You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2017/02/13 11:20:05 UTC
svn commit: r1782748 [7/9] - in /webservices/wss4j/trunk:
bindings/src/main/java/org/apache/wss4j/binding/wssc200502/
policy/src/main/java/org/apache/wss4j/policy/builders/
policy/src/main/java/org/apache/wss4j/policy/model/
ws-security-common/src/main...
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java Mon Feb 13 11:20:02 2017
@@ -95,7 +95,7 @@ public class X509TokenAssertionState ext
if (x509Token.getIssuerName() != null) {
final String certificateIssuerName = x509Certificate.getIssuerX500Principal().getName();
if (!x509Token.getIssuerName().equals(certificateIssuerName)) {
- setErrorMessage("IssuerName in Policy (" + x509Token.getIssuerName()
+ setErrorMessage("IssuerName in Policy (" + x509Token.getIssuerName()
+ ") didn't match with the one in the certificate (" + certificateIssuerName + ")");
getPolicyAsserter().unassertPolicy(getAssertion(), getErrorMessage());
return false;
@@ -148,9 +148,9 @@ public class X509TokenAssertionState ext
switch (x509Token.getTokenType()) {
case WssX509V3Token10:
case WssX509V3Token11:
- if (!WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType())
+ if (!WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType())
|| x509Certificate.getVersion() != 3) {
- setErrorMessage("X509Certificate Version " + x509Certificate.getVersion()
+ setErrorMessage("X509Certificate Version " + x509Certificate.getVersion()
+ " mismatch; Policy enforces " + x509Token.getTokenType());
getPolicyAsserter().unassertPolicy(new QName(namespace, x509Token.getTokenType().name()),
getErrorMessage());
@@ -160,9 +160,9 @@ public class X509TokenAssertionState ext
break;
case WssX509V1Token10:
case WssX509V1Token11:
- if (!WSSecurityTokenConstants.X509V1Token.equals(securityToken.getTokenType())
+ if (!WSSecurityTokenConstants.X509V1Token.equals(securityToken.getTokenType())
|| x509Certificate.getVersion() != 1) {
- setErrorMessage("X509Certificate Version " + x509Certificate.getVersion()
+ setErrorMessage("X509Certificate Version " + x509Certificate.getVersion()
+ " mismatch; Policy enforces " + x509Token.getTokenType());
getPolicyAsserter().unassertPolicy(new QName(namespace, SPConstants.WSS_X509_V1_TOKEN11),
getErrorMessage());
@@ -173,7 +173,7 @@ public class X509TokenAssertionState ext
case WssX509PkiPathV1Token10:
case WssX509PkiPathV1Token11:
if (!WSSecurityTokenConstants.X509PkiPathV1Token.equals(securityToken.getTokenType())) {
- setErrorMessage("Policy enforces " + x509Token.getTokenType()
+ setErrorMessage("Policy enforces " + x509Token.getTokenType()
+ " but we got " + securityToken.getTokenType());
getPolicyAsserter().unassertPolicy(new QName(namespace, x509Token.getTokenType().name()),
getErrorMessage());
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcer.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcer.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcer.java Mon Feb 13 11:20:02 2017
@@ -184,7 +184,7 @@ public class PolicyEnforcer implements S
return null;
}
- private OperationPolicy findPolicyBySOAPOperationName(List<OperationPolicy> operationPolicies,
+ private OperationPolicy findPolicyBySOAPOperationName(List<OperationPolicy> operationPolicies,
QName soapOperationName) {
Iterator<OperationPolicy> operationPolicyIterator = operationPolicies.iterator();
OperationPolicy noNamespaceOperation = null;
@@ -220,7 +220,7 @@ public class PolicyEnforcer implements S
while (policyComponentIterator.hasNext()) {
PolicyComponent curPolicyComponent = policyComponentIterator.next();
if (policyOperator instanceof ExactlyOne) {
- assertionStateMap.add(new HashMap<SecurityEventConstants.Event,
+ assertionStateMap.add(new HashMap<SecurityEventConstants.Event,
Map<Assertion, List<Assertable>>>());
buildAssertionStateMap(curPolicyComponent, assertionStateMap, alternative++);
} else {
@@ -228,15 +228,15 @@ public class PolicyEnforcer implements S
}
}
} else {
- throw new WSSPolicyException("Invalid PolicyComponent: " + policyComponent
+ throw new WSSPolicyException("Invalid PolicyComponent: " + policyComponent
+ " " + policyComponent.getType());
}
}
private void buildAssertionStateMap(
PolicyComponent policyComponent,
- List<Map<SecurityEventConstants.Event,
- Map<Assertion, List<Assertable>>>> assertionStateMap,
+ List<Map<SecurityEventConstants.Event,
+ Map<Assertion, List<Assertable>>>> assertionStateMap,
int alternative
) throws WSSPolicyException {
if (policyComponent instanceof PolicyOperator) {
@@ -254,7 +254,7 @@ public class PolicyEnforcer implements S
Iterator<Assertable> assertableIterator = assertablesList.iterator();
while (assertableIterator.hasNext()) {
Assertable assertable = assertableIterator.next();
- final Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
+ final Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
assertionStateMap.get(alternative);
final SecurityEventConstants.Event[] securityEventType = assertable.getSecurityEventType();
for (int j = 0; j < securityEventType.length; j++) {
@@ -268,17 +268,17 @@ public class PolicyEnforcer implements S
}
}
if (abstractSecurityAssertion instanceof PolicyContainingAssertion) {
- buildAssertionStateMap(((PolicyContainingAssertion) abstractSecurityAssertion).getPolicy(),
+ buildAssertionStateMap(((PolicyContainingAssertion) abstractSecurityAssertion).getPolicy(),
assertionStateMap, alternative);
}
} else if (!(policyComponent instanceof PrimitiveAssertion)) {
- throw new WSSPolicyException("Unsupported PolicyComponent: " + policyComponent
+ throw new WSSPolicyException("Unsupported PolicyComponent: " + policyComponent
+ " type: " + policyComponent.getType());
}
}
- private void addAssertionState(Map<Assertion, List<Assertable>> assertables,
- Assertion keyAssertion,
+ private void addAssertionState(Map<Assertion, List<Assertable>> assertables,
+ Assertion keyAssertion,
Assertable assertable) {
List<Assertable> assertableList = assertables.get(keyAssertion);
if (assertableList == null) {
@@ -287,7 +287,7 @@ public class PolicyEnforcer implements S
}
assertableList.add(assertable);
}
-
+
// Don't return a Token that is not required
private boolean isTokenRequired(AbstractToken token) {
SPConstants.IncludeTokenType includeTokenType = token.getIncludeTokenType();
@@ -303,7 +303,7 @@ public class PolicyEnforcer implements S
return true;
}
- protected List<Assertable> getAssertableForAssertion(AbstractSecurityAssertion abstractSecurityAssertion)
+ protected List<Assertable> getAssertableForAssertion(AbstractSecurityAssertion abstractSecurityAssertion)
throws WSSPolicyException {
List<Assertable> assertableList = new LinkedList<>();
boolean tokenRequired = true;
@@ -312,9 +312,9 @@ public class PolicyEnforcer implements S
}
if (abstractSecurityAssertion instanceof ContentEncryptedElements) {
