You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2009/05/12 13:08:08 UTC
svn commit: r773853 - in
/webservices/wss4j/trunk/src/org/apache/ws/security: ./ message/
message/token/ processor/ saml/ util/
Author: coheigea
Date: Tue May 12 11:08:08 2009
New Revision: 773853
URL: http://svn.apache.org/viewvc?rev=773853&view=rev
Log:
[WSS-192] - Re-used encryption functionality from WSSecEncrypt in WSSecDKEncrypt
- Replaced all NodeList invocations for performance and thread-safety reasons.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/WSSecurityEngine.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/token/DerivedKeyToken.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java
webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLUtil.java
webservices/wss4j/trunk/src/org/apache/ws/security/util/DOM2Writer.java
webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/WSSecurityEngine.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/WSSecurityEngine.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/WSSecurityEngine.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/WSSecurityEngine.java Tue May 12 11:08:08 2009
@@ -29,7 +29,6 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
@@ -299,39 +298,38 @@
WSDocInfo wsDocInfo = new WSDocInfo(securityHeader.getOwnerDocument());
wsDocInfo.setCrypto(sigCrypto);
- NodeList list = securityHeader.getChildNodes();
if (tlog.isDebugEnabled()) {
t1 = System.currentTimeMillis();
}
Vector returnResults = new Vector();
final WSSConfig cfg = getWssConfig();
- for (int i = 0; i < list.getLength(); i++) {
- Node elem = list.item(i);
- if (elem == null || elem.getNodeType() != Node.ELEMENT_NODE) {
- continue;
- }
- QName el = new QName(elem.getNamespaceURI(), elem.getLocalName());
- Processor p = cfg.getProcessor(el);
- /*
- * Call the processor for this token. After the processor returns,
- * store it for later retrieval. The token processor may store some
- * information about the processed token
- */
- if (p != null) {
- p.handleToken((Element) elem, sigCrypto, decCrypto, cb, wsDocInfo, returnResults, cfg);
- wsDocInfo.setProcessor(p);
- } else {
- /*
- * Add check for a BinarySecurityToken, add info to WSDocInfo. If BST is
- * found before a Signature token this would speed up (at least a little
- * bit) the processing of STR Transform.
- */
- if (doDebug) {
- log.debug(
- "Unknown Element: " + elem.getLocalName() + " " + elem.getNamespaceURI()
- );
+ Node node = securityHeader.getFirstChild();
+ while (node != null) {
+ if (Node.ELEMENT_NODE == node.getNodeType()) {
+ QName el = new QName(node.getNamespaceURI(), node.getLocalName());
+ Processor p = cfg.getProcessor(el);
+ //
+ // Call the processor for this token. After the processor returns,
+ // store it for later retrieval. The token processor may store some
+ // information about the processed token
+ //
+ if (p != null) {
+ p.handleToken((Element) node, sigCrypto, decCrypto, cb, wsDocInfo, returnResults, cfg);
+ wsDocInfo.setProcessor(p);
+ } else {
+ //
+ // Add check for a BinarySecurityToken, add info to WSDocInfo. If BST is
+ // found before a Signature token this would speed up (at least a little
+ // bit) the processing of STR Transform.
+ //
+ if (doDebug) {
+ log.debug(
+ "Unknown Element: " + node.getLocalName() + " " + node.getNamespaceURI()
+ );
+ }
}
}
+ node = node.getNextSibling();
}
if (tlog.isDebugEnabled()) {
t2 = System.currentTimeMillis();
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDKEncrypt.java Tue May 12 11:08:08 2009
@@ -26,9 +26,6 @@
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.message.token.SecurityTokenReference;
import org.apache.ws.security.util.WSSecurityUtil;
-import org.apache.xml.security.encryption.EncryptedData;
-import org.apache.xml.security.encryption.XMLCipher;
-import org.apache.xml.security.encryption.XMLEncryptionException;
import org.apache.xml.security.keys.KeyInfo;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -56,7 +53,7 @@
// Setup the encrypted key
//
prepare(doc);
- envelope = doc.getDocumentElement();
+ envelope = doc.getDocumentElement();
//
// prepend elements in the right order to the security header
//
@@ -79,92 +76,6 @@
return doc;
}
- private List doEncryption(Document doc, byte[] secretKey, List references)
- throws WSSecurityException {
-
- SecretKey key = WSSecurityUtil.prepareSecretKey(symEncAlgo, secretKey);
- XMLCipher xmlCipher = null;
- try {
- xmlCipher = XMLCipher.getInstance(symEncAlgo);
- } catch (XMLEncryptionException e3) {
- throw new WSSecurityException(
- WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e3
- );
- }
-
- List encDataRefs = new Vector();
- if (envelope == null) {
- envelope = doc.getDocumentElement();
- }
-
- for (int part = 0; part < references.size(); part++) {
- WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
-
- String idToEnc = encPart.getId();
- String elemName = encPart.getName();
- String nmSpace = encPart.getNamespace();
- String modifier = encPart.getEncModifier();
- //
- // Third step: get the data to encrypt.
