc = Axis2Util.getDocumentFromSOAPEnvelope(msgContext.getEnvelope(), useDoom);
} catch (WSSecurityException wssEx) {
throw new AxisFault("WSDoAllReceiver: Error in converting to Document", wssEx);
}
}
-
-
+
+
doSenderAction(doAction, doc, reqData, actions, !msgContext.isServerSide());
/*
@@ -209,7 +220,7 @@ public class WSDoAllSender extends WSDoA
*
*/
if (reqData.isNoSerialization()) {
- ((MessageContext)reqData.getMsgContext()).setProperty(WSHandlerConstants.SND_SECURITY,
+ ((MessageContext)reqData.getMsgContext()).setProperty(SND_SECURITY,
doc);
} else {
if(useDoom) {
@@ -217,7 +228,7 @@ public class WSDoAllSender extends WSDoA
} else {
msgContext.setEnvelope(Axis2Util.getSOAPEnvelopeFromDOMDocument(doc, useDoom));
}
- ((MessageContext)reqData.getMsgContext()).setProperty(WSHandlerConstants.SND_SECURITY, null);
+ ((MessageContext)reqData.getMsgContext()).setProperty(SND_SECURITY, null);
}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/InflowConfiguration.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/InflowConfiguration.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/InflowConfiguration.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/InflowConfiguration.java Thu Mar 1 09:54:05 2012
@@ -177,5 +177,26 @@ public class InflowConfiguration {
return (String) this.action
.get(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION);
}
+
+ /**
+ * This will set whether request or response evaluation should adhere to "Basic Security Profile"
+ * @param value true if evaluation should adhere to "Basic Security Profile" else false. Default is true.
+ */
+ public void setBSPCompliant(boolean value) {
+ this.action.put(
+ WSHandlerConstants.IS_BSP_COMPLIANT, value?"true":"false");
+ }
+
+
+ /**
+ * Gets whether security processing is configured to handle BSP compliant manner.
+ * "true" or "false"
+ * @return Returns "true" or "false".
+ */
+ public String getBSPCompliant() {
+ return (String) this.action
+ .get(WSHandlerConstants.IS_BSP_COMPLIANT);
+ }
+
}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/OutflowConfiguration.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/OutflowConfiguration.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/OutflowConfiguration.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/handler/config/OutflowConfiguration.java Thu Mar 1 09:54:05 2012
@@ -583,6 +583,27 @@ public class OutflowConfiguration {
return (String) this.actionList[this.currentAction]
.get(WSSHandlerConstants.PRESERVE_ORIGINAL_ENV);
}
+
+ /**
+ * This will set whether request or response evaluation should adhere to "Basic Security Profile"
+ * @param value true if evaluation should adhere to "Basic Security Profile" else false. Default is true.
+ */
+ public void setBSPCompliant(boolean value) {
+ this.actionList[this.currentAction].put(
+ WSHandlerConstants.IS_BSP_COMPLIANT, value?"true":"false");
+ }
+
+
+ /**
+ * Gets whether security processing is configured to handle BSP compliant manner.
+ * "true" or "false"
+ * @return Returns "true" or "false".
+ */
+ public String getBSPCompliant() {
+ return (String) this.actionList[this.currentAction]
+ .get(WSHandlerConstants.IS_BSP_COMPLIANT);
+ }
+
public void setSignAllHeadersAndBody() {
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java Thu Mar 1 09:54:05 2012
@@ -32,7 +32,9 @@ import org.apache.ws.secpolicy.model.Wss
import org.apache.ws.secpolicy.model.Wss11;
import org.apache.ws.security.WSEncryptionPart;
+import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
import java.util.Vector;
public class RampartPolicyData {
@@ -112,18 +114,19 @@ public class RampartPolicyData {
private boolean signAllHeaders;
- private Vector signedParts = new Vector();
+ private List<WSEncryptionPart> signedParts = new ArrayList<WSEncryptionPart>();
- private Vector signedElements = new Vector();
+ private List<String> signedElements = new ArrayList<String>();
- private Vector encryptedParts = new Vector();
+ private List<WSEncryptionPart> encryptedParts = new ArrayList<WSEncryptionPart>();
- private Vector encryptedElements = new Vector();
+ private List<String> encryptedElements = new ArrayList<String>();
- private Vector requiredElements = new Vector();
-
- private Vector contentEncryptedElements = new Vector();
+ private List<String> requiredElements = new ArrayList<String>();
+ private List<String> contentEncryptedElements = new ArrayList<String>();
+
+ //TODO make this strongly type attribute
private HashMap declaredNamespaces = new HashMap();
/*
@@ -153,19 +156,19 @@ public class RampartPolicyData {
private Trust10 trust10;
- private HashMap supportingTokensIdMap;
- private HashMap signedSupportingTokensIdMap;
- private HashMap endorsingSupportingTokensIdMap;
- private HashMap signedEndorsingSupportingTokensIdMap;
+ private HashMap<Token,String> supportingTokensIdMap;
+ private HashMap<Token,String> signedSupportingTokensIdMap;
+ private HashMap<Token,String> endorsingSupportingTokensIdMap;
+ private HashMap<Token,String> signedEndorsingSupportingTokensIdMap;
private Wss10 wss10;
private Wss11 wss11;
private Policy issuerPolicy;
- private Vector supportingPolicyData = new Vector();
+ private List<SupportingPolicyData> supportingPolicyData = new ArrayList<SupportingPolicyData>();
- private Vector supportingTokens = new Vector();
+ private List<SupportingToken> supportingTokens = new ArrayList<SupportingToken>();
@@ -177,7 +180,7 @@ public class RampartPolicyData {
this.webServiceSecurityPolicyNS = webServiceSecurityPolicyNS;
}
- public Vector getSupportingPolicyData() {
+ public List<SupportingPolicyData> getSupportingPolicyData() {
return supportingPolicyData;
}
@@ -363,7 +366,7 @@ public class RampartPolicyData {
/**
* @return Returns the encryptedElements.
*/
- public Vector getEncryptedElements() {
+ public List<String> getEncryptedElements() {
return encryptedElements;
}
@@ -379,13 +382,12 @@ public class RampartPolicyData {
/**
* @return Returns the requiredElements.
*/
- public Vector getRequiredElements() {
+ public List<String> getRequiredElements() {
return requiredElements;
}
/**
- * @param requiredElements
- * The Required Element (XPath) to set.
+ * @param reqElement The Required Element (XPath) to set.
*/
public void setRequiredElements(String reqElement) {
requiredElements.add(reqElement);
@@ -394,7 +396,7 @@ public class RampartPolicyData {
/**
* @return Returns the contentEncryptedElements.
*/
- public Vector getContentEncryptedElements() {
+ public List<String> getContentEncryptedElements() {
return contentEncryptedElements;
}
@@ -410,7 +412,7 @@ public class RampartPolicyData {
/**
* @return Returns the encryptedParts.
*/
- public Vector getEncryptedParts() {
+ public List<WSEncryptionPart> getEncryptedParts() {
return encryptedParts;
}
@@ -506,7 +508,7 @@ public class RampartPolicyData {
/**
* @return Returns the signedElements.
*/
- public Vector getSignedElements() {
+ public List<String> getSignedElements() {
return signedElements;
}
@@ -522,7 +524,7 @@ public class RampartPolicyData {
/**
* @return Returns the signedParts.
