You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2009/06/08 13:53:41 UTC
svn commit: r782596 - in /webservices/wss4j/branches/1_5_x-fixes:
src/org/apache/ws/security/action/ src/org/apache/ws/security/handler/
test/wssec/
Author: coheigea
Date: Mon Jun 8 11:53:41 2009
New Revision: 782596
URL: http://svn.apache.org/viewvc?rev=782596&view=rev
Log:
[WSS-194] - Backmerging to 1_5_x-fixes branch.
Added:
webservices/wss4j/branches/1_5_x-fixes/test/wssec/MyHandler.java (with props)
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityWSS194.java
- copied, changed from r782593, webservices/wss4j/trunk/test/wssec/TestWSSecurityWSS194.java
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SignatureAction.java
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/RequestData.java
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandler.java
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandlerConstants.java
webservices/wss4j/branches/1_5_x-fixes/test/wssec/PackageTests.java
Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SignatureAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SignatureAction.java?rev=782596&r1=782595&r2=782596&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SignatureAction.java (original)
+++ webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SignatureAction.java Mon Jun 8 11:53:41 2009
@@ -29,7 +29,7 @@
throws WSSecurityException {
String password =
handler.getPassword(
- reqData.getUsername(),
+ reqData.getSignatureUser(),
actionToDo,
WSHandlerConstants.PW_CALLBACK_CLASS,
WSHandlerConstants.PW_CALLBACK_REF, reqData
@@ -48,7 +48,7 @@
wsSign.setDigestAlgo(reqData.getSigDigestAlgorithm());
}
- wsSign.setUserInfo(reqData.getUsername(), password);
+ wsSign.setUserInfo(reqData.getSignatureUser(), password);
if (reqData.getSignatureParts().size() > 0) {
wsSign.setParts(reqData.getSignatureParts());
}
Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/RequestData.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/RequestData.java?rev=782596&r1=782595&r2=782596&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/RequestData.java (original)
+++ webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/RequestData.java Mon Jun 8 11:53:41 2009
@@ -51,6 +51,7 @@
private String encKeyTransport = null;
private String encUser = null;
private Vector encryptParts = new Vector();
+ private String signatureUser = null;
private X509Certificate encCert = null;
private int timeToLive = 300; // Timestamp: time in seconds between creation and expiry
private WSSConfig wssConfig = null;
@@ -68,6 +69,7 @@
wssConfig = null;
signatureValues.clear();
signatureDigestAlgorithm = null;
+ signatureUser = null;
}
public Object getMsgContext() {
@@ -169,6 +171,14 @@
public Vector getSignatureParts() {
return signatureParts;
}
+
+ public String getSignatureUser() {
+ return signatureUser;
+ }
+
+ public void setSignatureUser(String signatureUser) {
+ this.signatureUser = signatureUser;
+ }
public Crypto getEncCrypto() {
return encCrypto;
Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandler.java?rev=782596&r1=782595&r2=782596&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandler.java (original)
+++ webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandler.java Mon Jun 8 11:53:41 2009
@@ -531,6 +531,14 @@
protected void decodeSignatureParameter(RequestData reqData)
throws WSSecurityException {
Object mc = reqData.getMsgContext();
+ String signatureUser = getString(WSHandlerConstants.SIGNATURE_USER, mc);
+
+ if (signatureUser != null) {
+ reqData.setSignatureUser(signatureUser);
+ } else {
+ reqData.setSignatureUser(reqData.getUsername());
+ }
+
String keyId = getString(WSHandlerConstants.SIG_KEY_ID, mc);
if (keyId != null) {
Integer id = (Integer) WSHandlerConstants.keyIdentifier.get(keyId);
Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandlerConstants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandlerConstants.java?rev=782596&r1=782595&r2=782596&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandlerConstants.java (original)
+++ webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/handler/WSHandlerConstants.java Mon Jun 8 11:53:41 2009
@@ -179,7 +179,7 @@
* </li>
* <li>The <i>Signing</i> function uses this name as the alias name
* in the keystore to get user's certificate and private key to
- * perform signing.
+ * perform signing if {@link #SIGNATURE_USER} is not used.
* </li>
* <li>The <i>encryption</i>
* functions uses this parameter as fallback if {@link #ENCRYPTION_USER}
@@ -297,18 +297,36 @@
* Encryption only does not authenticate a user / sender, therefore it
* does not need a password.
* <p/>
- * Placing the username of the encryption certficate in the WSDD is not
+ * Placing the username of the encryption certificate in the WSDD is not
* a security risk, because the public key of that certificate is used
* only.
