You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2013/06/08 15:20:19 UTC
svn commit: r1490977 [4/4] - in /webservices/wss4j/trunk:
ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/
ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/
ws-security-policy-stax/src/test/java/org/...
Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java (from r1485168, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java&r1=1485168&r2=1490977&rev=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java Sat Jun 8 13:20:18 2013
@@ -20,6 +20,7 @@ package org.apache.wss4j.stax.impl.secur
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.ext.WSSConfigurationException;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -28,17 +29,33 @@ import org.apache.xml.security.stax.impl
import javax.security.auth.callback.CallbackHandler;
import java.security.cert.X509Certificate;
-public class X509_V3SecurityTokenImpl extends X509SecurityTokenImpl {
+public class X509V3SecurityTokenImpl extends X509SecurityTokenImpl {
private String alias = null;
- public X509_V3SecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
- byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
- WSSSecurityProperties securityProperties)
- throws XMLSecurityException {
-
- super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
- setX509Certificates(new X509Certificate[]{getCrypto().loadCertificate(new UnsynchronizedByteArrayInputStream(binaryContent))});
+ public X509V3SecurityTokenImpl(
+ WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+ byte[] binaryContent, String id, WSSSecurityProperties securityProperties) throws XMLSecurityException {
+
+ super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id,
+ WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier, securityProperties, true);
+
+ X509Certificate x509Certificate = getCrypto().loadCertificate(new UnsynchronizedByteArrayInputStream(binaryContent));
+ setX509Certificates(new X509Certificate[]{x509Certificate});
+
+ // Check to see if the certificates actually correspond to the decryption crypto
+ if (getCrypto().getX509Identifier(getX509Certificates()[0]) == null) {
+ try {
+ Crypto decCrypto = securityProperties.getDecryptionCrypto();
+ if (decCrypto != null
+ && decCrypto != getCrypto()
+ && decCrypto.getX509Identifier(getX509Certificates()[0]) != null) {
+ setCrypto(decCrypto);
+ }
+ } catch (WSSConfigurationException ex) { //NOPMD
+ // Just continue
+ }
+ }
}
@Override
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java Sat Jun 8 13:20:18 2013
@@ -34,16 +34,12 @@ public class WSSecurityTokenConstants ex
public static final TokenUsage TokenUsage_EndorsingEncryptedSupportingTokens = new TokenUsage("EndorsingEncryptedSupportingTokens");
public static final TokenUsage TokenUsage_SignedEndorsingEncryptedSupportingTokens = new TokenUsage("SignedEndorsingEncryptedSupportingTokens");
- //todo correct/cleanup/rename/revisit KeyIdentifierTypes over the whole framework. I messed it up...
- public static final KeyIdentifier KeyIdentifier_IssuerSerial = new KeyIdentifier("IssuerSerial");
public static final KeyIdentifier KeyIdentifier_SecurityTokenDirectReference = new KeyIdentifier("SecurityTokenDirectReference");
- public static final KeyIdentifier KeyIdentifier_X509KeyIdentifier = new KeyIdentifier("X509KeyIdentifier");
- public static final KeyIdentifier KeyIdentifier_SkiKeyIdentifier = new KeyIdentifier("SkiKeyIdentifier");
public static final KeyIdentifier KeyIdentifier_ThumbprintIdentifier = new KeyIdentifier("ThumbprintIdentifier");
public static final KeyIdentifier KeyIdentifier_EncryptedKeySha1Identifier = new KeyIdentifier("EncryptedKeySha1Identifier");
public static final KeyIdentifier KeyIdentifier_EmbeddedKeyIdentifierRef = new KeyIdentifier("EmbeddedKeyIdentifierRef");
public static final KeyIdentifier KeyIdentifier_UsernameTokenReference = new KeyIdentifier("UsernameTokenReference");
- public static final KeyIdentifier KeyIdentifier_SecurityTokenReference = new KeyIdentifier("SecurityTokenReference");
+ public static final KeyIdentifier KeyIdentifier_ExternalReference = new KeyIdentifier("ExternalReference");
public static final TokenType UsernameToken = new TokenType("UsernameToken");
public static final TokenType SecurityContextToken = new TokenType("SecurityContextToken");
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java Sat Jun 8 13:20:18 2013
@@ -25,10 +25,10 @@ import org.apache.wss4j.common.ext.WSSec
import org.apache.wss4j.stax.ext.WSSConfigurationException;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.wss4j.stax.impl.securityToken.X509V3SecurityTokenImpl;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.impl.securityToken.KerberosServiceSecurityTokenImpl;
import org.apache.wss4j.stax.impl.securityToken.X509PKIPathv1SecurityTokenImpl;
-import org.apache.wss4j.stax.impl.securityToken.X509_V3SecurityTokenImpl;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