*/
- public Vector getSignedParts() {
+ public List<WSEncryptionPart> getSignedParts() {
return signedParts;
}
@@ -551,7 +553,7 @@ public class RampartPolicyData {
signedParts.add(part);
}
- public void setSignedParts(Vector signedParts) {
+ public void setSignedParts(List<WSEncryptionPart> signedParts) {
this.signedParts = signedParts;
}
@@ -726,13 +728,13 @@ public class RampartPolicyData {
/**
* @return Returns the supportingTokenList.
*/
- public Vector getSupportingTokensList() {
+ public List<SupportingToken> getSupportingTokensList() {
return supportingTokens;
}
public SupportingToken getSupportingTokens() {
if (supportingTokens.size() > 0) {
- return (SupportingToken) supportingTokens.get(0);
+ return supportingTokens.get(0);
} else {
return null;
}
@@ -837,32 +839,32 @@ public class RampartPolicyData {
*/
public void setSupporttingtokenId(Token token, String id, int type) throws RampartException {
- HashMap tokenMap = null;
+ HashMap<Token,String> tokenMap = null;
switch (type) {
case SPConstants.SUPPORTING_TOKEN_SUPPORTING:
if(this.supportingTokensIdMap == null) {
- this.supportingTokensIdMap = new HashMap();
+ this.supportingTokensIdMap = new HashMap<Token,String>();
}
tokenMap = this.supportingTokensIdMap;
break;
case SPConstants.SUPPORTING_TOKEN_SIGNED:
if(this.signedSupportingTokensIdMap == null) {
- this.signedSupportingTokensIdMap = new HashMap();
+ this.signedSupportingTokensIdMap = new HashMap<Token,String>();
}
tokenMap = this.signedSupportingTokensIdMap;
break;
case SPConstants.SUPPORTING_TOKEN_ENDORSING:
if(this.endorsingSupportingTokensIdMap == null) {
- this.endorsingSupportingTokensIdMap = new HashMap();
+ this.endorsingSupportingTokensIdMap = new HashMap<Token,String>();
}
tokenMap = this.endorsingSupportingTokensIdMap;
break;
case SPConstants.SUPPORTING_TOKEN_SIGNED_ENDORSING:
if(this.signedEndorsingSupportingTokensIdMap == null) {
- this.signedEndorsingSupportingTokensIdMap = new HashMap();
+ this.signedEndorsingSupportingTokensIdMap = new HashMap<Token,String>();
}
tokenMap = this.signedEndorsingSupportingTokensIdMap;
break;
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java Thu Mar 1 09:54:05 2012
@@ -16,10 +16,7 @@
package org.apache.rampart.policy.model;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Vector;
+import java.util.*;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
@@ -41,11 +38,11 @@ public class OptimizePartsConfig impleme
public final static String PREFIX_ATTR = "prefix";
private Map namespaces = null;
- private Vector expressions = null;
+ private List<String> expressions = null;
public OptimizePartsConfig(){
namespaces = new HashMap();
- expressions = new Vector();
+ expressions = new ArrayList<String>();
}
public void addExpression(String expression){
@@ -56,7 +53,7 @@ public class OptimizePartsConfig impleme
namespaces.put(prefix, ns);
}
- public Vector getExpressions() {
+ public List<String> getExpressions() {
return expressions;
}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML1AssertionHandler.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML1AssertionHandler.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML1AssertionHandler.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML1AssertionHandler.java Thu Mar 1 09:54:05 2012
@@ -21,8 +21,10 @@ import org.apache.rahas.RahasConstants;
import org.apache.rahas.TrustException;
import org.apache.rahas.impl.util.SAMLUtils;
import org.apache.rampart.TokenCallbackHandler;
+import org.apache.ws.security.WSDocInfo;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.saml.SAMLKeyInfo;
import org.apache.ws.security.saml.SAMLUtil;
import org.opensaml.saml1.core.Assertion;
@@ -68,9 +70,15 @@ public class SAML1AssertionHandler exten
public byte[] getAssertionKeyInfoSecret(Crypto signatureCrypto, TokenCallbackHandler tokenCallbackHandler)
throws WSSecurityException {
+ RequestData requestData = new RequestData();
+ requestData.setCallbackHandler(tokenCallbackHandler);
+ requestData.setSigCrypto(signatureCrypto);
+
+ WSDocInfo docInfo = new WSDocInfo(assertion.getDOM().getOwnerDocument()); // TODO Improve ..
+
// TODO change this to use SAMLAssertion parameter once wss4j conversion is done ....
- SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion.getDOM(),
- signatureCrypto, tokenCallbackHandler);
+ SAMLKeyInfo samlKi = SAMLUtil.getCredentialFromSubject(assertion,
+ requestData, docInfo, true);
return samlKi.getSecret();
}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/MessageOptimizer.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/MessageOptimizer.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/MessageOptimizer.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/MessageOptimizer.java Thu Mar 1 09:54:05 2012
@@ -31,7 +31,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
-import java.util.Vector;
/**
* Utility class to handle MTOM-Optimizing Base64 Text values
@@ -40,7 +39,7 @@ public class MessageOptimizer {
private static final String CIPHER_ELEMENT = "//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue";
- public static void optimize(SOAPEnvelope env, Vector expressions, Map namespaces) throws RampartException {
+ public static void optimize(SOAPEnvelope env, List<String> expressions, Map namespaces) throws RampartException {
SimpleNamespaceContext nsCtx = new SimpleNamespaceContext();
nsCtx.addNamespace(WSConstants.ENC_PREFIX,WSConstants.ENC_NS);
@@ -56,18 +55,16 @@ public class MessageOptimizer {
}
try {
- for(int i=0; i<expressions.size(); i++){
- String exp = (String)expressions.get(i);
- XPath xp = new AXIOMXPath(exp);
- xp.setNamespaceContext(nsCtx);
- List list = xp.selectNodes(env);
- Iterator elements = list.iterator();
- while (elements.hasNext()) {
- OMElement element = (OMElement) elements.next();
- OMText text = (OMText)element.getFirstOMChild();
- text.setOptimize(true);
- }
- }
+ for (String exp : expressions) {
+ XPath xp = new AXIOMXPath(exp);
+ xp.setNamespaceContext(nsCtx);
+ List list = xp.selectNodes(env);
+ for (Object aList : list) {
+ OMElement element = (OMElement) aList;
+ OMText text = (OMText) element.getFirstOMChild();
+ text.setOptimize(true);
+ }
+ }
} catch (JaxenException e) {
throw new RampartException("Error in XPath ", e);
}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java Thu Mar 1 09:54:05 2012
@@ -240,12 +240,8 @@ public class RampartUtil {
}
return null;
-
-
}
-
-
-
+
/**
* Perform a callback to get a password.