- // initialized with asserted=true because it could be that parent elements are encrypted and
+ // initialized with asserted=true because it could be that parent elements are encrypted and
// therefore these element are also encrypted
- // the test if it is really encrypted is done via the PolicyInputProcessor which emits
+ // the test if it is really encrypted is done via the PolicyInputProcessor which emits
// EncryptedElementEvents for unencrypted elements with the unencrypted flag
assertableList.add(new ContentEncryptedElementsAssertionState(abstractSecurityAssertion, policyAsserter, true));
} else if (abstractSecurityAssertion instanceof EncryptedParts) {
@@ -324,9 +324,9 @@ public class PolicyEnforcer implements S
// initialized with asserted=true with the same reason as by the EncryptedParts above
assertableList.add(new EncryptedElementsAssertionState(abstractSecurityAssertion, policyAsserter, true));
} else if (abstractSecurityAssertion instanceof SignedParts) {
- // initialized with asserted=true because it could be that parent elements are signed and
+ // initialized with asserted=true because it could be that parent elements are signed and
// therefore these element are also signed
- // the test if it is really signed is done via the PolicyInputProcessor which emits SignedElementEvents for
+ // the test if it is really signed is done via the PolicyInputProcessor which emits SignedElementEvents for
// unsigned elements with the unsigned flag
assertableList.add(new SignedPartsAssertionState(abstractSecurityAssertion, policyAsserter, true, attachmentCount));
} else if (abstractSecurityAssertion instanceof SignedElements) {
@@ -347,10 +347,10 @@ public class PolicyEnforcer implements S
} else if (abstractSecurityAssertion instanceof SpnegoContextToken) {
assertableList.add(new SpnegoContextTokenAssertionState(abstractSecurityAssertion, !tokenRequired, policyAsserter, initiator));
} else if (abstractSecurityAssertion instanceof SecureConversationToken) {
- assertableList.add(new SecureConversationTokenAssertionState(abstractSecurityAssertion, !tokenRequired,
+ assertableList.add(new SecureConversationTokenAssertionState(abstractSecurityAssertion, !tokenRequired,
policyAsserter, initiator));
} else if (abstractSecurityAssertion instanceof SecurityContextToken) {
- assertableList.add(new SecurityContextTokenAssertionState(abstractSecurityAssertion, !tokenRequired,
+ assertableList.add(new SecurityContextTokenAssertionState(abstractSecurityAssertion, !tokenRequired,
policyAsserter, initiator));
} else if (abstractSecurityAssertion instanceof SamlToken) {
assertableList.add(new SamlTokenAssertionState(abstractSecurityAssertion, !tokenRequired, policyAsserter, initiator));
@@ -376,13 +376,13 @@ public class PolicyEnforcer implements S
policyAsserter.assertPolicy(abstractSecurityAssertion);
AbstractBinding abstractBinding = (AbstractBinding) abstractSecurityAssertion;
if (abstractBinding instanceof AbstractSymmetricAsymmetricBinding) {
- AbstractSymmetricAsymmetricBinding abstractSymmetricAsymmetricBinding =
+ AbstractSymmetricAsymmetricBinding abstractSymmetricAsymmetricBinding =
(AbstractSymmetricAsymmetricBinding) abstractSecurityAssertion;
assertableList.add(new ProtectionOrderAssertionState(abstractSymmetricAsymmetricBinding, policyAsserter, true));
assertableList.add(new SignatureProtectionAssertionState(abstractSymmetricAsymmetricBinding, policyAsserter, true));
if (abstractSymmetricAsymmetricBinding.isOnlySignEntireHeadersAndBody()) {
//initialized with asserted=true because we do negative matching
- assertableList.add(new OnlySignEntireHeadersAndBodyAssertionState(abstractSecurityAssertion, policyAsserter,
+ assertableList.add(new OnlySignEntireHeadersAndBodyAssertionState(abstractSecurityAssertion, policyAsserter,
true, actorOrRole));
}
assertableList.add(new TokenProtectionAssertionState(abstractSecurityAssertion, policyAsserter, true));
@@ -478,7 +478,7 @@ public class PolicyEnforcer implements S
policyAsserter.assertPolicy(new QName(namespace, SPConstants.REQUIRE_APPLIES_TO));
}
if (trust13.isRequireRequestSecurityTokenCollection()) {
- policyAsserter.assertPolicy(new QName(namespace,
+ policyAsserter.assertPolicy(new QName(namespace,
SPConstants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION));
}
if (trust13.isScopePolicy15()) {
@@ -488,11 +488,11 @@ public class PolicyEnforcer implements S
} else {
policyAsserter.assertPolicy(abstractSecurityAssertion);
}
-
+
/*else if (abstractSecurityAssertion instanceof AsymmetricBinding) {
} else if (abstractSecurityAssertion instanceof SymmetricBinding) {
} else if (abstractSecurityAssertion instanceof TransportBinding) {
- } */
+ } */
return assertableList;
}
@@ -506,26 +506,26 @@ public class PolicyEnforcer implements S
private void verifyPolicy(SecurityEvent securityEvent) throws WSSPolicyException, XMLSecurityException {
// We have to check the failed assertions for logging purposes firstly...
if (!this.failedAssertionStateMap.isEmpty()) {
- Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
+ Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
this.failedAssertionStateMap.iterator();
alternative:
while (assertionStateMapIterator.hasNext()) {
- Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
+ Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
assertionStateMapIterator.next();
// every list entry counts as an alternative...
Map<Assertion, List<Assertable>> assertionListMap = map.get(securityEvent.getSecurityEventType());
if (assertionListMap != null && assertionListMap.size() > 0) {
- Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
+ Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
assertionListMap.entrySet().iterator();
while (assertionStateIterator.hasNext()) {
- Map.Entry<Assertion, List<Assertable>> assertionStateEntry =
+ Map.Entry<Assertion, List<Assertable>> assertionStateEntry =
assertionStateIterator.next();
List<Assertable> assertionStates = assertionStateEntry.getValue();
Iterator<Assertable> assertableIterator = assertionStates.iterator();
while (assertableIterator.hasNext()) {
Assertable assertable = assertableIterator.next();
boolean asserted = assertable.assertEvent(securityEvent);
- // ...so if one fails, continue with the next map entry and
+ // ...so if one fails, continue with the next map entry and
// increment the notAssertedCount
if (!asserted) {
continue alternative;
@@ -538,16 +538,16 @@ public class PolicyEnforcer implements S
String assertionMessage = null;
//...and then check the remaining alternatives
- Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
+ Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
this.assertionStateMap.iterator();
//every map entry counts as an alternative...
