You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2019/02/05 12:02:08 UTC
svn commit: r1852997 -
/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/CustomTokenAction.java
Author: coheigea
Date: Tue Feb 5 12:02:08 2019
New Revision: 1852997
URL: http://svn.apache.org/viewvc?rev=1852997&view=rev
Log:
CustomTokenAction can now add any org.w3c.dom.Element to security header independent from implementation
Modified:
webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/CustomTokenAction.java
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/CustomTokenAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/CustomTokenAction.java?rev=1852997&r1=1852996&r2=1852997&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/CustomTokenAction.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/CustomTokenAction.java Tue Feb 5 12:02:08 2019
@@ -6,7 +6,7 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
@@ -19,20 +19,20 @@
package org.apache.wss4j.dom.action;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-
-import org.w3c.dom.Element;
import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
+import org.w3c.dom.Element;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
public class CustomTokenAction implements Action {
public void execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
- throws WSSecurityException {
+ throws WSSecurityException {
CallbackHandler callbackHandler = reqData.getCallbackHandler();
if (callbackHandler == null) {
callbackHandler = handler.getPasswordCallbackHandler(reqData);
@@ -40,28 +40,36 @@ public class CustomTokenAction implement
if (callbackHandler == null) {
throw new WSSecurityException(
- WSSecurityException.ErrorCode.FAILURE, "noCallback"
+ WSSecurityException.ErrorCode.FAILURE, "noCallback"
);
}
WSPasswordCallback wsPasswordCallback =
- new WSPasswordCallback(reqData.getUsername(), WSPasswordCallback.CUSTOM_TOKEN);
+ new WSPasswordCallback(reqData.getUsername(), WSPasswordCallback.CUSTOM_TOKEN);
try {
callbackHandler.handle(new Callback[]{wsPasswordCallback});
} catch (Exception e) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e,
- "empty", new Object[] {"WSHandler: password callback failed"});
+ "empty", new Object[]{"WSHandler: password callback failed"});
}
Element customToken = wsPasswordCallback.getCustomToken();
if (customToken == null) {
throw new WSSecurityException(
- WSSecurityException.ErrorCode.FAILURE, "resourceNotFound", new Object[] {"CustomToken"}
+ WSSecurityException.ErrorCode.FAILURE, "resourceNotFound", new Object[]{"CustomToken"}
);
}
- Element securityHeader = reqData.getSecHeader().getSecurityHeaderElement();
- securityHeader.appendChild(securityHeader.getOwnerDocument().adoptNode(customToken));
+ try {
+ Element securityHeader = reqData.getSecHeader().getSecurityHeaderElement();
+ //Prepare custom token for appending step
+ customToken = (Element) securityHeader.getOwnerDocument().importNode(customToken, true);
+ //Append custom token to security header
+ securityHeader.appendChild(customToken);
+ } catch (Exception e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e,
+ "customTokenAppendFailure");
+ }
}
}