You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ru...@apache.org on 2006/09/11 04:07:05 UTC
svn commit: r442071 - in /webservices/axis2/trunk/java/modules/security:
src/org/apache/rampart/builder/TransportBindingBuilder.java
test-resources/policy/rampart-transport-binding-dk.xml
test/org/apache/rampart/MessageBuilderTest.java
Author: ruchithf
Date: Sun Sep 10 19:07:05 2006
New Revision: 442071
URL: http://svn.apache.org/viewvc?view=rev&rev=442071
Log:
Added a test scenario to test usage of a supporting token with derived keys in the transport binding
Added:
webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml
Modified:
webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java
webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java?view=diff&rev=442071&r1=442070&r2=442071
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java Sun Sep 10 19:07:05 2006
@@ -190,11 +190,16 @@
encrKey.appendToHeader(rmd.getSecHeader());
WSSecDKSign dkSig = new WSSecDKSign();
+
+ dkSig.setWsConfig(rmd.getConfig());
+
dkSig.setSigCanonicalization(rpd.getAlgorithmSuite().getInclusiveC14n());
dkSig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getSymmetricSignature());
dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId());
+ dkSig.prepare(doc, rmd.getSecHeader());
+
Vector sigParts = new Vector();
sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
@@ -209,10 +214,16 @@
//Do signature
dkSig.computeSignature();
+
+ dkSig.appendDKElementToHeader(rmd.getSecHeader());
+ dkSig.appendSigToHeader(rmd.getSecHeader());
+
return dkSig.getSignatureValue();
} catch (WSSecurityException e) {
+ throw new RampartException("errorCreatingEncryptedKey", e);
+ } catch (ConversationException e) {
throw new RampartException("errorCreatingEncryptedKey", e);
}
Added: webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml?view=auto&rev=442071
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml (added)
+++ webservices/axis2/trunk/java/modules/security/test-resources/policy/rampart-transport-binding-dk.xml Sun Sep 10 19:07:05 2006
@@ -0,0 +1,68 @@
+<wsp:Policy wsu:Id="5" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+<wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false"/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:SignedEndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:SignedEndorsingSupportingTokens>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.TestCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">interop/interop2.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+</wsp:ExactlyOne>
+</wsp:Policy>
Modified: webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java?view=diff&rev=442071&r1=442070&r2=442071
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java (original)
+++ webservices/axis2/trunk/java/modules/security/test/org/apache/rampart/MessageBuilderTest.java Sun Sep 10 19:07:05 2006
@@ -89,6 +89,25 @@
}
}
+ public void testTransportBindingWithDK() {
+ try {
+ MessageContext ctx = getMsgCtx();
+
+ String policyXml = "test-resources/policy/rampart-transport-binding-dk.xml";
+ Policy policy = this.loadPolicy(policyXml);
+
+ ctx.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
+
+ MessageBuilder builder = new MessageBuilder();
+ builder.build(ctx);
+
+ System.out.println(ctx.getEnvelope());
+ } catch (Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+ }
+ }
+
/**
* @throws XMLStreamException
* @throws FactoryConfigurationError
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org