- //
- Element body = null;
- if (idToEnc != null) {
- body =
- WSSecurityUtil.findElementById(
- document.getDocumentElement(), idToEnc, WSConstants.WSU_NS
- );
- if (body == null) {
- body =
- WSSecurityUtil.findElementById(document.getDocumentElement(), idToEnc, null);
- }
- } else {
- body = (Element) WSSecurityUtil.findElement(envelope, elemName, nmSpace);
- }
- if (body == null) {
- throw new WSSecurityException(
- WSSecurityException.FAILURE,
- "noEncElement",
- new Object[] {"{" + nmSpace + "}" + elemName}
- );
- }
-
- boolean content = modifier.equals("Content") ? true : false;
- String xencEncryptedDataId = wssConfig.getIdAllocator().createId("EncDataId-", body);
-
- //
- // Fourth step: encrypt data, and set necessary attributes in
- // xenc:EncryptedData
- //
- try {
- // Create the SecurityTokenRef to the DKT
- KeyInfo keyInfo = new KeyInfo(document);
- SecurityTokenReference secToken = new SecurityTokenReference(document);
- secToken.addWSSENamespace();
- Reference ref = new Reference(document);
- ref.setURI("#" + dktId);
- secToken.setReference(ref);
-
- keyInfo.addUnknownElement(secToken.getElement());
- Element keyInfoElement = keyInfo.getElement();
- keyInfoElement.setAttributeNS(
- WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS
- );
-
- xmlCipher.init(XMLCipher.ENCRYPT_MODE, key);
- EncryptedData encData = xmlCipher.getEncryptedData();
- encData.setId(xencEncryptedDataId);
- encData.setKeyInfo(keyInfo);
- xmlCipher.doFinal(doc, body, content);
- } catch (Exception ex) {
- throw new WSSecurityException(
- WSSecurityException.FAILED_ENCRYPTION, null, null, ex
- );
- }
- encDataRefs.add(new String("#" + xencEncryptedDataId));
- }
- return encDataRefs;
- }
-
/**
* Encrypt one or more parts or elements of the message (external).