* <p/>
* The application may set this parameter using the following method:
* <pre>
- * call.setProperty(WSHandlerConstants.ENCYRPTION_USER, "encryptionuser");
+ * call.setProperty(WSHandlerConstants.ENCYRPTION_USER, "encryptionUser");
* </pre>
* However, the parameter in the WSDD deployment file overwrites the
* property setting (deployment setting overwrites application setting).
*/
public static final String ENCRYPTION_USER = "encryptionUser";
+
+ /**
+ * The user's name for signature.
+ * <p/>
+ * This name is used as the alias name in the keystore to get user's
+ * certificate and private key to perform signing.
+ * <p/>
+ * If this parameter is not set, then the signature
+ * function falls back to the {@link #USER} parameter.
+ * <p/>
+ * The application may set this parameter using the following method:
+ * <pre>
+ * call.setProperty(WSHandlerConstants.SIGNATURE_USER, "signatureUser");
+ * </pre>
+ * However, the parameter in the WSDD deployment file overwrites the
+ * property setting (deployment setting overwrites application setting).
+ */
+ public static final String SIGNATURE_USER = "signatureUser";
/**
* Specifying this name as {@link #ENCRYPTION_USER}
Added: webservices/wss4j/branches/1_5_x-fixes/test/wssec/MyHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/MyHandler.java?rev=782596&view=auto
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/test/wssec/MyHandler.java (added)
+++ webservices/wss4j/branches/1_5_x-fixes/test/wssec/MyHandler.java Mon Jun 8 11:53:41 2009
@@ -0,0 +1,114 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package wssec;
+
+import org.apache.ws.security.handler.WSHandler;
+import org.apache.ws.security.handler.RequestData;
+import org.w3c.dom.Document;
+
+
+/**
+ * A trivial extension of the WSHandler type for use in unit-testing.
+ */
+public class MyHandler extends WSHandler {
+
+ public Object
+ getOption(String key) {
+ return null;
+ }
+
+ public void
+ setProperty(
+ Object ctx,
+ String key,
+ Object value
+ ) {
+ ((java.util.Map)ctx).put(key, value);
+ }
+
+ public Object
+ getProperty(Object ctx, String key) {
+ if (ctx instanceof java.util.Map) {
+ return ((java.util.Map)ctx).get(key);
+ }
+ return null;
+ }
+
+ public void
+ setPassword(Object msgContext, String password) {
+ }
+
+ public String
+ getPassword(Object msgContext) {
+ if (msgContext instanceof java.util.Map) {
+ return (String)((java.util.Map)msgContext).get("password");
+ }
+ return null;
+ }
+
+ public void send(
+ int action,
+ Document doc,
+ RequestData reqData,
+ java.util.Vector actions,
+ boolean request
+ ) throws org.apache.ws.security.WSSecurityException {
+ doSenderAction(
+ action,
+ doc,
+ reqData,
+ actions,
+ request
+ );
+ }
+
+ public void receive(
+ int action,
+ RequestData reqData
+ ) throws org.apache.ws.security.WSSecurityException {
+ doReceiverAction(
+ action,
+ reqData
+ );
+ }
+
+ public void signatureConfirmation(
+ RequestData requestData,
+ java.util.Vector results
+ ) throws org.apache.ws.security.WSSecurityException {
+ checkSignatureConfirmation(requestData, results);
+ }
+
+ public boolean checkResults(
+ java.util.Vector results,
+ java.util.Vector actions
+ ) throws org.apache.ws.security.WSSecurityException {
+ return checkReceiverResults(results, actions);
+ }
+
+ public boolean checkResultsAnyOrder(
+ java.util.Vector results,
+ java.util.Vector actions
+ ) throws org.apache.ws.security.WSSecurityException {
+ return checkReceiverResultsAnyOrder(results, actions);
+ }
+
+
+}
Propchange: webservices/wss4j/branches/1_5_x-fixes/test/wssec/MyHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/branches/1_5_x-fixes/test/wssec/MyHandler.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: webservices/wss4j/branches/1_5_x-fixes/test/wssec/PackageTests.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/PackageTests.java?rev=782596&r1=782595&r2=782596&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/test/wssec/PackageTests.java (original)
+++ webservices/wss4j/branches/1_5_x-fixes/test/wssec/PackageTests.java Mon Jun 8 11:53:41 2009
@@ -87,6 +87,7 @@
suite.addTestSuite(SignatureKeyValueTest.class);
suite.addTestSuite(TestWSSecurityResultsOrder.class);
suite.addTestSuite(TestWSSecurityWSS178.class);
+ suite.addTestSuite(TestWSSecurityWSS194.class);
return suite;
}