* <p/>
@@ -331,7 +327,8 @@ public class RampartUtil {
if (crypto == null) {
// cache miss
- crypto = CryptoFactory.getInstance(prop, loader);
+ crypto = createCrypto(prop, loader);
+
if (cryptoKey != null) {
// Crypto caching is enabled - cache the Crypto object
cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
@@ -343,6 +340,16 @@ public class RampartUtil {
}
return crypto;
}
+
+ private static Crypto createCrypto(Properties properties, ClassLoader classLoader) throws RampartException {
+
+ try {
+ return CryptoFactory.getInstance(properties, classLoader);
+ } catch (WSSecurityException e) {
+ log.error("Error loading crypto properties.", e);
+ throw new RampartException("cannotCrateCryptoInstance", e);
+ }
+ }
/**
* Create the <code>Crypto</code> instance for signature using information
@@ -387,7 +394,7 @@ public class RampartUtil {
if (crypto == null) {
// cache miss
- crypto = CryptoFactory.getInstance(prop, loader);
+ crypto = createCrypto(prop, loader);
if (cryptoKey != null) {
// cache enabled - let's cache
cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
@@ -859,10 +866,10 @@ public class RampartUtil {
}
- public static Vector getEncryptedParts(RampartMessageData rmd) {
+ public static List<WSEncryptionPart> getEncryptedParts(RampartMessageData rmd) {
RampartPolicyData rpd = rmd.getPolicyData();
SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
- Vector encryptedPartsElements = getPartsAndElements(false, envelope,
+ List<WSEncryptionPart> encryptedPartsElements = getPartsAndElements(false, envelope,
rpd.isEncryptBody() && !rpd.isEncryptBodyOptional(), rpd
.getEncryptedParts(), rpd.getEncryptedElements(), rpd
.getDeclaredNamespaces());
@@ -870,7 +877,7 @@ public class RampartUtil {
rpd.getContentEncryptedElements(), rpd.getDeclaredNamespaces());
}
- public static Vector getSignedParts(RampartMessageData rmd) {
+ public static List<WSEncryptionPart> getSignedParts(RampartMessageData rmd) {
RampartPolicyData rpd = rmd.getPolicyData();
SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
@@ -891,7 +898,7 @@ public class RampartUtil {
.getSignedElements(), rpd.getDeclaredNamespaces());
}
- public static Vector getSupportingEncryptedParts(RampartMessageData rmd,
+ public static List<WSEncryptionPart> getSupportingEncryptedParts(RampartMessageData rmd,
SupportingPolicyData rpd) {
SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
return getPartsAndElements(false, envelope, rpd.isEncryptBody()
@@ -899,7 +906,7 @@ public class RampartUtil {
.getEncryptedElements(), rpd.getDeclaredNamespaces());
}
- public static Vector getSupportingSignedParts(RampartMessageData rmd,
+ public static List<WSEncryptionPart> getSupportingSignedParts(RampartMessageData rmd,
SupportingPolicyData rpd) {
SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
return getPartsAndElements(true, envelope, rpd.isSignBody()
@@ -909,53 +916,49 @@ public class RampartUtil {
public static Set findAllPrefixNamespaces(OMElement currentElement, HashMap decNamespacess)
{
- Set results = new HashSet();
+ Set<OMNamespace> results = new HashSet<OMNamespace>();
//Find declared namespaces
findPrefixNamespaces(currentElement,results);
//Get all default namespaces
List defaultNamespaces = getDefaultPrefixNamespaces(currentElement.getOMFactory());
- for (Iterator iterator = defaultNamespaces.iterator(); iterator
- .hasNext();) {
- OMNamespace ns = (OMNamespace) iterator.next();
+ for (Object defaultNamespace : defaultNamespaces) {
+ OMNamespace ns = (OMNamespace) defaultNamespace;
results.add(ns);
}
-
- for ( Iterator iterator = decNamespacess.keySet().iterator(); iterator.hasNext();) {
- String prefix = (String) iterator.next();
- String ns = (String) decNamespacess.get(prefix);
- OMFactory omFactory = currentElement.getOMFactory();
- OMNamespace namespace = omFactory.createOMNamespace(ns, prefix);
- results.add(namespace);
-
- }
+
+ for (Object o : decNamespacess.keySet()) {
+ String prefix = (String) o;
+ String ns = (String) decNamespacess.get(prefix);
+ OMFactory omFactory = currentElement.getOMFactory();
+ OMNamespace namespace = omFactory.createOMNamespace(ns, prefix);
+ results.add(namespace);
+
+ }
return results;
}
-
- private static void findPrefixNamespaces(OMElement e, Set results)
- {
-
- Iterator iter = e.getAllDeclaredNamespaces();
-
- if (iter!=null)
- {
- while (iter.hasNext())
- results.add(iter.next());
- }
-
- Iterator children = e.getChildElements();
-
- while (children.hasNext())
- {
- findPrefixNamespaces((OMElement)children.next(), results);
- }
+
+ private static void findPrefixNamespaces(OMElement e, Set<OMNamespace> results) {
+
+ Iterator iterator = e.getAllDeclaredNamespaces();
+
+ if (iterator != null) {
+ while (iterator.hasNext())
+ results.add((OMNamespace)iterator.next());
+ }
+
+ Iterator children = e.getChildElements();
+
+ while (children.hasNext()) {
+ findPrefixNamespaces((OMElement) children.next(), results);
+ }
}
private static List getDefaultPrefixNamespaces(OMFactory factory)
{
- List namespaces = new ArrayList();
+ List<OMNamespace> namespaces = new ArrayList<OMNamespace>();
// put default namespaces here (sp, soapenv, wsu, etc...)
namespaces.add(factory.createOMNamespace(WSConstants.ENC_NS, WSConstants.ENC_PREFIX));
@@ -967,72 +970,119 @@ public class RampartUtil {
}
- public static Vector getContentEncryptedElements (Vector encryptedPartsElements, SOAPEnvelope envelope,Vector elements, HashMap decNamespaces ) {
+ public static List<WSEncryptionPart> getContentEncryptedElements (List<WSEncryptionPart> encryptedPartsElements,
+ SOAPEnvelope envelope,List<String> elements, HashMap decNamespaces ) {
Set namespaces = findAllPrefixNamespaces(envelope, decNamespaces);
-
- Iterator elementsIter = elements.iterator();
- while (elementsIter.hasNext())
- {
- String expression = (String)elementsIter.next();
- try {
- XPath xp = new AXIOMXPath(expression);
- Iterator nsIter = namespaces.iterator();
-
- while (nsIter.hasNext())
- {
- OMNamespace tmpNs = (OMNamespace)nsIter.next();
- xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
- }
-
- List selectedNodes = xp.selectNodes(envelope);
-
- Iterator nodesIter = selectedNodes.iterator();
-
- while (nodesIter.hasNext())
- {
- OMElement e = (OMElement)nodesIter.next();
-
- String localName = e.getLocalName();
- String namespace = e.getNamespace() != null ? e.getNamespace().getNamespaceURI() : null;
-
- WSEncryptionPart encryptedElem = new WSEncryptionPart(localName, namespace,
- "Content", WSConstants.PART_TYPE_ELEMENT);
-
- encryptedElem.setXpath(expression);
- OMAttribute wsuId = e.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
-
- if ( wsuId != null ) {
- encryptedElem.setEncId(wsuId.getAttributeValue());
- }
-
- encryptedPartsElements.add(encryptedElem);
-
- }
-
- } catch (JaxenException e) {
- // This has to be changed to propagate an instance of a RampartException up
- throw new RuntimeException(e);
- }
+
+ for (String expression : elements) {
+ try {
+ XPath xp = new AXIOMXPath(expression);
+
+ for (Object objectNamespace : namespaces) {
+ OMNamespace tmpNs = (OMNamespace) objectNamespace;
+ xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
+ }
+
+ List selectedNodes = xp.selectNodes(envelope);
+
+ for (Object selectedNode : selectedNodes) {
+ OMElement e = (OMElement) selectedNode;
+
+ String localName = e.getLocalName();
+ String namespace = e.getNamespace() != null ? e.getNamespace().getNamespaceURI() : null;
+
+ OMAttribute wsuIdAttribute = e.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
+
+ String wsuId = null;
+ if (wsuIdAttribute != null) {
+ wsuId = wsuIdAttribute.getAttributeValue();
+ }
+
+ encryptedPartsElements.add(createEncryptionPart(localName,
+ wsuId, namespace, "Content", expression));
+
+ }
+
+ } catch (JaxenException e) {
+ // This has to be changed to propagate an instance of a RampartException up
+ throw new RuntimeException(e);
+ }
}
return encryptedPartsElements;
}
+
+
+ /**
+ * Creates an Encryption or Signature paert with given name and id. Name must not be null.