*
@@ -188,17 +99,39 @@
*/
public Element encryptForExternalRef(Element dataRef, List references)
throws WSSecurityException {
+
+ KeyInfo keyInfo = createKeyInfo();
+ SecretKey key = WSSecurityUtil.prepareSecretKey(symEncAlgo, derivedKeyBytes);
- List encDataRefs = doEncryption(document, derivedKeyBytes, references);
- Element referenceList = dataRef;
- if (referenceList == null) {
- referenceList =
+ List encDataRefs =
+ WSSecEncrypt.doEncryption(document, wssConfig, keyInfo, key, symEncAlgo, references);
+ if (dataRef == null) {
+ dataRef =
document.createElementNS(
WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":ReferenceList"
);
}
- createDataRefList(document, referenceList, encDataRefs);
- return referenceList;
+ return WSSecEncrypt.createDataRefList(document, dataRef, encDataRefs);
+ }
+
+ /**
+ * Create a KeyInfo object
+ */
+ private KeyInfo createKeyInfo() throws WSSecurityException {
+ KeyInfo keyInfo = new KeyInfo(document);
+ SecurityTokenReference secToken = new SecurityTokenReference(document);
+ secToken.addWSSENamespace();
+ Reference ref = new Reference(document);
+ ref.setURI("#" + dktId);
+ secToken.setReference(ref);
+
+ keyInfo.addUnknownElement(secToken.getElement());
+ Element keyInfoElement = keyInfo.getElement();
+ keyInfoElement.setAttributeNS(
+ WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS
+ );
+
+ return keyInfo;
}
/**
@@ -222,20 +155,11 @@
}
}
- public static Element createDataRefList(Document doc, Element referenceList, List encDataRefs) {
- for (int i = 0; i < encDataRefs.size(); i++) {
- String dataReferenceUri = (String) encDataRefs.get(i);
- Element dataReference =
- doc.createElementNS(
- WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":DataReference"
- );
- dataReference.setAttribute("URI", dataReferenceUri);
- referenceList.appendChild(dataReference);
- }
- return referenceList;
- }
-
+ /**
+ * Set the symmetric encryption algorithm URI to use
+ * @param algo the symmetric encryption algorithm URI to use
+ */
public void setSymmetricEncAlgorithm(String algo) {
symEncAlgo = algo;
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecDerivedKeyBase.java Tue May 12 11:08:08 2009
@@ -253,7 +253,7 @@
}
public void setDerivedKeyLength(int keyLength) {
- this.derivedKeyLength = keyLength;
+ derivedKeyLength = keyLength;
}
public void setCustomValueType(String customValueType) {
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java Tue May 12 11:08:08 2009
@@ -23,6 +23,7 @@
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
+import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.message.token.Reference;
@@ -333,8 +334,10 @@
*/
public Element encryptForRef(Element dataRef, List references)
throws WSSecurityException {
+
+ KeyInfo keyInfo = createKeyInfo();
List encDataRefs =
- doEncryption(symmetricKey, references);
+ doEncryption(document, wssConfig, keyInfo, symmetricKey, symEncAlgo, references);
if (dataRef == null) {
dataRef =
document.createElementNS(
@@ -398,23 +401,34 @@
}
- private List doEncryption(
+ /**
+ * Perform encryption on the SOAP envelope.
+ * @param doc The document containing the SOAP envelope as document element
+ * @param config The WSSConfig from which to generate wsu:ID's
+ * @param keyInfo The KeyInfo object to set in EncryptedData
+ * @param secretKey The SecretKey object with which to encrypt data
+ * @param encryptionAlgorithm The encryption algorithm URI to use
+ * @param references The list of references to encrypt
+ * @return a List of references to EncryptedData elements
+ * @throws WSSecurityException
+ */
+ public static List doEncryption(
+ Document doc,
+ WSSConfig config,
+ KeyInfo keyInfo,
SecretKey secretKey,
+ String encryptionAlgorithm,
List references
) throws WSSecurityException {
XMLCipher xmlCipher = null;
try {
- xmlCipher = XMLCipher.getInstance(symEncAlgo);
+ xmlCipher = XMLCipher.getInstance(encryptionAlgorithm);
} catch (XMLEncryptionException ex) {
throw new WSSecurityException(
WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, ex
);
}
- //
- // Create the KeyInfo structure
- //
- KeyInfo keyInfo = createKeyInfo();
List encDataRef = new Vector();