@@ -54,12 +54,11 @@ public class BinarySecurityTokenValidato
try {
if (WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) {
Crypto crypto = getCrypto(tokenContext.getWssSecurityProperties());
- X509_V3SecurityTokenImpl x509V3SecurityToken = new X509_V3SecurityTokenImpl(
+ X509V3SecurityTokenImpl x509V3SecurityToken = new X509V3SecurityTokenImpl(
tokenContext.getWsSecurityContext(),
crypto,
tokenContext.getWssSecurityProperties().getCallbackHandler(),
securityTokenData, binarySecurityTokenType.getId(),
- WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference,
tokenContext.getWssSecurityProperties()
);
x509V3SecurityToken.setElementPath(tokenContext.getElementPath());
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java Sat Jun 8 13:20:18 2013
@@ -23,6 +23,7 @@ import org.apache.wss4j.common.ext.WSSec
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.stax.securityToken.SamlSecurityToken;
import org.apache.wss4j.stax.impl.securityToken.SamlSecurityTokenImpl;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
public class SamlTokenValidatorImpl extends SignatureTokenValidatorImpl implements SamlTokenValidator {
@@ -80,7 +81,7 @@ public class SamlTokenValidatorImpl exte
samlAssertionWrapper, subjectSecurityToken,
tokenContext.getWsSecurityContext(),
sigVerCrypto,
- null,
+ WSSecurityTokenConstants.KeyIdentifier_NoKeyInfo,
tokenContext.getWssSecurityProperties());
securityToken.setElementPath(tokenContext.getElementPath());
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java Sat Jun 8 13:20:18 2013
@@ -40,8 +40,8 @@ public class SecurityContextTokenValidat
throws WSSecurityException {
AbstractInboundSecurityToken securityContextToken = new AbstractInboundSecurityToken(
- tokenContext.getWsSecurityContext(),
- securityContextTokenType.getId(), null) {
+ tokenContext.getWsSecurityContext(), securityContextTokenType.getId(),
+ WSSecurityTokenConstants.KeyIdentifier_ExternalReference, false) {
@Override
public boolean isAsymmetric() {
@@ -73,7 +73,6 @@ public class SecurityContextTokenValidat
@Override
public WSSecurityTokenConstants.TokenType getTokenType() {
- //todo and set externalUriRef
return WSSecurityTokenConstants.SecurityContextToken;
}
};
Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java Sat Jun 8 13:20:18 2013
@@ -38,6 +38,7 @@ import org.apache.xml.security.stax.conf
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.ext.stax.XMLSecEventFactory;
+import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.stax.securityEvent.*;
import org.opensaml.common.SAMLVersion;
import org.testng.Assert;
@@ -128,7 +129,7 @@ public class InboundWSSecurityContextImp
UsernameSecurityTokenImpl usernameSecurityToken = new UsernameSecurityTokenImpl(
WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST,
"username", "password", new Date().toString(), null, new byte[10], 10L,
- null, null, null);
+ null, IDGenerator.generateID(null), WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
usernameSecurityToken.setElementPath(usernameTokenPath);
usernameSecurityToken.setXMLSecEvent(usernameTokenXmlEvent);
usernameTokenSecurityEvent.setSecurityToken(usernameSecurityToken);
@@ -318,7 +319,7 @@ public class InboundWSSecurityContextImp
UsernameSecurityTokenImpl usernameSecurityToken = new UsernameSecurityTokenImpl(
WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST,
"username", "password", new Date().toString(), null, new byte[10], 10L,
- null, null, null);
+ null, IDGenerator.generateID(null), WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
usernameSecurityToken.setElementPath(usernameTokenPath);
usernameSecurityToken.setXMLSecEvent(usernameTokenXmlEvent);
usernameTokenSecurityEvent.setSecurityToken(usernameSecurityToken);
@@ -561,7 +562,7 @@ public class InboundWSSecurityContextImp
UsernameSecurityTokenImpl usernameSecurityToken = new UsernameSecurityTokenImpl(
WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST,
"username", "password", new Date().toString(), null, new byte[10], 10L,
- null, null, null);
+ null, IDGenerator.generateID(null), WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
usernameSecurityToken.setElementPath(usernamePath);
usernameSecurityToken.setXMLSecEvent(usernameTokenXmlEvent);
usernameTokenSecurityEvent.setSecurityToken(usernameSecurityToken);
@@ -671,8 +672,8 @@ public class InboundWSSecurityContextImp
keyStore.load(this.getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
X509SecurityTokenImpl x509SecurityToken =
- new X509SecurityTokenImpl(tokenType, null, null, null, "",
- WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier, null) {
+ new X509SecurityTokenImpl(tokenType, null, null, null, IDGenerator.generateID(null),
+ WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier, null, true) {
@Override
protected String getAlias() throws WSSecurityException {