alternative:
while (assertionStateMapIterator.hasNext()) {
- Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
+ Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
assertionStateMapIterator.next();
Map<Assertion, List<Assertable>> assertionListMap = map.get(securityEvent.getSecurityEventType());
if (assertionListMap != null && assertionListMap.size() > 0) {
- Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
+ Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
assertionListMap.entrySet().iterator();
while (assertionStateIterator.hasNext()) {
Map.Entry<Assertion, List<Assertable>> assertionStateEntry = assertionStateIterator.next();
@@ -583,18 +583,18 @@ public class PolicyEnforcer implements S
*/
private void verifyPolicy() throws WSSPolicyException {
String assertionMessage = null;
- Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
+ Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
this.assertionStateMap.iterator();
alternative:
while (assertionStateMapIterator.hasNext()) {
- Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
+ Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
assertionStateMapIterator.next();
- Iterator<Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> iterator =
+ Iterator<Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> iterator =
map.entrySet().iterator();
while (iterator.hasNext()) {
- Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> mapEntry =
+ Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> mapEntry =
iterator.next();
- Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
+ Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
mapEntry.getValue().entrySet().iterator();
while (assertionStateIterator.hasNext()) {
Map.Entry<Assertion, List<Assertable>> assertionListEntry = assertionStateIterator.next();
@@ -627,18 +627,18 @@ public class PolicyEnforcer implements S
*/
private void verifyPolicyAfterOperationSecurityEvent() throws WSSPolicyException {
String assertionMessage = null;
- Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
+ Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
this.assertionStateMap.iterator();
alternative:
while (assertionStateMapIterator.hasNext()) {
- Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
+ Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
assertionStateMapIterator.next();
- Iterator<Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> iterator =
+ Iterator<Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> iterator =
map.entrySet().iterator();
while (iterator.hasNext()) {
- Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> mapEntry =
+ Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> mapEntry =
iterator.next();
- Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
+ Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateIterator =
mapEntry.getValue().entrySet().iterator();
while (assertionStateIterator.hasNext()) {
Map.Entry<Assertion, List<Assertable>> assertionListEntry = assertionStateIterator.next();
@@ -653,18 +653,18 @@ public class PolicyEnforcer implements S
AbstractToken abstractToken = (AbstractToken) tokenAssertionState.getAssertion();
AbstractSecurityAssertion assertion = abstractToken.getParentAssertion();
//Other tokens may not be resolved yet fully therefore we skip it here
- if (assertion instanceof SupportingTokens
- || assertable instanceof HttpsTokenAssertionState
- || assertable instanceof RelTokenAssertionState
- || assertable instanceof SecurityContextTokenAssertionState
- || assertable instanceof SpnegoContextTokenAssertionState
+ if (assertion instanceof SupportingTokens
+ || assertable instanceof HttpsTokenAssertionState
+ || assertable instanceof RelTokenAssertionState
+ || assertable instanceof SecurityContextTokenAssertionState
+ || assertable instanceof SpnegoContextTokenAssertionState
|| assertable instanceof UsernameTokenAssertionState) {
doAssert = true;
}
} else if (assertable instanceof TokenProtectionAssertionState
- || assertable instanceof SignatureConfirmationAssertionState
+ || assertable instanceof SignatureConfirmationAssertionState
|| assertable instanceof IncludeTimeStampAssertionState
- || assertable instanceof RequiredPartsAssertionState
+ || assertable instanceof RequiredPartsAssertionState
|| assertable instanceof SignatureProtectionAssertionState) {
doAssert = true;
}
@@ -690,19 +690,19 @@ public class PolicyEnforcer implements S
return;
}
- Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
+ Iterator<Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> assertionStateMapIterator =
this.failedAssertionStateMap.iterator();
while (assertionStateMapIterator.hasNext()) {
- Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
+ Map<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> map =
assertionStateMapIterator.next();
Set<Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> entrySet = map.entrySet();
- Iterator<Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> entryIterator =
+ Iterator<Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>>> entryIterator =
entrySet.iterator();
while (entryIterator.hasNext()) {
- Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> eventCollectionEntry =
+ Map.Entry<SecurityEventConstants.Event, Map<Assertion, List<Assertable>>> eventCollectionEntry =
entryIterator.next();
Map<Assertion, List<Assertable>> assertionListMap = eventCollectionEntry.getValue();
- Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateEntryIterator =
+ Iterator<Map.Entry<Assertion, List<Assertable>>> assertionStateEntryIterator =
assertionListMap.entrySet().iterator();
while (assertionStateEntryIterator.hasNext()) {
Map.Entry<Assertion, List<Assertable>> entry = assertionStateEntryIterator.next();
@@ -745,7 +745,7 @@ public class PolicyEnforcer implements S
}
if (effectivePolicy == null) {
- effectivePolicy = findPolicyBySOAPOperationName(operationPolicies,
+ effectivePolicy = findPolicyBySOAPOperationName(operationPolicies,
operationSecurityEvent.getOperation());
if (effectivePolicy == null) {
//no policy to the operation given
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcerFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcerFactory.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcerFactory.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyEnforcerFactory.java Mon Feb 13 11:20:02 2017
@@ -163,7 +163,7 @@ public class PolicyEnforcerFactory {
return newInstance(wsdlUrl, null);
}
- public static PolicyEnforcerFactory newInstance(URL wsdlUrl,
+ public static PolicyEnforcerFactory newInstance(URL wsdlUrl,
List<AssertionBuilder<Element>> customAssertionBuilders)
throws WSSPolicyException {
@@ -176,7 +176,7 @@ public class PolicyEnforcerFactory {
return newInstance(document, null);
}
- public static PolicyEnforcerFactory newInstance(Document document,
+ public static PolicyEnforcerFactory newInstance(Document document,
List<AssertionBuilder<Element>> customAssertionBuilders)
throws WSSPolicyException {
@@ -264,7 +264,7 @@ public class PolicyEnforcerFactory {
return operationPolicyList;
}
- private Policy getPolicy(Service service, Port port, Binding binding,
+ private Policy getPolicy(Service service, Port port, Binding binding,
BindingOperation bindingOperation, Operation operation) throws WSSPolicyException {
List<Policy> policies = new ArrayList<>();
@@ -364,12 +364,12 @@ public class PolicyEnforcerFactory {
for (int i = 0; i < extensibilityElements.size(); i++) {
ExtensibilityElement extensibilityElement = extensibilityElements.get(i);
if (extensibilityElement instanceof UnknownExtensibilityElement) {
- UnknownExtensibilityElement unknownExtensibilityElement =
+ UnknownExtensibilityElement unknownExtensibilityElement =
(UnknownExtensibilityElement) extensibilityElement;
if (unknownExtensibilityElement.getElementType().getLocalPart().equals("PolicyReference")) {
String uri = unknownExtensibilityElement.getElement().getAttributeNS(null, "URI").substring(1);
- NodeList policyNodeList =
- unknownExtensibilityElement.getElement().getOwnerDocument().getElementsByTagNameNS("*",
+ NodeList policyNodeList =
+ unknownExtensibilityElement.getElement().getOwnerDocument().getElementsByTagNameNS("*",
"Policy");
boolean found = false;
@@ -428,7 +428,7 @@ public class PolicyEnforcerFactory {
* creates a new PolicyEnforcer instance
* @param soapAction The requested soapAction of the actual request
* @param initiator Boolean flag to tell the engine if it is running in client or server mode
- * @param roleOrActor The actor or role of the security processing. Must be set to the same value
+ * @param roleOrActor The actor or role of the security processing. Must be set to the same value
* as WSSSecurityProperties#setActor()
* @param attachmentCount The number of Attachments received in the message
* @return the newly created PolicyEnforcer instance
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyInputProcessor.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyInputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/enforcer/PolicyInputProcessor.java Mon Feb 13 11:20:02 2017
@@ -188,7 +188,7 @@ public class PolicyInputProcessor extend
//the body element has documentLevel 2 but we have to use 3 because
//the body element itself is never encrypted but child elements are. So we
//test for the body child element.
