You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/02/09 17:15:22 UTC
svn commit: r1068958 - in
/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security:
SecurityConstants.java trust/STSClient.java
Author: coheigea
Date: Wed Feb 9 16:15:22 2011
New Revision: 1068958
URL: http://svn.apache.org/viewvc?rev=1068958&view=rev
Log:
[CXF-3321] - Added the ability to configure the STSClient via spring to send an X509Certificate to the STS.
Modified:
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Modified: cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1068958&r1=1068957&r2=1068958&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original)
+++ cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Wed Feb 9 16:15:22 2011
@@ -68,6 +68,8 @@ public final class SecurityConstants {
public static final String STS_TOKEN_CRYPTO = "ws-security.sts.token.crypto";
public static final String STS_TOKEN_PROPERTIES = "ws-security.sts.token.properties";
public static final String STS_TOKEN_USERNAME = "ws-security.sts.token.username";
+ public static final String STS_TOKEN_USE_CERT_FOR_KEYINFO =
+ "ws-security.sts.token.usecert";
public static final String STS_TOKEN_DO_CANCEL = "ws-security.sts.token.do.cancel";
@@ -82,7 +84,7 @@ public final class SecurityConstants {
ENCRYPT_USERNAME, ENCRYPT_PROPERTIES, ENCRYPT_CRYPTO,
TOKEN, TOKEN_ID, STS_CLIENT, STS_TOKEN_PROPERTIES, STS_TOKEN_CRYPTO,
STS_TOKEN_DO_CANCEL, TIMESTAMP_TTL, ALWAYS_ENCRYPT_UT,
- STS_TOKEN_ACT_AS
+ STS_TOKEN_ACT_AS, STS_TOKEN_USERNAME, STS_TOKEN_USE_CERT_FOR_KEYINFO
}));
ALL_PROPERTIES = Collections.unmodifiableSet(s);
}
Modified: cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1068958&r1=1068957&r2=1068958&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java (original)
+++ cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java Wed Feb 9 16:15:22 2011
@@ -525,7 +525,12 @@ public class STSClient implements Config
writer.writeStartElement("dsig", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#");
writer.writeNamespace("dsig", "http://www.w3.org/2000/09/xmldsig#");
- if (useCertificateForConfirmationKeyInfo) {
+ boolean useCert = useCertificateForConfirmationKeyInfo;
+ String useCertStr = (String)getProperty(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO);
+ if (useCertStr != null) {
+ useCert = Boolean.parseBoolean(useCertStr);
+ }
+ if (useCert) {
X509Data certElem = new X509Data(writer.getDocument());
certElem.addCertificate(cert);
writer.getCurrentNode().appendChild(certElem.getElement());