+ * @param name The name of the part
+ * @param id The id of the part.
+ * @return WSEncryptionPart.
+ */
+ public static WSEncryptionPart createEncryptionPart (String name, String id) {
+
+ return createEncryptionPart(name, id, null, null, null);
+ }
+
+ /**
+ * Creates an encryption part. Could be a part or could be an element pointed through xpath expression.
+ * @param name Name of the element.
+ * @param id The id of the element
+ * @param namespace Namespace of the element.
+ * @param modifier Modifier "Content" or "Element"
+ * @return A WSEncryptionPart
+ */
+ public static WSEncryptionPart createEncryptionPart(String name, String id,
+ String namespace, String modifier) {
+
+ return createEncryptionPart(name, id, namespace, modifier, null);
+ }
+
+ /**
+ * Creates an encryption part. Could be a part or could be an element pointed through xpath expression.
+ * @param name Name of the element.
+ * @param id The id of the element
+ * @param namespace Namespace of the element.
+ * @param modifier Modifier "Content" or "Element"
+ * @param xPath The xPath expression
+ * @return A WSEncryptionPart
+ */
+ public static WSEncryptionPart createEncryptionPart(String name, String id,
+ String namespace, String modifier,String xPath) {
+
+ // The part name must not be null !!
+ assert name != null;
+
+ WSEncryptionPart wsEncryptionPart = new WSEncryptionPart(name, namespace, modifier);
+ wsEncryptionPart.setId(id);
+ wsEncryptionPart.setXpath(xPath);
+
+ return wsEncryptionPart;
+ }
- public static Vector getPartsAndElements(boolean sign, SOAPEnvelope envelope, boolean includeBody, Vector parts, Vector elements, HashMap decNamespaces) {
+ public static List<WSEncryptionPart> getPartsAndElements(boolean sign, SOAPEnvelope envelope, boolean includeBody,
+ List<WSEncryptionPart> parts, List<String> elements,
+ HashMap decNamespaces) {
- Vector found = new Vector();
- Vector result = new Vector();
+ List<OMElement> found = new ArrayList<OMElement>();
+ List<WSEncryptionPart> result = new ArrayList<WSEncryptionPart>();
// check body
if(includeBody) {
+
+ String wsuId = addWsuIdToElement(envelope.getBody());
+
if( sign ) {
- result.add(new WSEncryptionPart(addWsuIdToElement(envelope.getBody()),null,WSConstants.PART_TYPE_BODY));
+ result.add(createEncryptionPart(envelope.getBody().getLocalName(), wsuId,
+ null, null));
} else {
- result.add(new WSEncryptionPart(addWsuIdToElement(envelope.getBody()), "Content", WSConstants.PART_TYPE_BODY));
+ result.add(createEncryptionPart(envelope.getBody().getLocalName(), wsuId, null, "Content"));
}
+
+ // TODO can we remove this ?
found.add( envelope.getBody() );
}
@@ -1040,109 +1090,99 @@ public class RampartUtil {
SOAPHeader header = envelope.getHeader();
- for(int i=0; i<parts.size(); i++) {
- WSEncryptionPart wsep = (WSEncryptionPart) parts.get( i );
- if( wsep.getName() == null ) {
+ for (WSEncryptionPart part : parts) {
+ if (part.getName() == null) {
// NO name - search by namespace
- ArrayList headerList = header.getHeaderBlocksWithNSURI( wsep.getNamespace() );
-
- for(int j=0; j<headerList.size(); j++) {
- SOAPHeaderBlock shb = (SOAPHeaderBlock) headerList.get( j );
-
+ ArrayList headerList = header.getHeaderBlocksWithNSURI(part.getNamespace());
+
+ for (Object aHeaderList : headerList) {
+ SOAPHeaderBlock shb = (SOAPHeaderBlock) aHeaderList;
+
// find reference in envelope
- OMElement e = header.getFirstChildWithName( shb.getQName() );
-
- if( ! found.contains( e ) ) {
+ OMElement e = header.getFirstChildWithName(shb.getQName());
+
+ if (!found.contains(e)) {
// found new
- found.add( e );
-
- if( sign ) {
- result.add(new WSEncryptionPart(e.getLocalName(), wsep.getNamespace(), "Content", WSConstants.PART_TYPE_HEADER));
+ found.add(e);
+
+ if (sign) {
+ result.add(createEncryptionPart(e.getLocalName(), null,
+ part.getNamespace(), "Content"));
} else {
-
- WSEncryptionPart encryptedHeader = new WSEncryptionPart(e.getLocalName(), wsep.getNamespace(), "Element", WSConstants.PART_TYPE_HEADER);
- OMAttribute wsuId = e.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
-
- if ( wsuId != null ) {
- encryptedHeader.setEncId(wsuId.getAttributeValue());
+
+ OMAttribute wsuIdAttribute = e.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
+
+ String wsuId = null;
+ if (wsuIdAttribute != null) {
+ wsuId = wsuIdAttribute.getAttributeValue();
}
-
- result.add(encryptedHeader);
+
+ result.add(createEncryptionPart(e.getLocalName(),wsuId,
+ part.getNamespace(), "Element"));
}
- }
+ }
}
} else {
// try to find
- OMElement e = header.getFirstChildWithName( new QName(wsep.getNamespace(), wsep.getName()) );
- if( e != null ) {
- if( ! found.contains( e ) ) {
+ OMElement e = header.getFirstChildWithName(new QName(part.getNamespace(), part.getName()));
+ if (e != null) {
+ if (!found.contains(e)) {
// found new (reuse wsep)
- found.add( e );
- wsep.setType(WSConstants.PART_TYPE_HEADER);
+ found.add(e);
OMAttribute wsuId = e.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
-
- if ( wsuId != null ) {
- wsep.setEncId(wsuId.getAttributeValue());
+
+ if (wsuId != null) {
+ part.setEncId(wsuId.getAttributeValue());
}
-
- result.add( wsep );
+
+ result.add(part);
}
- }
- }
+ }
+ }
}
// ?? Search for 'Elements' here
// decide what exactly is going to be used - only the default namespaces, or the list of all declared namespaces in the message !