for (int part = 0; part < references.size(); part++) {
@@ -431,15 +445,15 @@
if (idToEnc != null) {
elementToEncrypt =
WSSecurityUtil.findElementById(
- document.getDocumentElement(), idToEnc, WSConstants.WSU_NS
+ doc.getDocumentElement(), idToEnc, WSConstants.WSU_NS
);
if (elementToEncrypt == null) {
elementToEncrypt =
- WSSecurityUtil.findElementById(document.getDocumentElement(), idToEnc, null);
+ WSSecurityUtil.findElementById(doc.getDocumentElement(), idToEnc, null);
}
} else {
elementToEncrypt =
- (Element) WSSecurityUtil.findElement(document, elemName, nmSpace);
+ (Element) WSSecurityUtil.findElement(doc, elemName, nmSpace);
}
if (elementToEncrypt == null) {
throw new WSSecurityException(
@@ -451,7 +465,7 @@
boolean content = modifier.equals("Content") ? true : false;
String xencEncryptedDataId =
- wssConfig.getIdAllocator().createId("EncDataId-", elementToEncrypt);
+ config.getIdAllocator().createId("EncDataId-", elementToEncrypt);
encPart.setEncId(xencEncryptedDataId);
//
// Encrypt data, and set necessary attributes in xenc:EncryptedData
@@ -459,7 +473,7 @@
try {
if (modifier.equals("Header")) {
Element elem =
- document.createElementNS(
+ doc.createElementNS(
WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
);
WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
@@ -467,7 +481,7 @@
WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
elem.setAttributeNS(
WSConstants.WSU_NS, wsuPrefix + ":Id",
- wssConfig.getIdAllocator().createId("EncHeader-", elementToEncrypt)
+ config.getIdAllocator().createId("EncHeader-", elementToEncrypt)
);
//
// Add the EncryptedHeader node to the element to be encrypted's parent
@@ -499,7 +513,7 @@
EncryptedData encData = xmlCipher.getEncryptedData();
encData.setId(xencEncryptedDataId);
encData.setKeyInfo(keyInfo);
- xmlCipher.doFinal(document, elementToEncrypt, content);
+ xmlCipher.doFinal(doc, elementToEncrypt, content);
if (part != (references.size() - 1)) {
keyInfo = new KeyInfo((Element) keyInfo.getElement().cloneNode(true), null);
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/token/DerivedKeyToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/token/DerivedKeyToken.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/token/DerivedKeyToken.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/token/DerivedKeyToken.java Tue May 12 11:08:08 2009
@@ -35,7 +35,6 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
/**
@@ -251,13 +250,13 @@
public Hashtable getProperties() {
if (elementProperties != null) {
Hashtable table = new Hashtable();
- NodeList nodes = elementProperties.getChildNodes();
- for (int i = 0; i < nodes.getLength(); i++) {
- Node tempNode = nodes.item(i);
- if (tempNode != null && Node.ELEMENT_NODE == tempNode.getNodeType()) {
- Text text = getFirstNode((Element) tempNode);
- table.put(tempNode.getNodeName(), text.getData());
+ Node node = elementProperties.getFirstChild();
+ while (node != null) {
+ if (Node.ELEMENT_NODE == node.getNodeType()) {
+ Text text = getFirstNode((Element) node);
+ table.put(node.getNodeName(), text.getData());
}
+ node = node.getNextSibling();
}
}
return null;
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java Tue May 12 11:08:08 2009
@@ -37,7 +37,6 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
import javax.xml.namespace.QName;
@@ -696,13 +695,12 @@
* @return number of elements with matching localname and namespace
*/
public int length(String namespace, String localname) {
- NodeList childNodes = element.getChildNodes();
int result = 0;
- for (int i = 0; i < childNodes.getLength(); i++) {
- Node n = childNodes.item(i);
- if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
- String ns = n.getNamespaceURI();
- String name = n.getLocalName();
+ Node node = element.getFirstChild();
+ while (node != null) {
+ if (Node.ELEMENT_NODE == node.getNodeType()) {
+ String ns = node.getNamespaceURI();
+ String name = node.getLocalName();
if ((((namespace != null) && namespace.equals(ns))
|| ((namespace == null) && (ns == null)))
&& (localname.equals(name))
@@ -710,6 +708,7 @@
result++;
}
}
+ node = node.getNextSibling();
}
return result;
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java Tue May 12 11:08:08 2009