-
+
EncryptedPartSecurityEvent encryptedPartSecurityEvent
= new EncryptedPartSecurityEvent(null, false, null);
encryptedPartSecurityEvent.setElementPath(elementPath);
@@ -246,7 +246,7 @@ public class PolicyInputProcessor extend
protected void init(InputProcessorChain inputProcessorChain) {
if (!this.initDone) {
this.initDone = true;
- this.transportSecurityActive =
+ this.transportSecurityActive =
Boolean.TRUE.equals(inputProcessorChain.getSecurityContext().get(WSSConstants.TRANSPORT_SECURITY_ACTIVE));
inputProcessorChain.getSecurityContext().put(WSSConstants.PROP_ALLOW_RSA15_KEYTRANSPORT_ALGORITHM, Boolean.TRUE);
inputProcessorChain.getSecurityContext().put(WSSConstants.PROP_ALLOW_USERNAMETOKEN_NOPASSWORD, Boolean.TRUE.toString());
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSConstants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSConstants.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSConstants.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSConstants.java Mon Feb 13 11:20:02 2017
@@ -99,9 +99,9 @@ public class WSSConstants extends XMLSec
public static final QName TAG_WSU_CREATED = new QName(NS_WSU10, "Created", PREFIX_WSU);
public static final QName TAG_WSU_EXPIRES = new QName(NS_WSU10, "Expires", PREFIX_WSU);
- public static final String NS10_SOAPMESSAGE_SECURITY =
+ public static final String NS10_SOAPMESSAGE_SECURITY =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0";
- public static final String NS11_SOAPMESSAGE_SECURITY =
+ public static final String NS11_SOAPMESSAGE_SECURITY =
"http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1";
public static final String NS_X509TOKEN_PROFILE =
@@ -123,7 +123,7 @@ public class WSSConstants extends XMLSec
public static final QName TAG_WSSE11_SALT = new QName(NS_WSSE11, "Salt", PREFIX_WSSE11);
public static final QName TAG_WSSE11_ITERATION = new QName(NS_WSSE11, "Iteration", PREFIX_WSSE11);
- public static final String NS_USERNAMETOKEN_PROFILE11 =
+ public static final String NS_USERNAMETOKEN_PROFILE11 =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0";
public static final String NS_PASSWORD_DIGEST = NS_USERNAMETOKEN_PROFILE11 + "#PasswordDigest";
public static final String NS_PASSWORD_TEXT = NS_USERNAMETOKEN_PROFILE11 + "#PasswordText";
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java Mon Feb 13 11:20:02 2017
@@ -122,9 +122,9 @@ public class InboundWSSecurityContextImp
if (!allowRSA15KeyTransportAlgorithm && SecurityEventConstants.AlgorithmSuite.equals(securityEvent.getSecurityEventType())) {
AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = (AlgorithmSuiteSecurityEvent)securityEvent;
Boolean allowRSA15 = get(WSSConstants.PROP_ALLOW_RSA15_KEYTRANSPORT_ALGORITHM);
- if ((allowRSA15 == null || !allowRSA15)
+ if ((allowRSA15 == null || !allowRSA15)
&& WSSConstants.NS_XENC_RSA15.equals(algorithmSuiteSecurityEvent.getAlgorithmURI())) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK,
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK,
WSSConstants.PROP_ALLOW_RSA15_KEYTRANSPORT_ALGORITHM);
}
}
@@ -157,14 +157,14 @@ public class InboundWSSecurityContextImp
HttpsTokenSecurityEvent actHttpsTokenSecurityEvent = (HttpsTokenSecurityEvent) tokenSecurityEvent;
actHttpsTokenSecurityEvent.getSecurityToken().getTokenUsages().clear();
actHttpsTokenSecurityEvent.getSecurityToken().addTokenUsage(WSSecurityTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
- messageTokens.messageSignatureTokens =
+ messageTokens.messageSignatureTokens =
addTokenSecurityEvent(actHttpsTokenSecurityEvent, messageTokens.messageSignatureTokens);
HttpsTokenSecurityEvent clonedHttpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
clonedHttpsTokenSecurityEvent.setAuthenticationType(actHttpsTokenSecurityEvent.getAuthenticationType());
clonedHttpsTokenSecurityEvent.setIssuerName(actHttpsTokenSecurityEvent.getIssuerName());
clonedHttpsTokenSecurityEvent.setSecurityToken(actHttpsTokenSecurityEvent.getSecurityToken());
clonedHttpsTokenSecurityEvent.getSecurityToken().addTokenUsage(WSSecurityTokenConstants.TOKENUSAGE_MAIN_ENCRYPTION);
- messageTokens.messageEncryptionTokens =
+ messageTokens.messageEncryptionTokens =
addTokenSecurityEvent(actHttpsTokenSecurityEvent, messageTokens.messageEncryptionTokens);
httpsTokenSecurityEvent = clonedHttpsTokenSecurityEvent;
continue;
@@ -209,7 +209,7 @@ public class InboundWSSecurityContextImp
}
if (messageTokens.messageSignatureTokens.isEmpty()) {
- for (Iterator<TokenSecurityEvent<? extends InboundSecurityToken>> iterator =
+ for (Iterator<TokenSecurityEvent<? extends InboundSecurityToken>> iterator =
messageTokens.supportingTokens.iterator(); iterator.hasNext();) {
TokenSecurityEvent<? extends InboundSecurityToken> supportingToken = iterator.next();
if (supportingToken.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_Signature)) {
@@ -221,7 +221,7 @@ public class InboundWSSecurityContextImp
}
if (messageTokens.messageEncryptionTokens.isEmpty()) {
- for (Iterator<TokenSecurityEvent<? extends InboundSecurityToken>> iterator =
+ for (Iterator<TokenSecurityEvent<? extends InboundSecurityToken>> iterator =
messageTokens.supportingTokens.iterator(); iterator.hasNext();) {
TokenSecurityEvent<? extends InboundSecurityToken> supportingToken = iterator.next();
if (supportingToken.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_Encryption)) {
@@ -240,26 +240,26 @@ public class InboundWSSecurityContextImp
setTokenUsage(messageTokens.messageEncryptionTokens, WSSecurityTokenConstants.TOKENUSAGE_MAIN_ENCRYPTION);
setTokenUsage(messageTokens.supportingTokens, WSSecurityTokenConstants.TOKENUSAGE_SUPPORTING_TOKENS);
setTokenUsage(messageTokens.signedSupportingTokens, WSSecurityTokenConstants.TOKENUSAGE_SIGNED_SUPPORTING_TOKENS);
- setTokenUsage(messageTokens.endorsingSupportingTokens,
+ setTokenUsage(messageTokens.endorsingSupportingTokens,
WSSecurityTokenConstants.TOKENUSAGE_ENDORSING_SUPPORTING_TOKENS);
- setTokenUsage(messageTokens.signedEndorsingSupportingTokens,
+ setTokenUsage(messageTokens.signedEndorsingSupportingTokens,
WSSecurityTokenConstants.TOKENUSAGE_SIGNED_ENDORSING_SUPPORTING_TOKENS);
- setTokenUsage(messageTokens.signedEncryptedSupportingTokens,
+ setTokenUsage(messageTokens.signedEncryptedSupportingTokens,
WSSecurityTokenConstants.TOKENUSAGE_SIGNED_ENCRYPTED_SUPPORTING_TOKENS);
- setTokenUsage(messageTokens.encryptedSupportingTokens,
+ setTokenUsage(messageTokens.encryptedSupportingTokens,
WSSecurityTokenConstants.TOKENUSAGE_ENCRYPTED_SUPPORTING_TOKENS);
- setTokenUsage(messageTokens.endorsingEncryptedSupportingTokens,
+ setTokenUsage(messageTokens.endorsingEncryptedSupportingTokens,
WSSecurityTokenConstants.TOKENUSAGE_ENDORSING_ENCRYPTED_SUPPORTING_TOKENS);
- setTokenUsage(messageTokens.signedEndorsingEncryptedSupportingTokens,
+ setTokenUsage(messageTokens.signedEndorsingEncryptedSupportingTokens,
WSSecurityTokenConstants.TOKENUSAGE_SIGNED_ENDORSING_ENCRYPTED_SUPPORTING_TOKENS);
}
-
+
private void parseSupportingTokens(MessageTokens messageTokens, HttpsTokenSecurityEvent httpsTokenSecurityEvent,