Copied: webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityWSS194.java (from r782593, webservices/wss4j/trunk/test/wssec/TestWSSecurityWSS194.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityWSS194.java?p2=webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityWSS194.java&p1=webservices/wss4j/trunk/test/wssec/TestWSSecurityWSS194.java&r1=782593&r2=782596&rev=782596&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityWSS194.java (original)
+++ webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityWSS194.java Mon Jun 8 11:53:41 2009
@@ -19,8 +19,10 @@
package wssec;
+import java.io.ByteArrayInputStream;
import java.io.IOException;
-import java.util.List;
+import java.io.InputStream;
+import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -30,6 +32,11 @@
import junit.framework.TestCase;
import junit.framework.TestSuite;
+import org.apache.axis.Message;
+import org.apache.axis.MessageContext;
+import org.apache.axis.client.AxisClient;
+import org.apache.axis.configuration.NullProvider;
+import org.apache.axis.message.SOAPEnvelope;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
@@ -62,6 +69,8 @@
+ "</SOAP-ENV:Body>"
+ "</SOAP-ENV:Envelope>";
private WSSecurityEngine secEngine = new WSSecurityEngine();
+ private MessageContext msgContext;
+ private SOAPEnvelope unsignedEnvelope;
/**
* TestWSSecurity constructor
@@ -82,6 +91,33 @@
public static Test suite() {
return new TestSuite(TestWSSecurityWSS194.class);
}
+
+ /**
+ * Setup method
+ * <p/>
+ *
+ * @throws java.lang.Exception Thrown when there is a problem in setup
+ */
+ protected void setUp() throws Exception {
+ AxisClient tmpEngine = new AxisClient(new NullProvider());
+ msgContext = new MessageContext(tmpEngine);
+ unsignedEnvelope = getSOAPEnvelope();
+ }
+
+ /**
+ * Constructs a soap envelope
+ * <p/>
+ *
+ * @return soap envelope
+ * @throws java.lang.Exception if there is any problem constructing the soap envelope
+ */
+ protected SOAPEnvelope getSOAPEnvelope() throws Exception {
+ InputStream in = new ByteArrayInputStream(SOAPMSG.getBytes());
+ Message msg = new Message(in);
+ msg.setMessageContext(msgContext);
+ return msg.getSOAPEnvelope();
+ }
+
/**
* Test involving adding a Username Token to a SOAP message and signing it, where the
@@ -94,14 +130,14 @@
final RequestData reqData = new RequestData();
reqData.setWssConfig(cfg);
reqData.setUsername("alice");
- reqData.setPwType(WSConstants.PASSWORD_TEXT);
+ reqData.setPwType(WSConstants.PASSWORD_DIGEST);
java.util.Map messageContext = new java.util.TreeMap();
messageContext.put(
WSHandlerConstants.PW_CALLBACK_REF,
this
);
- messageContext.put(WSHandlerConstants.SIGNATURE_USER, "wss40");
- messageContext.put(WSHandlerConstants.SIG_PROP_FILE, "wss40.properties");
+ messageContext.put(WSHandlerConstants.SIGNATURE_USER, "wss86");
+ messageContext.put(WSHandlerConstants.SIG_PROP_FILE, "wss86.properties");
messageContext.put(
WSHandlerConstants.SIGNATURE_PARTS,
"{}{" + WSConstants.WSSE_NS + "}" + "UsernameToken"
@@ -109,10 +145,10 @@
messageContext.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
reqData.setMsgContext(messageContext);
- final java.util.List actions = new java.util.Vector();
+ final java.util.Vector actions = new java.util.Vector();
actions.add(new Integer(WSConstants.UT));
actions.add(new Integer(WSConstants.SIGN));
- final Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
+ final Document doc = unsignedEnvelope.getAsDocument();
MyHandler handler = new MyHandler();
handler.send(
WSConstants.UT | WSConstants.SIGN,
@@ -141,10 +177,10 @@
* @param doc
* @throws Exception Thrown when there is a problem in verification
*/
- private List verify(Document doc) throws Exception {
- List results =
+ private Vector verify(Document doc) throws Exception {
+ Vector results =
secEngine.processSecurityHeader(
- doc, null, this, CryptoFactory.getInstance("wss40CA.properties")
+ doc, null, this, CryptoFactory.getInstance("wss86.properties")
);
if (LOG.isDebugEnabled()) {
LOG.debug("Verfied and decrypted message:");
@@ -165,7 +201,7 @@
&& "alice".equals(pc.getIdentifier())) {
pc.setPassword("verySecret");
} else if (pc.getUsage() == WSPasswordCallback.SIGNATURE
- && "wss40".equals(pc.getIdentifier())) {
+ && "wss86".equals(pc.getIdentifier())) {
pc.setPassword("security");
} else {
throw new IOException("Authentication failed");
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org