@@ -40,7 +40,6 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
import javax.crypto.BadPaddingException;
@@ -238,13 +237,12 @@
*/
public static byte[] getDecodedBase64EncodedData(Element element) throws WSSecurityException {
StringBuffer sb = new StringBuffer();
- NodeList children = element.getChildNodes();
- int iMax = children.getLength();
- for (int i = 0; i < iMax; i++) {
- Node curr = children.item(i);
- if (curr != null && Node.TEXT_NODE == curr.getNodeType()) {
- sb.append(((Text) curr).getData());
+ Node node = element.getFirstChild();
+ while (node != null) {
+ if (Node.TEXT_NODE == node.getNodeType()) {
+ sb.append(((Text) node).getData());
}
+ node = node.getNextSibling();
}
String encodedData = sb.toString();
return Base64.decode(encodedData);
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLUtil.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLUtil.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/saml/SAMLUtil.java Tue May 12 11:08:08 2009
@@ -43,7 +43,6 @@
import org.opensaml.SAMLSubjectStatement;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
import javax.security.auth.callback.Callback;
@@ -107,25 +106,21 @@
SAMLSubject samlSubject = attrStmt.getSubject();
Element kiElem = samlSubject.getKeyInfo();
- NodeList children = kiElem.getChildNodes();
- int len = children.getLength();
-
- for (int i = 0; i < len; i++) {
- Node child = children.item(i);
- if (child == null || child.getNodeType() != Node.ELEMENT_NODE) {
- continue;
- }
- QName el = new QName(child.getNamespaceURI(), child.getLocalName());
- if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)) {
-
- EncryptedKeyProcessor proc = new EncryptedKeyProcessor();
- proc.handleEncryptedKey((Element)child, cb, crypto, null);
-
- return new SAMLKeyInfo(assertion, proc.getDecryptedBytes());
- } else if (el.equals(new QName(WSConstants.WST_NS, "BinarySecret"))) {
- Text txt = (Text)child.getFirstChild();
- return new SAMLKeyInfo(assertion, Base64.decode(txt.getData()));
+ Node node = kiElem.getFirstChild();
+ while (node != null) {
+ if (Node.ELEMENT_NODE == node.getNodeType()) {
+ QName el = new QName(node.getNamespaceURI(), node.getLocalName());
+ if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)) {
+ EncryptedKeyProcessor proc = new EncryptedKeyProcessor();
+ proc.handleEncryptedKey((Element)node, cb, crypto, null);
+
+ return new SAMLKeyInfo(assertion, proc.getDecryptedBytes());
+ } else if (el.equals(new QName(WSConstants.WST_NS, "BinarySecret"))) {
+ Text txt = (Text)node.getFirstChild();
+ return new SAMLKeyInfo(assertion, Base64.decode(txt.getData()));
+ }
}
+ node = node.getNextSibling();
}
} else if (stmt instanceof SAMLAuthenticationStatement) {
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/util/DOM2Writer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/util/DOM2Writer.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/util/DOM2Writer.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/util/DOM2Writer.java Tue May 12 11:08:08 2009
@@ -24,7 +24,6 @@
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
import java.io.PrintWriter;
import java.io.StringWriter;
@@ -96,13 +95,10 @@
switch (type) {
case Node.DOCUMENT_NODE:
{
- NodeList children = node.getChildNodes();
- if (children != null) {
- int numChildren = children.getLength();
- for (int i = 0; i < numChildren; i++) {
- print(children.item(i), namespaceStack, out,
- pretty, indent);
- }
+ Node child = node.getFirstChild();
+ while (child != null) {
+ print(child, namespaceStack, out, pretty, indent);
+ child = child.getNextSibling();
}
break;
}
@@ -156,26 +152,23 @@
}
}
}
- NodeList children = node.getChildNodes();
- if (children != null) {
- int numChildren = children.getLength();
- hasChildren = (numChildren > 0);
- if (hasChildren) {
- out.print('>');
- if (pretty)
- out.print(LS);
+ Node child = node.getFirstChild();
+ if (child != null) {
+ hasChildren = true;
+ out.print('>');
+ if (pretty) {
+ out.print(LS);
}
- for (int i = 0; i < numChildren; i++) {
- print(children.item(i), namespaceStack, out, pretty,
- indent + 1);
+ while (child != null) {
+ print(child, namespaceStack, out, pretty, indent + 1);