Deque<SecurityEvent> securityEventDeque) throws XMLSecurityException {
Iterator<TokenSecurityEvent<? extends InboundSecurityToken>> supportingTokensIterator = messageTokens.supportingTokens.iterator();
while (supportingTokensIterator.hasNext()) {
TokenSecurityEvent<? extends InboundSecurityToken> tokenSecurityEvent = supportingTokensIterator.next();
- List<InboundSecurityToken> signingSecurityTokens =
+ List<InboundSecurityToken> signingSecurityTokens =
isSignedToken(tokenSecurityEvent, securityEventDeque, httpsTokenSecurityEvent);
List<QName> signatureElementPath = new ArrayList<>(4);
@@ -271,9 +271,9 @@ public class InboundWSSecurityContextImp
List<QName> signatureConfirmationElementPath = new ArrayList<>(4);
signatureConfirmationElementPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
signatureConfirmationElementPath.add(WSSConstants.TAG_WSSE11_SIG_CONF);
- boolean signsSignatureConfirmation =
+ boolean signsSignatureConfirmation =
signsElement(tokenSecurityEvent, signatureConfirmationElementPath, securityEventDeque);
- boolean encryptsSignatureConfirmation =
+ boolean encryptsSignatureConfirmation =
encryptsElement(tokenSecurityEvent, signatureConfirmationElementPath, securityEventDeque);
List<QName> timestampElementPath = new ArrayList<>(4);
@@ -288,79 +288,79 @@ public class InboundWSSecurityContextImp
boolean transportSecurityActive = Boolean.TRUE.equals(get(WSSConstants.TRANSPORT_SECURITY_ACTIVE));
- List<InboundSecurityToken> encryptingSecurityTokens =
+ List<InboundSecurityToken> encryptingSecurityTokens =
isEncryptedToken(tokenSecurityEvent, securityEventDeque, httpsTokenSecurityEvent);
- boolean signatureUsage =
+ boolean signatureUsage =
tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_Signature);
- boolean encryptionUsage =
+ boolean encryptionUsage =
tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_Encryption);
if (!transportSecurityActive && signsSignatureConfirmation && signsTimestamp && !signsSignature) {
supportingTokensIterator.remove();
- messageTokens.messageSignatureTokens =
+ messageTokens.messageSignatureTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.messageSignatureTokens);
if (encryptionUsage) {
- messageTokens.messageEncryptionTokens =
+ messageTokens.messageEncryptionTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.messageEncryptionTokens);
}
} else if (!transportSecurityActive && signsSignatureConfirmation && !signsSignature) {
supportingTokensIterator.remove();
- messageTokens.messageSignatureTokens =
+ messageTokens.messageSignatureTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.messageSignatureTokens);
if (encryptionUsage) {
- messageTokens.messageEncryptionTokens =
+ messageTokens.messageEncryptionTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.messageEncryptionTokens);
}
} else if (!transportSecurityActive && signsTimestamp && !signsSignature) {
supportingTokensIterator.remove();
- messageTokens.messageSignatureTokens =
+ messageTokens.messageSignatureTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.messageSignatureTokens);
if (encryptionUsage) {
- messageTokens.messageEncryptionTokens =
+ messageTokens.messageEncryptionTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.messageEncryptionTokens);
}
- } else if (!transportSecurityActive
+ } else if (!transportSecurityActive
&& (encryptsSignature || encryptsSignatureConfirmation || encryptsUsernameToken)) {
supportingTokensIterator.remove();
- messageTokens.messageEncryptionTokens =
+ messageTokens.messageEncryptionTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.messageEncryptionTokens);
} else if (signsSignature && signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.signedEndorsingEncryptedSupportingTokens =
+ messageTokens.signedEndorsingEncryptedSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.signedEndorsingEncryptedSupportingTokens);
- } else if (transportSecurityActive && signsTimestamp && signingSecurityTokens.size() > 0
+ } else if (transportSecurityActive && signsTimestamp && signingSecurityTokens.size() > 0
&& encryptingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.signedEndorsingEncryptedSupportingTokens =
+ messageTokens.signedEndorsingEncryptedSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.signedEndorsingEncryptedSupportingTokens);
} else if (signsSignature && signingSecurityTokens.size() == 0 && encryptingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.endorsingEncryptedSupportingTokens =
+ messageTokens.endorsingEncryptedSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.endorsingEncryptedSupportingTokens);
} else if (signsSignature && signingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.signedEndorsingSupportingTokens =
+ messageTokens.signedEndorsingSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.signedEndorsingSupportingTokens);
} else if (signatureUsage && signingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.signedEndorsingSupportingTokens =
+ messageTokens.signedEndorsingSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.signedEndorsingSupportingTokens);
} else if (signsSignature) {
supportingTokensIterator.remove();
- messageTokens.endorsingSupportingTokens =
+ messageTokens.endorsingSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.endorsingSupportingTokens);
} else if (signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.signedEncryptedSupportingTokens =
+ messageTokens.signedEncryptedSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.signedEncryptedSupportingTokens);
} else if (signingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.signedSupportingTokens =
+ messageTokens.signedSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.signedSupportingTokens);
} else if (encryptingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
- messageTokens.encryptedSupportingTokens =
+ messageTokens.encryptedSupportingTokens =
addTokenSecurityEvent(tokenSecurityEvent, messageTokens.encryptedSupportingTokens);
}
}
@@ -387,7 +387,7 @@ public class InboundWSSecurityContextImp
return tokenSecurityEventList;
}
- private boolean containsSecurityToken(List<TokenSecurityEvent<? extends InboundSecurityToken>> supportingTokens,
+ private boolean containsSecurityToken(List<TokenSecurityEvent<? extends InboundSecurityToken>> supportingTokens,
SecurityToken securityToken) {
if (securityToken != null) {
for (int i = 0; i < supportingTokens.size(); i++) {
@@ -451,7 +451,7 @@ public class InboundWSSecurityContextImp
return null;
}
- private List<InboundSecurityToken> getSigningToken(TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent,
+ private List<InboundSecurityToken> getSigningToken(TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent,
Deque<SecurityEvent> securityEventDeque) throws XMLSecurityException {
List<InboundSecurityToken> signingSecurityTokens = new ArrayList<>();
@@ -471,7 +471,7 @@ public class InboundWSSecurityContextImp
return signingSecurityTokens;
}