Set namespaces = findAllPrefixNamespaces(envelope, decNamespaces);
-
- Iterator elementsIter = elements.iterator();
- while (elementsIter.hasNext())
- {
- String expression = (String)elementsIter.next();
- try {
- XPath xp = new AXIOMXPath(expression);
- Iterator nsIter = namespaces.iterator();
-
- while (nsIter.hasNext())
- {
- OMNamespace tmpNs = (OMNamespace)nsIter.next();
- xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
- }
-
- List selectedNodes = xp.selectNodes(envelope);
-
- Iterator nodesIter = selectedNodes.iterator();
- while (nodesIter.hasNext())
- {
- OMElement e = (OMElement)nodesIter.next();
- String localName = e.getLocalName();
+
+ for (String expression : elements) {
+ try {
+ XPath xp = new AXIOMXPath(expression);
+
+ for (Object objectNamespace : namespaces) {
+ OMNamespace tmpNs = (OMNamespace) objectNamespace;
+ xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
+ }
+
+ List selectedNodes = xp.selectNodes(envelope);
+
+ for (Object selectedNode : selectedNodes) {
+ OMElement e = (OMElement) selectedNode;
+ String localName = e.getLocalName();
String namespace = e.getNamespace() != null ? e.getNamespace().getNamespaceURI() : null;
-
- if (sign) {
- WSEncryptionPart encryptedElem = new WSEncryptionPart(localName,namespace, "Content", WSConstants.PART_TYPE_ELEMENT);
- encryptedElem.setXpath(expression);
- result.add(encryptedElem);
+
+ if (sign) {
+
+ result.add(createEncryptionPart(localName, null, namespace, "Content", expression));
} else {
- WSEncryptionPart encryptedElem = new WSEncryptionPart(localName,namespace, "Element", WSConstants.PART_TYPE_ELEMENT);
- encryptedElem.setXpath(expression);
+ OMAttribute wsuIdAttribute = e.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
- OMAttribute wsuId = e.getAttribute(new QName(WSConstants.WSU_NS, "Id"));
-
- if ( wsuId != null ) {
- encryptedElem.setEncId(wsuId.getAttributeValue());
- }
-
- result.add(encryptedElem);
- }
- }
-
- } catch (JaxenException e) {
- // This has to be changed to propagate an instance of a RampartException up
- throw new RuntimeException(e);
- }
+ String wsuId = null;
+ if (wsuIdAttribute != null) {
+ wsuId = wsuIdAttribute.getAttributeValue();
+ }
+
+ result.add(createEncryptionPart(localName, wsuId, namespace, "Element", expression));
+ }
+ }
+
+ } catch (JaxenException e) {
+ // This has to be changed to propagate an instance of a RampartException up
+ throw new RuntimeException(e);
+ }
}
return result;
@@ -1155,35 +1195,32 @@ public class RampartUtil {
* @param expression XPATH expression of required elements
* @return
*/
- public static boolean checkRequiredElements(SOAPEnvelope envelope, HashMap decNamespaces, String expression ) {
+ public static boolean checkRequiredElements(SOAPEnvelope envelope, HashMap decNamespaces, String expression) {
// The XPath expression must be evaluated against the SOAP header
// http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html#_Toc161826519
SOAPHeader header = envelope.getHeader();
-
Set namespaces = findAllPrefixNamespaces(header, decNamespaces);
try {
- XPath xp = new AXIOMXPath(expression);
- Iterator nsIter = namespaces.iterator();
-
- while (nsIter.hasNext())
- {
- OMNamespace tmpNs = (OMNamespace)nsIter.next();
- xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
- }
-
- List selectedNodes = xp.selectNodes(header);
-
- if (selectedNodes.size() == 0 ) {
- return false;
- }
-
+ XPath xp = new AXIOMXPath(expression);
+
+ for (Object namespace : namespaces) {
+ OMNamespace tmpNs = (OMNamespace) namespace;
+ xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
+ }
+
+ List selectedNodes = xp.selectNodes(header);
+
+ if (selectedNodes.size() == 0) {
+ return false;
+ }
+
} catch (JaxenException e) {
- // This has to be changed to propagate an instance of a RampartException up
- throw new RuntimeException(e);
+ // This has to be changed to propagate an instance of a RampartException up
+ throw new RuntimeException(e);
}
-
+
return true;
}
@@ -1271,13 +1308,14 @@ public class RampartUtil {
throw new RampartException("missingEncryptionUser");
}
if(encrUser.equals(WSHandlerConstants.USE_REQ_SIG_CERT)) {
- Object resultsObj = rmd.getMsgContext().getProperty(WSHandlerConstants.RECV_RESULTS);
+ List<WSHandlerResult> resultsObj
+ = (List<WSHandlerResult>)rmd.getMsgContext().getProperty(WSHandlerConstants.RECV_RESULTS);
if(resultsObj != null) {
- encrKeyBuilder.setUseThisCert(getReqSigCert((Vector)resultsObj));
+ encrKeyBuilder.setUseThisCert(getReqSigCert(resultsObj));
//TODO This is a hack, this should not come under USE_REQ_SIG_CERT
if(encrKeyBuilder.isCertSet()) {
- encrKeyBuilder.setUserInfo(getUsername((Vector)resultsObj));
+ encrKeyBuilder.setUserInfo(getUsername(resultsObj));
}
@@ -1345,27 +1383,23 @@ public class RampartUtil {
}
}
- private static X509Certificate getReqSigCert(Vector results) {
+ private static X509Certificate getReqSigCert(List<WSHandlerResult> results) {
/*
* Scan the results for a matching actor. Use results only if the
* receiving Actor and the sending Actor match.
*/
- for (int i = 0; i < results.size(); i++) {
- WSHandlerResult rResult =
- (WSHandlerResult) results.get(i);
+ for (WSHandlerResult result : results) {
- Vector wsSecEngineResults = rResult.getResults();
+ List<WSSecurityEngineResult> wsSecEngineResults = result.getResults();
/*
* Scan the results for the first Signature action. Use the
* certificate of this Signature to set the certificate for the
* encryption action :-).
*/
- for (int j = 0; j < wsSecEngineResults.size(); j++) {
- WSSecurityEngineResult wser =
- (WSSecurityEngineResult) wsSecEngineResults.get(j);
- Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- if (actInt.intValue() == WSConstants.SIGN) {
- return (X509Certificate)wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+ for (WSSecurityEngineResult wsSecEngineResult : wsSecEngineResults) {
+ Integer actInt = (Integer) wsSecEngineResult.get(WSSecurityEngineResult.TAG_ACTION);
+ if (actInt == WSConstants.SIGN) {
+ return (X509Certificate) wsSecEngineResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
}
}
}
@@ -1374,85 +1408,74 @@ public class RampartUtil {
}
/**
- * Scan through <code>WSHandlerResult<code> vector for a Username token and return
+ * Scan through <code>WSHandlerResult<code> list for a Username token and return
* the username if a Username Token found
* @param results
* @return
*/
- public static String getUsername(Vector results) {
+ public static String getUsername(List<WSHandlerResult> results) {
/*
* Scan the results for a matching actor. Use results only if the
* receiving Actor and the sending Actor match.
*/
- for (int i = 0; i < results.size(); i++) {
- WSHandlerResult rResult =
- (WSHandlerResult) results.get(i);
-
- Vector wsSecEngineResults = rResult.getResults();
- /*
- * Scan the results for a username token. Use the username
- * of this token to set the alias for the encryption user
- */
- for (int j = 0; j < wsSecEngineResults.size(); j++) {
- WSSecurityEngineResult wser =
- (WSSecurityEngineResult) wsSecEngineResults.get(j);
- Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- if (actInt.intValue() == WSConstants.UT) {
- WSUsernameTokenPrincipal principal = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
- return principal.getName();
- }
- }
- }
+ for (WSHandlerResult result : results) {
+
+ List<WSSecurityEngineResult> wsSecEngineResults = result.getResults();
+ /*
+ * Scan the results for a username token. Use the username
+ * of this token to set the alias for the encryption user
+ */
+ for (WSSecurityEngineResult wsSecEngineResult : wsSecEngineResults) {
+ Integer actInt = (Integer) wsSecEngineResult.get(WSSecurityEngineResult.TAG_ACTION);
+ if (actInt == WSConstants.UT) {
+ WSUsernameTokenPrincipal principal = (WSUsernameTokenPrincipal) wsSecEngineResult.
+ get(WSSecurityEngineResult.TAG_PRINCIPAL);
+ return principal.getName();
+ }
+ }
+ }
return null;
- }
-
- public static String getRequestEncryptedKeyId(Vector results) {
-
- for (int i = 0; i < results.size(); i++) {
- WSHandlerResult rResult =
- (WSHandlerResult) results.get(i);
+ }
+
+ public static String getRequestEncryptedKeyId(List<WSHandlerResult> results) {
- Vector wsSecEngineResults = rResult.getResults();
+ for (WSHandlerResult result : results) {
+
+ List<WSSecurityEngineResult> wsSecEngineResults = result.getResults();
/*
* Scan the results for the first Signature action. Use the
* certificate of this Signature to set the certificate for the
* encryption action :-).