+ child = child.getNextSibling();
}
} else {
hasChildren = false;
- }
- if (!hasChildren) {
out.print("/>");
- if (pretty)
+ if (pretty) {
out.print(LS);
+ }
}
namespaceStack.pop();
break;
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java?rev=773853&r1=773852&r2=773853&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java Tue May 12 11:08:08 2009
@@ -36,7 +36,6 @@
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
import javax.crypto.Cipher;
@@ -49,6 +48,7 @@
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Iterator;
+import java.util.List;
import java.util.Vector;
/**
@@ -99,15 +99,20 @@
if (WSConstants.URI_SOAP12_ENV.equals(soapNamespace)) {
actorLocal = WSConstants.ATTR_ROLE;
}
-
+ //
// get all wsse:Security nodes
- NodeList list =
- soapHeaderElement.getElementsByTagNameNS(WSConstants.WSSE_NS, WSConstants.WSSE_LN);
- if (list == null) {
+ //
+ List securityHeaderList =
+ getDirectChildElements(
+ soapHeaderElement,
+ WSConstants.WSSE_LN,
+ WSConstants.WSSE_NS
+ );
+ if (securityHeaderList == null) {
return null;
}
- for (int i = 0; i < list.getLength(); i++) {
- Element elem = (Element) list.item(i);
+ for (int i = 0; i < securityHeaderList.size(); i++) {
+ Element elem = (Element) securityHeaderList.get(i);
Attr attr = elem.getAttributeNodeNS(soapNamespace, actorLocal);
String hActor = (attr != null) ? attr.getValue() : null;
if (WSSecurityUtil.isActorEqual(actor, hActor)) {
@@ -167,6 +172,35 @@
return null;
}
+
+ /**
+ * Gets all direct children with specified localname and namespace. <p/>
+ *
+ * @param fNode the node where to start the search
+ * @param localName local name of the children to get
+ * @param namespace the namespace of the children to get
+ * @return the list of nodes or <code>null</code> if not such nodes are found
+ */
+ public static List getDirectChildElements(
+ Node fNode,
+ String localName,
+ String namespace
+ ) {
+ List children = new Vector();
+ for (
+ Node currentChild = fNode.getFirstChild();
+ currentChild != null;
+ currentChild = currentChild.getNextSibling()
+ ) {
+ if (Node.ELEMENT_NODE == currentChild.getNodeType()
+ && localName.equals(currentChild.getLocalName())
+ && namespace.equals(currentChild.getNamespaceURI())) {
+ children.add(currentChild);
+ }
+ }
+ return children;
+ }
+
/**
* return the first soap "Body" element. <p/>
@@ -186,19 +220,9 @@
bodyNamespace = ns;
}
- for (
- Node currentChild = docElement.getFirstChild();
- currentChild != null;
- currentChild = currentChild.getNextSibling()
- ) {
- if (Node.ELEMENT_NODE == currentChild.getNodeType()
- && WSConstants.ELEM_BODY.equals(currentChild.getLocalName())
- && bodyNamespace.equals(currentChild.getNamespaceURI())) {
- return (Element)currentChild;
- }
- }
- return null;
+ return getDirectChildElement(docElement, WSConstants.ELEM_BODY, bodyNamespace);
}
+
/**
* Returns the first element that matches <code>name</code> and
@@ -627,15 +651,14 @@
if (wsseSecurity != null) {
return wsseSecurity;
} else if (doCreate) {
- String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace = WSSecurityUtil.getSOAPNamespace(envelope);
Element header =
getDirectChildElement(envelope, WSConstants.ELEM_HEADER, soapNamespace);
if (header == null) {
header = createElementInSameNamespace(envelope, WSConstants.ELEM_HEADER);
header = prependChildElement(envelope, header);
}
- wsseSecurity =
- header.getOwnerDocument().createElementNS(WSConstants.WSSE_NS, "wsse:Security");
+ wsseSecurity = doc.createElementNS(WSConstants.WSSE_NS, "wsse:Security");
wsseSecurity.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsse", WSConstants.WSSE_NS);
return prependChildElement(header, wsseSecurity);
}
@@ -1011,13 +1034,10 @@
return java.util.Collections.EMPTY_LIST;
}
final java.util.List ret = new java.util.ArrayList();
- if (parent.hasChildNodes()) {
- final NodeList children = parent.getChildNodes();
- if (children != null) {
- for (int i = 0, n = children.getLength(); i < n; ++i) {
- ret.add(children.item(i));
- }
- }
+ Node node = parent.getFirstChild();
+ while (node != null) {
+ ret.add(node);
+ node = node.getNextSibling();
}
return ret;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org