- private void setTokenUsage(List<TokenSecurityEvent<? extends InboundSecurityToken>> tokenSecurityEvents,
+ private void setTokenUsage(List<TokenSecurityEvent<? extends InboundSecurityToken>> tokenSecurityEvents,
WSSecurityTokenConstants.TokenUsage tokenUsage) throws XMLSecurityException {
for (int i = 0; i < tokenSecurityEvents.size(); i++) {
TokenSecurityEvent<? extends InboundSecurityToken> tokenSecurityEvent = tokenSecurityEvents.get(i);
@@ -479,7 +479,7 @@ public class InboundWSSecurityContextImp
}
}
- private void setTokenUsage(TokenSecurityEvent<? extends InboundSecurityToken> tokenSecurityEvent,
+ private void setTokenUsage(TokenSecurityEvent<? extends InboundSecurityToken> tokenSecurityEvent,
WSSecurityTokenConstants.TokenUsage tokenUsage) throws XMLSecurityException {
tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(WSSecurityTokenConstants.TOKENUSAGE_SUPPORTING_TOKENS);
tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(WSSecurityTokenConstants.TokenUsage_Signature);
@@ -502,7 +502,7 @@ public class InboundWSSecurityContextImp
if (signedElementSecurityEvent.isSigned()
&& tokenSecurityEvent.getSecurityToken() != null
&& signedElementSecurityEvent.getXmlSecEvent() != null
- && signedElementSecurityEvent.getXmlSecEvent()
+ && signedElementSecurityEvent.getXmlSecEvent()
== ((InboundSecurityToken)tokenSecurityEvent.getSecurityToken()).getXMLSecEvent()
&& !securityTokenList.contains((InboundSecurityToken)signedElementSecurityEvent.getSecurityToken())) {
securityTokenList.add((InboundSecurityToken)signedElementSecurityEvent.getSecurityToken());
@@ -528,7 +528,7 @@ public class InboundWSSecurityContextImp
if (encryptedElementSecurityEvent.isEncrypted()
&& tokenSecurityEvent.getSecurityToken() != null
&& encryptedElementSecurityEvent.getXmlSecEvent() != null
- && encryptedElementSecurityEvent.getXmlSecEvent()
+ && encryptedElementSecurityEvent.getXmlSecEvent()
== ((InboundSecurityToken)tokenSecurityEvent.getSecurityToken()).getXMLSecEvent()
&& !securityTokenList.contains((InboundSecurityToken)encryptedElementSecurityEvent.getSecurityToken())) {
securityTokenList.add((InboundSecurityToken)encryptedElementSecurityEvent.getSecurityToken());
@@ -584,12 +584,12 @@ public class InboundWSSecurityContextImp
return true;
}
} else if (WSSecurityEventConstants.ContentEncrypted.equals(securityEvent.getSecurityEventType())) {
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent =
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent =
(ContentEncryptedElementSecurityEvent) securityEvent;
String tokenId = tokenSecurityEvent.getSecurityToken().getId();
if (contentEncryptedElementSecurityEvent.isEncrypted()
&& contentEncryptedElementSecurityEvent.getSecurityToken().getId().equals(tokenId)
- && contentEncryptedElementSecurityEvent.getXmlSecEvent()
+ && contentEncryptedElementSecurityEvent.getXmlSecEvent()
== ((InboundSecurityToken)tokenSecurityEvent.getSecurityToken()).getXMLSecEvent()
&& WSSUtils.pathMatches(elementPath, contentEncryptedElementSecurityEvent.getElementPath(), true, false)) {
return true;
@@ -634,7 +634,7 @@ public class InboundWSSecurityContextImp
public void setAllowRSA15KeyTransportAlgorithm(boolean allowRSA15KeyTransportAlgorithm) {
this.allowRSA15KeyTransportAlgorithm = allowRSA15KeyTransportAlgorithm;
}
-
+
private static class MessageTokens {
List<TokenSecurityEvent<? extends InboundSecurityToken>> messageSignatureTokens = Collections.emptyList();
List<TokenSecurityEvent<? extends InboundSecurityToken>> messageEncryptionTokens = Collections.emptyList();
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/WSSecurityStreamReader.java Mon Feb 13 11:20:02 2017
@@ -47,7 +47,7 @@ public class WSSecurityStreamReader exte
Throwable cause = e.getCause();
// Allow a WSSPolicyException
- if (returnSecurityError || initiator
+ if (returnSecurityError || initiator
|| cause != null && cause.getCause() instanceof WSSPolicyException) {
throw e;
}
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/BinarySecurityTokenInputHandler.java Mon Feb 13 11:20:02 2017
@@ -66,13 +66,13 @@ public class BinarySecurityTokenInputHan
binarySecurityTokenType.setId(IDGenerator.generateID(null));
}
- final WSInboundSecurityContext wsInboundSecurityContext =
+ final WSInboundSecurityContext wsInboundSecurityContext =
(WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
final WSSSecurityProperties wssSecurityProperties = (WSSSecurityProperties) securityProperties;
final List<QName> elementPath = getElementPath(eventQueue);
final List<XMLSecEvent> xmlSecEvents = getResponsibleXMLSecEvents(eventQueue, index);
- final TokenContext tokenContext =
+ final TokenContext tokenContext =
new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
BinarySecurityTokenValidator binarySecurityTokenValidator =
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java Mon Feb 13 11:20:02 2017
@@ -179,8 +179,8 @@ public class DecryptInputProcessor exten
Cipher cipher, InboundSecurityToken inboundSecurityToken) throws XMLSecurityException {
String typeStr = encryptedDataType.getType();
- if (typeStr != null
- && (WSSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_CONTENT_ONLY.equals(typeStr)
+ if (typeStr != null
+ && (WSSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_CONTENT_ONLY.equals(typeStr)
|| WSSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_COMPLETE.equals(typeStr))) {
CipherReferenceType cipherReferenceType = encryptedDataType.getCipherData().getCipherReference();
@@ -237,7 +237,7 @@ public class DecryptInputProcessor exten
protected void handleSecurityToken(InboundSecurityToken inboundSecurityToken, InboundSecurityContext inboundSecurityContext,
EncryptedDataType encryptedDataType) throws XMLSecurityException {
inboundSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_Encryption);
- TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent =
+ TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent =
WSSUtils.createTokenSecurityEvent(inboundSecurityToken, encryptedDataType.getId());
inboundSecurityContext.registerSecurityEvent(tokenSecurityEvent);
}
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/EncryptedDataInputHandler.java Mon Feb 13 11:20:02 2017
@@ -80,14 +80,14 @@ public class EncryptedDataInputHandler e
//replay the EncryptedData event for the DecryptInputProcessor:
InputProcessor tmpProcessor = new AbstractInputProcessor(securityProperties) {
@Override
- public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain)
+ public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain)
throws XMLStreamException, XMLSecurityException {
inputProcessorChain.removeProcessor(this);
return encryptedDataElement;
}
@Override
- public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
+ public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
throws XMLStreamException, XMLSecurityException {
inputProcessorChain.removeProcessor(this);
return encryptedDataElement;
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java Mon Feb 13 11:20:02 2017
@@ -121,7 +121,7 @@ public class SAMLTokenInputHandler exten