*/
- for (int j = 0; j < wsSecEngineResults.size(); j++) {
- WSSecurityEngineResult wser =
- (WSSecurityEngineResult) wsSecEngineResults.get(j);
- Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- String encrKeyId = (String)wser.get(WSSecurityEngineResult.TAG_ENCRYPTED_KEY_ID);
- if (actInt.intValue() == WSConstants.ENCR &&
+ for (WSSecurityEngineResult wsSecEngineResult : wsSecEngineResults) {
+ Integer actInt = (Integer) wsSecEngineResult.get(WSSecurityEngineResult.TAG_ACTION);
+ String encrKeyId = (String) wsSecEngineResult.get(WSSecurityEngineResult.TAG_ID);
+ if (actInt == WSConstants.ENCR &&
encrKeyId != null) {
return encrKeyId;
}
}
}
-
+
return null;
}
- public static byte[] getRequestEncryptedKeyValue(Vector results) {
-
- for (int i = 0; i < results.size(); i++) {
- WSHandlerResult rResult =
- (WSHandlerResult) results.get(i);
+ public static byte[] getRequestEncryptedKeyValue(List<WSHandlerResult> results) {
+
+ for (WSHandlerResult result : results) {
- Vector wsSecEngineResults = rResult.getResults();
+ List<WSSecurityEngineResult> wsSecEngineResults = result.getResults();
/*
* Scan the results for the first Signature action. Use the
* certificate of this Signature to set the certificate for the
* encryption action :-).
*/
- for (int j = 0; j < wsSecEngineResults.size(); j++) {
- WSSecurityEngineResult wser =
- (WSSecurityEngineResult) wsSecEngineResults.get(j);
- Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- byte[] decryptedKey = (byte[])wser.get(WSSecurityEngineResult.TAG_DECRYPTED_KEY);
- if (actInt.intValue() == WSConstants.ENCR &&
+ for (WSSecurityEngineResult wsSecEngineResult : wsSecEngineResults) {
+ Integer actInt = (Integer) wsSecEngineResult.get(WSSecurityEngineResult.TAG_ACTION);
+ byte[] decryptedKey = (byte[]) wsSecEngineResult.get(WSSecurityEngineResult.TAG_SECRET);
+ if (actInt == WSConstants.ENCR &&
decryptedKey != null) {
return decryptedKey;
}
@@ -1474,47 +1497,47 @@ public class RampartUtil {
*/
public static Element insertSiblingAfterOrPrepend(RampartMessageData rmd, Element child, Element elem) {
Element retElem = null;
- if(child != null){ // child is not null so insert sibling after
- retElem = RampartUtil.insertSiblingAfter(rmd, child, elem);
- }else{ //Prepend
- retElem = prependSecHeader(rmd, elem);
- }
-
- return retElem;
+ if (child != null) { // child is not null so insert sibling after
+ retElem = RampartUtil.insertSiblingAfter(rmd, child, elem);
+ } else { //Prepend
+ retElem = prependSecHeader(rmd, elem);
+ }
+
+ return retElem;
}
-
+
public static Element insertSiblingBeforeOrPrepend(RampartMessageData rmd, Element child, Element elem) {
Element retElem = null;
- if(child != null && child.getPreviousSibling() != null){
- retElem = RampartUtil.insertSiblingBefore(rmd, child, elem);
- }else{ //Prepend
- retElem = prependSecHeader(rmd, elem);
+ if (child != null && child.getPreviousSibling() != null) {
+ retElem = RampartUtil.insertSiblingBefore(rmd, child, elem);
+ } else { //Prepend
+ retElem = prependSecHeader(rmd, elem);
}
-
+
return retElem;
}
-
- private static Element prependSecHeader(RampartMessageData rmd, Element elem){
+
+ private static Element prependSecHeader(RampartMessageData rmd, Element elem) {
Element retElem = null;
-
+
Element secHeaderElem = rmd.getSecHeader().getSecurityHeader();
Node node = secHeaderElem.getOwnerDocument().importNode(
elem, true);
- Element firstElem = (Element)secHeaderElem.getFirstChild();
+ Element firstElem = (Element) secHeaderElem.getFirstChild();
- if(firstElem == null){
- retElem = (Element)secHeaderElem.appendChild(node);
- }else{
- if(firstElem.getOwnerDocument().equals(elem.getOwnerDocument())) {
- ((OMElement)firstElem).insertSiblingBefore((OMElement)elem);
+ if (firstElem == null) {
+ retElem = (Element) secHeaderElem.appendChild(node);
+ } else {
+ if (firstElem.getOwnerDocument().equals(elem.getOwnerDocument())) {
+ ((OMElement) firstElem).insertSiblingBefore((OMElement) elem);
retElem = elem;
- } else {
- Element newSib = (Element)firstElem.getOwnerDocument().importNode(elem, true);
- ((OMElement)firstElem).insertSiblingBefore((OMElement)newSib);
- retElem = newSib;
- }
+ } else {
+ Element newSib = (Element) firstElem.getOwnerDocument().importNode(elem, true);
+ ((OMElement) firstElem).insertSiblingBefore((OMElement) newSib);
+ retElem = newSib;
+ }
}
-
+
return retElem;
}
@@ -1548,10 +1571,9 @@ public class RampartUtil {
if (!initiator && inflow || initiator && !inflow ) {
- Vector supportingToks = rpd.getSupportingTokensList();
- for (int i = 0; i < supportingToks.size(); i++) {
- supportingTokens = (SupportingToken) supportingToks.get(i);
- if (supportingTokens != null && supportingTokens.getTokens().size() != 0) {
+ List<SupportingToken> supportingToks = rpd.getSupportingTokensList();
+ for (SupportingToken supportingTok : supportingToks) {
+ if (supportingTok != null && supportingTok.getTokens().size() != 0) {
return true;
}
}
@@ -1595,50 +1617,52 @@ public class RampartUtil {
return false;
}
-
- public static void handleEncryptedSignedHeaders(Vector encryptedParts, Vector signedParts, Document doc) {
-
+
+ public static void handleEncryptedSignedHeaders(List<WSEncryptionPart> encryptedParts,
+ List<WSEncryptionPart> signedParts, Document doc) {
+
//TODO Is there a more efficient way to do this ? better search algorithm
- for (int i = 0 ; i < signedParts.size() ; i++) {
- WSEncryptionPart signedPart = (WSEncryptionPart)signedParts.get(i);
-
+ for (WSEncryptionPart signedPart : signedParts) {
//This signed part is not a header
if (signedPart.getNamespace() == null || signedPart.getName() == null) {
continue;
}
-
- for (int j = 0 ; j < encryptedParts.size() ; j ++) {
- WSEncryptionPart encryptedPart = (WSEncryptionPart) encryptedParts.get(j);
-
- if (encryptedPart.getNamespace() == null || encryptedPart.getName() == null ) {
+
+ for (WSEncryptionPart encryptedPart : encryptedParts) {
+
+ if (encryptedPart.getNamespace() == null || encryptedPart.getName() == null) {
continue;
}
-
+
if (signedPart.getName().equals(encryptedPart.getName()) &&
signedPart.getNamespace().equals(encryptedPart.getNamespace())) {
-
- String encDataID = encryptedPart.getEncId();
- Element encDataElem = WSSecurityUtil.findElementById(doc.getDocumentElement(), encDataID, null);
-
+
+ String encDataID = encryptedPart.getEncId();
+
+ // TODO Do we need to go through the whole tree to find element by id ? Verify
+ Element encDataElem = WSSecurityUtil.findElementById(doc.getDocumentElement(), encDataID, false);
+
if (encDataElem != null) {
- Element encHeader = (Element)encDataElem.getParentNode();
+ Element encHeader = (Element) encDataElem.getParentNode();
String encHeaderId = encHeader.getAttributeNS(WSConstants.WSU_NS, "Id");
-
+
//For some reason the id might not be available
// so the part/element with empty/null id won't be recognized afterwards.
