You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/09/19 16:21:13 UTC
svn commit: r1524751 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j:
PolicyBasedWSS4JStaxInInterceptor.java WSS4JStaxInInterceptor.java
Author: coheigea
Date: Thu Sep 19 14:21:13 2013
New Revision: 1524751
URL: http://svn.apache.org/r1524751
Log:
[CXF-5291] - Only activate caching for ws-security for the stax layer as well.
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java?rev=1524751&r1=1524750&r2=1524751&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java Thu Sep 19 14:21:13 2013
@@ -408,6 +408,42 @@ public class PolicyBasedWSS4JStaxInInter
super.configureProperties(msg);
}
+ /**
+ * Is a Nonce Cache required, i.e. are we expecting a UsernameToken
+ */
+ @Override
+ protected boolean isNonceCacheRequired(SoapMessage msg) {
+ AssertionInfoMap aim = msg.get(AssertionInfoMap.class);
+ if (aim != null) {
+ Collection<AssertionInfo> ais =
+ getAllAssertionsByLocalname(aim, SPConstants.USERNAME_TOKEN);
+
+ if (!ais.isEmpty()) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Is a Timestamp cache required, i.e. are we expecting a Timestamp
+ */
+ @Override
+ protected boolean isTimestampCacheRequired(SoapMessage msg) {
+ AssertionInfoMap aim = msg.get(AssertionInfoMap.class);
+ if (aim != null) {
+ Collection<AssertionInfo> ais =
+ getAllAssertionsByLocalname(aim, SPConstants.INCLUDE_TIMESTAMP);
+
+ if (!ais.isEmpty()) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
@Override
protected List<SecurityEventListener> configureSecurityEventListeners(
SoapMessage msg, WSSSecurityProperties securityProperties
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java?rev=1524751&r1=1524750&r2=1524751&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java Thu Sep 19 14:21:13 2013
@@ -187,10 +187,12 @@ public class WSS4JStaxInInterceptor exte
Map<String, Object> config = getProperties();
// Configure replay caching
- ReplayCache nonceCache =
- WSS4JUtils.getReplayCache(
+ ReplayCache nonceCache = null;
+ if (isNonceCacheRequired(msg)) {
+ nonceCache = WSS4JUtils.getReplayCache(
msg, SecurityConstants.ENABLE_NONCE_CACHE, SecurityConstants.NONCE_CACHE_INSTANCE
);
+ }
if (nonceCache == null) {
if (config != null) {
config.put(ConfigurationConstants.ENABLE_NONCE_CACHE, "false");
@@ -209,10 +211,12 @@ public class WSS4JStaxInInterceptor exte
}
}
- ReplayCache timestampCache =
- WSS4JUtils.getReplayCache(
+ ReplayCache timestampCache = null;
+ if (isTimestampCacheRequired(msg)) {
+ timestampCache = WSS4JUtils.getReplayCache(
msg, SecurityConstants.ENABLE_TIMESTAMP_CACHE, SecurityConstants.TIMESTAMP_CACHE_INSTANCE
);
+ }
if (timestampCache == null) {
if (config != null) {
config.put(ConfigurationConstants.ENABLE_TIMESTAMP_CACHE, "false");
@@ -275,6 +279,46 @@ public class WSS4JStaxInInterceptor exte
}
/**
+ * Is a Nonce Cache required, i.e. are we expecting a UsernameToken
+ */
+ protected boolean isNonceCacheRequired(SoapMessage msg) {
+ WSSSecurityProperties securityProperties = getSecurityProperties();
+
+ if (securityProperties != null && securityProperties.getOutAction() != null) {
+ for (WSSConstants.Action action : securityProperties.getOutAction()) {
+ if (action == WSSConstants.USERNAMETOKEN) {
+ return true;
+ }
+ }
+ } else if (actions != null
+ && (actions.contains(ConfigurationConstants.USERNAME_TOKEN)
+ || actions.contains(ConfigurationConstants.USERNAME_TOKEN_NO_PASSWORD))) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Is a Timestamp cache required, i.e. are we expecting a Timestamp
+ */
+ protected boolean isTimestampCacheRequired(SoapMessage msg) {
+ WSSSecurityProperties securityProperties = getSecurityProperties();
+
+ if (securityProperties != null && securityProperties.getOutAction() != null) {
+ for (WSSConstants.Action action : securityProperties.getOutAction()) {
+ if (action == WSSConstants.TIMESTAMP) {
+ return true;
+ }
+ }
+ } else if (actions != null && actions.contains(ConfigurationConstants.TIMESTAMP)) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
* Create a SoapFault from a WSSecurityException, following the SOAP Message Security
* 1.1 specification, chapter 12 "Error Handling".
*