final Element samlElement = samlTokenDocument.getDocumentElement();
final SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(samlElement);
- SamlTokenValidator samlTokenValidator =
+ SamlTokenValidator samlTokenValidator =
wssSecurityProperties.getValidator(new QName(samlElement.getNamespaceURI(), samlElement.getLocalName()));
if (samlTokenValidator == null) {
samlTokenValidator = new SamlTokenValidatorImpl();
@@ -195,7 +195,7 @@ public class SAMLTokenInputHandler exten
final List<XMLSecEvent> xmlSecEvents = getResponsibleXMLSecEvents(eventQueue, index);
final List<QName> elementPath = getElementPath(eventQueue);
- final TokenContext tokenContext =
+ final TokenContext tokenContext =
new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
final SamlSecurityToken samlSecurityToken =
@@ -245,11 +245,11 @@ public class SAMLTokenInputHandler exten
List<QName> elementPath = xmlSecEvent.asStartElement().getElementPath();
if (elementPath.size() >= 4) {
int lastIndex = elementPath.size() - 2;
- if ("SubjectConfirmationData".equals(elementPath.get(lastIndex).getLocalPart())
- && "SubjectConfirmation".equals(elementPath.get(lastIndex - 1).getLocalPart())
+ if ("SubjectConfirmationData".equals(elementPath.get(lastIndex).getLocalPart())
+ && "SubjectConfirmation".equals(elementPath.get(lastIndex - 1).getLocalPart())
&& "Subject".equals(elementPath.get(lastIndex - 2).getLocalPart())) {
return idx;
- } else if ("SubjectConfirmation".equals(elementPath.get(lastIndex).getLocalPart())
+ } else if ("SubjectConfirmation".equals(elementPath.get(lastIndex).getLocalPart())
&& "Subject".equals(elementPath.get(lastIndex - 1).getLocalPart())) {
return idx;
}
@@ -273,7 +273,7 @@ public class SAMLTokenInputHandler exten
List<QName> elementPath = xmlSecEvent.asStartElement().getElementPath();
if (elementPath.size() >= 4) {
int lastIndex = elementPath.size() - 2;
- if ("Signature".equals(elementPath.get(lastIndex).getLocalPart())
+ if ("Signature".equals(elementPath.get(lastIndex).getLocalPart())
&& "Assertion".equals(elementPath.get(lastIndex - 1).getLocalPart())) {
return idx;
}
@@ -541,9 +541,9 @@ public class SAMLTokenInputHandler exten
private List<SignedElementSecurityEvent> samlTokenSignedElementSecurityEvents = new ArrayList<>();
private SignedPartSecurityEvent bodySignedPartSecurityEvent;
- SAMLTokenVerifierInputProcessor(XMLSecurityProperties securityProperties,
+ SAMLTokenVerifierInputProcessor(XMLSecurityProperties securityProperties,
SamlAssertionWrapper samlAssertionWrapper,
- SecurityTokenProvider<InboundSecurityToken> securityTokenProvider,
+ SecurityTokenProvider<InboundSecurityToken> securityTokenProvider,
InboundSecurityToken subjectSecurityToken) {
super(securityProperties);
this.setPhase(XMLSecurityConstants.Phase.POSTPROCESSING);
@@ -656,7 +656,7 @@ public class SAMLTokenInputHandler exten
PublicKey publicKey = securityToken.getPublicKey();
Map<String, Key> keyMap = securityToken.getSecretKey();
if (x509Certificates != null && x509Certificates.length > 0
- && subjectCertificates != null && subjectCertificates.length > 0
+ && subjectCertificates != null && subjectCertificates.length > 0
&& subjectCertificates[0].equals(x509Certificates[0])) {
return;
}
@@ -690,15 +690,15 @@ public class SAMLTokenInputHandler exten
SignedElementSecurityEvent samlTokenSignedElementSecurityEvent = null;
for (int j = 0; j < samlTokenSignedElementSecurityEvents.size(); j++) {
SignedElementSecurityEvent signedElementSecurityEvent = samlTokenSignedElementSecurityEvents.get(j);
- if (securityTokenProvider.getSecurityToken().getXMLSecEvent()
+ if (securityTokenProvider.getSecurityToken().getXMLSecEvent()
== signedElementSecurityEvent.getXmlSecEvent()) {
samlTokenSignedElementSecurityEvent = signedElementSecurityEvent;
}
}
- if (bodySignedPartSecurityEvent != null
- && samlTokenSignedElementSecurityEvent != null
- && bodySignedPartSecurityEvent.getSecurityToken()
+ if (bodySignedPartSecurityEvent != null
+ && samlTokenSignedElementSecurityEvent != null
+ && bodySignedPartSecurityEvent.getSecurityToken()
== samlTokenSignedElementSecurityEvent.getSecurityToken()) {
return;
}
@@ -727,7 +727,7 @@ public class SAMLTokenInputHandler exten
}
return null;
}
-
+
private boolean containsSignature(List<TokenUsage> tokenUses) {
return tokenUses.contains(WSSecurityTokenConstants.TOKENUSAGE_MAIN_SIGNATURE)
|| tokenUses.contains(WSSecurityTokenConstants.TokenUsage_Signature)
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityContextTokenInputHandler.java Mon Feb 13 11:20:02 2017
@@ -60,13 +60,13 @@ public class SecurityContextTokenInputHa
final String identifier = (String) XMLSecurityUtils.getQNameType(securityContextTokenType.getAny(),
elementName);
- final WSInboundSecurityContext wsInboundSecurityContext =
+ final WSInboundSecurityContext wsInboundSecurityContext =
(WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
final WSSSecurityProperties wssSecurityProperties = (WSSSecurityProperties) securityProperties;
final List<XMLSecEvent> xmlSecEvents = getResponsibleXMLSecEvents(eventQueue, index);
final List<QName> elementPath = getElementPath(eventQueue);
- final TokenContext tokenContext =
+ final TokenContext tokenContext =
new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
SecurityContextTokenValidator securityContextTokenValidator = wssSecurityProperties.getValidator(elementName);
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java Mon Feb 13 11:20:02 2017
@@ -176,13 +176,13 @@ public class SecurityTokenReferenceInput
return securityTokenReferenceId;
}
};
- inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(securityTokenReferenceId,
+ inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(securityTokenReferenceId,
securityTokenProvider);
return xmlSecEvent;
} else if (xmlSecEndElement.getDocumentLevel() == 3
&& xmlSecEndElement.getName().equals(WSSConstants.TAG_WSSE_SECURITY)
- && WSSUtils.isInSecurityHeader(xmlSecEndElement,
+ && WSSUtils.isInSecurityHeader(xmlSecEndElement,
((WSSSecurityProperties) getSecurityProperties()).getActor())) {
//we can now remove this processor from the chain
inputProcessorChain.removeProcessor(this);
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputHandler.java Mon Feb 13 11:20:02 2017
@@ -55,7 +55,7 @@ public class SignatureConfirmationInputH
inputProcessorChain.getSecurityContext().registerSecurityEvent(signatureConfirmationSecurityEvent);
}
- private void checkBSPCompliance(InputProcessorChain inputProcessorChain, SignatureConfirmationType signatureConfirmationType)
+ private void checkBSPCompliance(InputProcessorChain inputProcessorChain, SignatureConfirmationType signatureConfirmationType)
throws WSSecurityException {
if (signatureConfirmationType.getId() == null) {
((WSInboundSecurityContext) inputProcessorChain.getSecurityContext()).handleBSPRule(BSPRule.R5441);
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/TimestampInputHandler.java Mon Feb 13 11:20:02 2017
@@ -52,7 +52,7 @@ public class TimestampInputHandler exten