if (encHeaderId != null && !"".equals(encHeaderId.trim())) {
signedParts.remove(signedPart);
- WSEncryptionPart encHeaderToSign = new WSEncryptionPart(encHeaderId);
- signedParts.add(encHeaderToSign);
+
+ signedParts.add(createEncryptionPart(signedPart.getName(), encHeaderId,
+ signedPart.getNamespace(),
+ signedPart.getEncModifier(), signedPart.getXpath()));
}
-
+
}
}
}
-
-
+
+
}
-
+
}
public static String getSigElementId(RampartMessageData rmd) {
@@ -1682,7 +1706,7 @@ public class RampartUtil {
public static WSSConfig getWSSConfigInstance() {
- WSSConfig defaultWssConfig = WSSConfig.getDefaultWSConfig();
+ WSSConfig defaultWssConfig = WSSConfig.getNewInstance();
WSSConfig wssConfig = WSSConfig.getNewInstance();
wssConfig.setEnableSignatureConfirmation(defaultWssConfig.isEnableSignatureConfirmation());
@@ -1754,5 +1778,105 @@ public class RampartUtil {
}
+ /**
+ * Returns SAML10 Assertion namespace. As follows,
+ * http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
+ * @return SAML10 assertion namespace.
+ */
+ public static String getSAML10AssertionNamespace() {
+
+ StringBuilder stringBuilder = new StringBuilder(WSConstants.SAMLTOKEN_NS);
+ stringBuilder.append("#").append(WSConstants.SAML_ASSERTION_ID);
+
+ return stringBuilder.toString();
+
+ }
+
+ /**
+ * Sets encryption crypto file or crypto reference key to signature crypto file or signature
+ * crypto reference.
+ * @param msgContext The message context to get signature crypto properties and encryption properties
+ * will be set to same message context.
+ */
+ public static void setEncryptionCrypto(MessageContext msgContext) {
+ setEncryptionCryptoFileProperty(msgContext);
+ setEncryptionCryptoReferenceProperty(msgContext);
+ }
+
+ /**
+ * Sets decryption crypto file or crypto reference key to signature crypto file or signature
+ * crypto reference.
+ * @param msgContext The message context to get signature crypto properties and decryption properties
+ * will be set to same message context.
+ */
+ public static void setDecryptionCrypto(MessageContext msgContext) {
+ setDecryptionCryptoFileProperty(msgContext);
+ setDecryptionCryptoReferenceProperty(msgContext);
+ }
+
+ /**
+ * Sets encryption crypto property reference id.- WSHandlerConstants.ENC_PROP_REF_ID
+ * @param msgContext The message context.
+ */
+ private static void setEncryptionCryptoReferenceProperty (MessageContext msgContext) {
+ setCryptoProperty(msgContext, WSHandlerConstants.SIG_PROP_REF_ID, WSHandlerConstants.ENC_PROP_REF_ID);
+ }
+
+ /**
+ * Sets encryption crypto property file.- WSHandlerConstants.DEC_PROP_REF_ID
+ * @param msgContext The message context.
+ */
+ private static void setDecryptionCryptoReferenceProperty (MessageContext msgContext) {
+ setCryptoProperty(msgContext, WSHandlerConstants.SIG_PROP_REF_ID, WSHandlerConstants.DEC_PROP_REF_ID);
+ }
+
+ /**
+ * Sets encryption crypto property file.- WSHandlerConstants.ENC_PROP_FILE
+ * @param msgContext The message context.
+ */
+ private static void setEncryptionCryptoFileProperty (MessageContext msgContext) {
+ setCryptoProperty(msgContext, WSHandlerConstants.SIG_PROP_FILE, WSHandlerConstants.ENC_PROP_FILE);
+ }
+
+ /**
+ * Sets encryption crypto property file.- WSHandlerConstants.DEC_PROP_FILE
+ * @param msgContext The message context.
+ */
+ private static void setDecryptionCryptoFileProperty (MessageContext msgContext) {
+ setCryptoProperty(msgContext, WSHandlerConstants.SIG_PROP_FILE, WSHandlerConstants.DEC_PROP_FILE);
+ }
+
+ private static void setCryptoProperty(MessageContext msgContext, String signaturePropertyName,
+ String cryptoPropertyName){
+
+ /**
+ * Encryption Crypto is loaded using WSHandlerConstants.ENC_PROP_FILE. If this is not
+ * set in the message context set WSHandlerConstants.SIG_PROP_FILE as WSHandlerConstants.ENC_PROP_FILE.
+ */
+ if (msgContext.getProperty(cryptoPropertyName) == null) {
+
+
+ String signaturePropertyFile = (String)msgContext.getProperty(signaturePropertyName);
+
+ if (signaturePropertyFile == null) {
+
+ if (log.isDebugEnabled()) {
+ log.debug("Signature crypto property file is not set. Property file key - "
+ + WSHandlerConstants.SIG_PROP_FILE);
+ }
+ } else {
+ msgContext.setProperty(cryptoPropertyName, signaturePropertyFile);
+ }
+ }
+ }
+
+ /**
+ * Returns true if needed to encrypt first.
+ * @param rpd Rampart policy data
+ * @return true if policy says we need to encrypt first else false.
