You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ru...@apache.org on 2006/09/11 04:07:05 UTC

svn commit: r442071 - in /webservices/axis2/trunk/java/modules/security: src/org/apache/rampart/builder/TransportBindingBuilder.java test-resources/policy/rampart-transport-binding-dk.xml test/org/apache/rampart/MessageBuilderTest.java

Author: ruchithf
Date: Sun Sep 10 19:07:05 2006
New Revision: 442071

URL: http://svn.apache.org/viewvc?view=rev&rev=442071
Log:
Added a test scenario to test usage of a supporting token with derived keys in the transport binding

Added:
    webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml
Modified:
    webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java
    webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java

Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java?view=diff&rev=442071&r1=442070&r2=442071
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java Sun Sep 10 19:07:05 2006
@@ -190,11 +190,16 @@
                 encrKey.appendToHeader(rmd.getSecHeader());
                 
                 WSSecDKSign dkSig = new WSSecDKSign();
+                
+                dkSig.setWsConfig(rmd.getConfig());
+                
                 dkSig.setSigCanonicalization(rpd.getAlgorithmSuite().getInclusiveC14n());
                 dkSig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getSymmetricSignature());
                 
                 dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId());
                 
+                dkSig.prepare(doc, rmd.getSecHeader());
+                
                 Vector sigParts = new  Vector();
                 
                 sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));                          
@@ -209,10 +214,16 @@
                 
                 //Do signature
                 dkSig.computeSignature();
+                
+                dkSig.appendDKElementToHeader(rmd.getSecHeader());
 
+                dkSig.appendSigToHeader(rmd.getSecHeader());
+                
                 return dkSig.getSignatureValue();
                 
             } catch (WSSecurityException e) {
+                throw new RampartException("errorCreatingEncryptedKey", e);
+            } catch (ConversationException e) {
                 throw new RampartException("errorCreatingEncryptedKey", e);
             }
             

Added: webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml?view=auto&rev=442071
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml (added)
+++ webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml Sun Sep 10 19:07:05 2006
@@ -0,0 +1,68 @@
+<wsp:Policy wsu:Id="5" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+<wsp:ExactlyOne>
+  <wsp:All>
+	<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+	  <wsp:Policy>
+		<sp:TransportToken>
+		  <wsp:Policy>
+			<sp:HttpsToken RequireClientCertificate="false"/>
+		  </wsp:Policy>
+		</sp:TransportToken>
+		<sp:AlgorithmSuite>
+		  <wsp:Policy>
+			<sp:Basic256/>
+		  </wsp:Policy>
+		</sp:AlgorithmSuite>
+		<sp:Layout>
+		  <wsp:Policy>
+			<sp:Lax/>
+		  </wsp:Policy>
+		</sp:Layout>
+		<sp:IncludeTimestamp/>
+	  </wsp:Policy>
+	</sp:TransportBinding>
+	<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+		<wsp:Policy>
+			<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
+	  </wsp:Policy>
+	</sp:SignedSupportingTokens>
+	<sp:SignedEndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+	  <wsp:Policy>
+		<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+			<wsp:Policy>
+				<sp:RequireDerivedKeys />
+			</wsp:Policy>
+		</sp:X509Token>
+	  </wsp:Policy>
+	</sp:SignedEndorsingSupportingTokens>
+	<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+	  <wsp:Policy>
+		<sp:MustSupportRefKeyIdentifier/>
+		<sp:MustSupportRefIssuerSerial/>
+	  </wsp:Policy>
+	</sp:Wss10>
+	<sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+	  <wsp:Policy>
+		<sp:MustSupportIssuedTokens/>
+		<sp:RequireClientEntropy/>
+		<sp:RequireServerEntropy/>
+	  </wsp:Policy>
+	</sp:Trust10>
+	
+	<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
+		<ramp:user>alice</ramp:user>
+		<ramp:encryptionUser>bob</ramp:encryptionUser>
+		<ramp:passwordCallbackClass>org.apache.rampart.TestCBHandler</ramp:passwordCallbackClass>
+		
+		<ramp:signatureCrypto>
+			<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+				<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+				<ramp:property name="org.apache.ws.security.crypto.merlin.file">interop/interop2.jks</ramp:property>
+				<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+			</ramp:crypto>
+		</ramp:signatureCrypto>
+	</ramp:RampartConfig>
+	
+  </wsp:All>
+</wsp:ExactlyOne>
+</wsp:Policy>

Modified: webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java?view=diff&rev=442071&r1=442070&r2=442071
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java (original)
+++ webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java Sun Sep 10 19:07:05 2006
@@ -89,6 +89,25 @@
         }
     }
 
+    public void testTransportBindingWithDK() {
+        try {
+            MessageContext ctx = getMsgCtx();
+            
+            String policyXml = "test-resources/policy/rampart-transport-binding-dk.xml";
+            Policy policy = this.loadPolicy(policyXml);
+            
+            ctx.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
+            
+            MessageBuilder builder = new MessageBuilder();
+            builder.build(ctx);
+            
+            System.out.println(ctx.getEnvelope());
+        } catch (Exception e) {
+            e.printStackTrace();
+            fail(e.getMessage());
+        }
+    }
+    
     /**
      * @throws XMLStreamException
      * @throws FactoryConfigurationError



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org