Deque<XMLSecEvent> eventQueue, Integer index) throws XMLSecurityException {
final WSSSecurityProperties wssSecurityProperties = (WSSSecurityProperties) securityProperties;
- final WSInboundSecurityContext wssecurityContextInbound =
+ final WSInboundSecurityContext wssecurityContextInbound =
(WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
//Chapter 10 Security Timestamps: ...may only be present at most once per header (that is, per SOAP actor/role)
@@ -157,7 +157,7 @@ public class TimestampInputHandler exten
if (createdCalendar.getSecond() > 59) {
securityContext.handleBSPRule(BSPRule.R3213);
}
- String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getCreated().getOtherAttributes(),
+ String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getCreated().getOtherAttributes(),
WSSConstants.ATT_NULL_VALUE_TYPE);
if (valueType != null) {
securityContext.handleBSPRule(BSPRule.R3225);
@@ -183,7 +183,7 @@ public class TimestampInputHandler exten
if (expiresCalendar.getSecond() > 59) {
securityContext.handleBSPRule(BSPRule.R3215);
}
- String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getExpires().getOtherAttributes(),
+ String valueType = XMLSecurityUtils.getQNameAttribute(timestampType.getExpires().getOtherAttributes(),
WSSConstants.ATT_NULL_VALUE_TYPE);
if (valueType != null) {
securityContext.handleBSPRule(BSPRule.R3226);
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/UsernameTokenInputHandler.java Mon Feb 13 11:20:02 2017
@@ -96,11 +96,11 @@ public class UsernameTokenInputHandler e
}
}
- final WSInboundSecurityContext wsInboundSecurityContext =
+ final WSInboundSecurityContext wsInboundSecurityContext =
(WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
final List<QName> elementPath = getElementPath(eventQueue);
- final TokenContext tokenContext =
+ final TokenContext tokenContext =
new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
UsernameTokenValidator usernameTokenValidator =
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java Mon Feb 13 11:20:02 2017
@@ -44,8 +44,8 @@ public class WSSEncryptedKeyInputHandler
org.slf4j.LoggerFactory.getLogger(WSSEncryptedKeyInputHandler.class);
@Override
- public void handle(InputProcessorChain inputProcessorChain, EncryptedKeyType encryptedKeyType,
- XMLSecEvent responsibleXMLSecStartXMLEvent, XMLSecurityProperties securityProperties)
+ public void handle(InputProcessorChain inputProcessorChain, EncryptedKeyType encryptedKeyType,
+ XMLSecEvent responsibleXMLSecStartXMLEvent, XMLSecurityProperties securityProperties)
throws XMLSecurityException {
checkBSPCompliance(inputProcessorChain, encryptedKeyType);
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java Mon Feb 13 11:20:02 2017
@@ -171,7 +171,7 @@ public class WSSSignatureInputHandler ex
signatureType.getKeyInfo(), WSSecurityTokenConstants.KeyUsage_Signature_Verification,
securityProperties, inboundSecurityContext);
- SignatureTokenValidator signatureTokenValidator =
+ SignatureTokenValidator signatureTokenValidator =
((WSSSecurityProperties) securityProperties).getValidator(WSSConstants.TAG_dsig_Signature);
if (signatureTokenValidator == null) {
signatureTokenValidator = new SignatureTokenValidatorImpl();
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java?rev=1782748&r1=1782747&r2=1782748&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java Mon Feb 13 11:20:02 2017
@@ -217,15 +217,15 @@ public class WSSSignatureReferenceVerify
&& !WSSConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS.equals(algorithm)
&& !WSSConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS.equals(algorithm)) {
securityContext.handleBSPRule(BSPRule.R5423);
- if (j == transformTypes.size() - 1
+ if (j == transformTypes.size() - 1
&& !WSSConstants.NS_C14N_EXCL.equals(algorithm)
&& !WSSConstants.SOAPMESSAGE_NS10_STR_TRANSFORM.equals(algorithm)
&& !WSSConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS.equals(algorithm)
&& !WSSConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS.equals(algorithm)) {
securityContext.handleBSPRule(BSPRule.R5412);
}
- InclusiveNamespaces inclusiveNamespacesType =
- XMLSecurityUtils.getQNameType(transformType.getContent(),
+ InclusiveNamespaces inclusiveNamespacesType =
+ XMLSecurityUtils.getQNameType(transformType.getContent(),
XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
if (WSSConstants.NS_C14N_EXCL.equals(algorithm)
&& inclusiveNamespacesType != null
@@ -238,13 +238,13 @@ public class WSSSignatureReferenceVerify
securityContext.handleBSPRule(BSPRule.R5413);
}
TransformationParametersType transformationParametersType =
- XMLSecurityUtils.getQNameType(transformType.getContent(),
+ XMLSecurityUtils.getQNameType(transformType.getContent(),
WSSConstants.TAG_WSSE_TRANSFORMATION_PARAMETERS);
if (transformationParametersType == null) {
securityContext.handleBSPRule(BSPRule.R3065);
} else {
CanonicalizationMethodType canonicalizationMethodType =
- XMLSecurityUtils.getQNameType(transformationParametersType.getAny(),
+ XMLSecurityUtils.getQNameType(transformationParametersType.getAny(),
WSSConstants.TAG_dsig_CanonicalizationMethod);
if (canonicalizationMethodType == null) {
securityContext.handleBSPRule(BSPRule.R3065);
@@ -313,7 +313,7 @@ public class WSSSignatureReferenceVerify
((WSSSecurityProperties)getSecurityProperties()).getTimestampReplayCache();
if (timestampSecurityEvent != null && replayCache != null) {
final String cacheKey =
- timestampSecurityEvent.getCreated().getTimeInMillis()
+ timestampSecurityEvent.getCreated().getTimeInMillis()
+ "" + Arrays.hashCode(getSignatureType().getSignatureValue().getValue());
if (replayCache.contains(cacheKey)) {
throw new WSSecurityException(WSSecurityException.ErrorCode.MESSAGE_EXPIRED);
@@ -358,14 +358,14 @@ public class WSSSignatureReferenceVerify
XMLSecurityUtils.getQNameType(transformType.getContent(), WSSConstants.TAG_WSSE_TRANSFORMATION_PARAMETERS);
if (transformationParametersType != null) {
CanonicalizationMethodType canonicalizationMethodType =
- XMLSecurityUtils.getQNameType(transformationParametersType.getAny(),
+ XMLSecurityUtils.getQNameType(transformationParametersType.getAny(),
WSSConstants.TAG_dsig_CanonicalizationMethod);
if (canonicalizationMethodType != null) {
algorithm = canonicalizationMethodType.getAlgorithm();
InclusiveNamespaces inclusiveNamespacesType =
- XMLSecurityUtils.getQNameType(canonicalizationMethodType.getContent(),
+ XMLSecurityUtils.getQNameType(canonicalizationMethodType.getContent(),
XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
Map<String, Object> transformerProperties = null;
@@ -387,7 +387,7 @@ public class WSSSignatureReferenceVerify
inputProcessorChain.getSecurityContext().registerSecurityEvent(algorithmSuiteSecurityEvent);
InclusiveNamespaces inclusiveNamespacesType =
- XMLSecurityUtils.getQNameType(transformType.getContent(),
+ XMLSecurityUtils.getQNameType(transformType.getContent(),
XMLSecurityConstants.TAG_c14nExcl_InclusiveNamespaces);
Map<String, Object> transformerProperties = null;