+ */
+ public static boolean encryptFirst(RampartPolicyData rpd) {
+ return SPConstants.ENCRYPT_BEFORE_SIGNING.equals(rpd.getProtectionOrder());
+ }
}
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/pom.xml
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/pom.xml?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/pom.xml (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/pom.xml Thu Mar 1 09:54:05 2012
@@ -273,6 +273,11 @@
<copy overwrite="yes" file="src/test/resources/rampart/services-33.xml" tofile="target/temp-ramp/META-INF/services.xml" />
<jar jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar" basedir="target/temp-ramp" />
+ <!-- Service 34 -->
+ <copy overwrite="yes" file="src/test/resources/rampart/services-34.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar" basedir="target/temp-ramp" />
+
+
<!-- Service SC-1 -->
<copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties" />
<copy overwrite="yes" file="src/test/resources/rampart/services-sc-1.xml" tofile="target/temp-ramp/META-INF/services.xml" />
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rahas/PWCallback.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rahas/PWCallback.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rahas/PWCallback.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rahas/PWCallback.java Thu Mar 1 09:54:05 2012
@@ -114,13 +114,13 @@ public class PWCallback implements Callb
if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
- if(pc.getIdentifer().equals("Ron") && pc.getPassword().equals("noR")) {
+ if(pc.getIdentifier().equals("Ron") && pc.getPassword().equals("noR")) {
return;
}
- if(pc.getIdentifer().equals("joe") && pc.getPassword().equals("eoj")) {
+ if(pc.getIdentifier().equals("joe") && pc.getPassword().equals("eoj")) {
return;
@@ -154,23 +154,23 @@ public class PWCallback implements Callb
pc.setKey(key);
- } else if(pc.getIdentifer().equals("alice")) {
+ } else if(pc.getIdentifier().equals("alice")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("bob")) {
+ } else if(pc.getIdentifier().equals("bob")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("Ron")) {
+ } else if(pc.getIdentifier().equals("Ron")) {
pc.setPassword("noR");
- } else if(pc.getIdentifer().equals("joe")) {
+ } else if(pc.getIdentifier().equals("joe")) {
pc.setPassword("eoj");
- } else if(pc.getIdentifer().equals("ip")) {
+ } else if(pc.getIdentifier().equals("ip")) {
pc.setPassword("password");
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rampart/PWCallback.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rampart/PWCallback.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rampart/PWCallback.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/java/org/apache/rampart/PWCallback.java Thu Mar 1 09:54:05 2012
@@ -108,13 +108,13 @@ public class PWCallback implements Callb
if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
- if(pc.getIdentifer().equals("Ron") && pc.getPassword().equals("noR")) {
+ if(pc.getIdentifier().equals("Ron") && pc.getPassword().equals("noR")) {
return;
}
- if(pc.getIdentifer().equals("joe") && pc.getPassword().equals("eoj")) {
+ if(pc.getIdentifier().equals("joe") && pc.getPassword().equals("eoj")) {
return;
@@ -126,7 +126,7 @@ public class PWCallback implements Callb
}
- if(pc.getIdentifer().equals("alice") && pc.getPassword().equals("password")) {
+ if(pc.getIdentifier().equals("alice") && pc.getPassword().equals("password")) {
return;
}
@@ -148,27 +148,27 @@ public class PWCallback implements Callb
*/
- if (pc.getUsage() == WSPasswordCallback.KEY_NAME) {
+ if (pc.getUsage() == WSPasswordCallback.SECRET_KEY) {
pc.setKey(key);
- } else if(pc.getIdentifer().equals("alice")) {
+ } else if(pc.getIdentifier().equals("alice")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("bob")) {
+ } else if(pc.getIdentifier().equals("bob")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("Ron")) {
+ } else if(pc.getIdentifier().equals("Ron")) {
pc.setPassword("noR");
- } else if(pc.getIdentifer().equals("joe")) {
+ } else if(pc.getIdentifier().equals("joe")) {
pc.setPassword("eoj");
- } else if(pc.getIdentifer().equals("ip")) {
+ } else if(pc.getIdentifier().equals("ip")) {
pc.setPassword("password");
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java Thu Mar 1 09:54:05 2012
@@ -28,7 +28,8 @@ import org.xmlsoap.ping.PingDocument;
import org.xmlsoap.ping.PingResponse;
import org.xmlsoap.ping.PingResponseDocument;
-import java.util.Vector;
+import java.security.Principal;
+import java.util.List;
/**
* Auto generated java skeleton for the service by the Axis code generator
@@ -41,25 +42,21 @@ public class PingPortSkeleton{
*/
public PingResponseDocument ping
(PingDocument param0) {
- Vector results = null;
+ List<WSHandlerResult> results = null;
MessageContext msgCtx = MessageContext.getCurrentMessageContext();
if ((results =
- (Vector) msgCtx.getProperty(WSHandlerConstants.RECV_RESULTS))
+ (List<WSHandlerResult>) msgCtx.getProperty(WSHandlerConstants.RECV_RESULTS))
== null) {
System.out.println("No security results!!");
throw new RuntimeException("No security results!!");
} else {
System.out.println("Number of results: " + results.size());
- for (int i = 0; i < results.size(); i++) {
- WSHandlerResult rResult =
- (WSHandlerResult) results.get(i);
- Vector wsSecEngineResults = rResult.getResults();
-
- for (int j = 0; j < wsSecEngineResults.size(); j++) {
- WSSecurityEngineResult wser =
- (WSSecurityEngineResult) wsSecEngineResults.get(j);
- if (wser.getAction() != WSConstants.ENCR && wser.getPrincipal() != null) {
- System.out.println(wser.getPrincipal().getName());
+ for (WSHandlerResult result : results) {
+ List<WSSecurityEngineResult> wsSecEngineResults = result.getResults();
+
+ for (WSSecurityEngineResult wser : wsSecEngineResults) {
+ if (getAction(wser) != WSConstants.ENCR && getPrincipal(wser) != null) {
+ System.out.println(getPrincipal(wser).getName());
}
}
}
@@ -70,5 +67,13 @@ public class PingPortSkeleton{
}
}
+ private int getAction(WSSecurityEngineResult result) {
+ return (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
+ }
+
+ private Principal getPrincipal(WSSecurityEngineResult result) {
+ return (Principal)result.get(WSSecurityEngineResult.TAG_PRINCIPAL);
+ }
+
}
\ No newline at end of file
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/InteropScenarioClient.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/InteropScenarioClient.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/InteropScenarioClient.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/InteropScenarioClient.java Thu Mar 1 09:54:05 2012
@@ -50,7 +50,7 @@ public class InteropScenarioClient {
public void invokeWithStaticConfig(String clientRepo, String url)
throws Exception {
TicketType ticket = TicketType.Factory.newInstance();
- ticket.setId("My ticket Id");
+ ticket.setId("MyticketId");
Ping ping = Ping.Factory.newInstance();
ping.setText("Testing rampart");
@@ -71,7 +71,6 @@ public class InteropScenarioClient {
stub._getServiceClient().getOptions().setSoapVersionURI(soapNsURI);
stub._getServiceClient().engageModule(
new javax.xml.namespace.QName("rampart"));
-
PingResponseDocument pingResDoc = stub.ping(pingDoc);
@@ -84,7 +83,7 @@ public class InteropScenarioClient {
OutflowConfiguration outflowConfig, InflowConfiguration inflowConfig)
throws Exception {
TicketType ticket = TicketType.Factory.newInstance();
- ticket.setId("My ticket Id");
+ ticket.setId("MyticketId"); // TODO need to figure out why "My ticket Id" is failing
Ping ping = Ping.Factory.newInstance();
ping.setText("Testing rampart");
@@ -128,7 +127,7 @@ public class InteropScenarioClient {
Hashtable propRefs)
throws Exception {
TicketType ticket = TicketType.Factory.newInstance();
- ticket.setId("My ticket Id");
+ ticket.setId("MyticketId"); // TODO need to figure out why "My ticket Id" is failing
Ping ping = Ping.Factory.newInstance();
ping.setText("Testing rampart");
Modified: axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/PWCallback.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/PWCallback.java?rev=1295489&r1=1295488&r2=1295489&view=diff
==============================================================================
--- axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/PWCallback.java (original)
+++ axis/axis2/java/rampart/branches/1_6/modules/rampart-integration/src/main/resources/ping/src/org/apache/axis2/security/PWCallback.java Thu Mar 1 09:54:05 2012
@@ -116,7 +116,7 @@ public class PWCallback implements Callb
if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
- if(pc.getIdentifer().equals("Ron") && pc.getPassword().equals("noR")) {
+ if(pc.getIdentifier().equals("Ron") && pc.getPassword().equals("noR")) {
return;
@@ -146,19 +146,19 @@ public class PWCallback implements Callb
*/
- if (pc.getUsage() == WSPasswordCallback.KEY_NAME) {
+ if (pc.getUsage() == WSPasswordCallback.SECRET_KEY) {
pc.setKey(key);
- } else if(pc.getIdentifer().equals("alice")) {
+ } else if(pc.getIdentifier().equals("alice")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("bob")) {
+ } else if(pc.getIdentifier().equals("bob")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("Ron")) {
+ } else if(pc.getIdentifier().equals("Ron")) {
pc.setPassword("noR");