You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/12/09 13:32:53 UTC
svn commit: r1549562 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/
Author: coheigea
Date: Mon Dec 9 12:32:52 2013
New Revision: 1549562
URL: http://svn.apache.org/r1549562
Log:
Fixed a bug in the WS-Security layer + re-enabled some tests
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java Mon Dec 9 12:32:52 2013
@@ -397,9 +397,18 @@ public class StaxAsymmetricBindingHandle
actionToPerform = WSSConstants.SIGNATURE_WITH_DERIVED_KEY;
}
List<WSSConstants.Action> actionList = properties.getActions();
- if (actionList.contains(WSSConstants.SIGNATURE_CONFIRMATION)) {
- actionList.add(0, actionToPerform);
- } else {
+ // Add a Signature directly before a Kerberos or SCT, otherwise just append it
+ boolean actionAdded = false;
+ for (int i = 0; i < actionList.size(); i++) {
+ WSSConstants.Action action = actionList.get(i);
+ if (action.equals(WSSConstants.KERBEROS_TOKEN)
+ || action.equals(WSSConstants.SIGNATURE_CONFIRMATION)) {
+ actionList.add(i, actionToPerform);
+ actionAdded = true;
+ break;
+ }
+ }
+ if (!actionAdded) {
actionList.add(actionToPerform);
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java Mon Dec 9 12:32:52 2013
@@ -500,10 +500,18 @@ public class StaxSymmetricBindingHandler
}
List<WSSConstants.Action> actionList = properties.getActions();
- if (actionList.contains(WSSConstants.KERBEROS_TOKEN)
- || actionList.contains(WSSConstants.SIGNATURE_CONFIRMATION)) {
- actionList.add(0, actionToPerform);
- } else {
+ // Add a Signature directly before a Kerberos or SCT, otherwise just append it
+ boolean actionAdded = false;
+ for (int i = 0; i < actionList.size(); i++) {
+ WSSConstants.Action action = actionList.get(i);
+ if (action.equals(WSSConstants.KERBEROS_TOKEN)
+ || action.equals(WSSConstants.SIGNATURE_CONFIRMATION)) {
+ actionList.add(i, actionToPerform);
+ actionAdded = true;
+ break;
+ }
+ }
+ if (!actionAdded) {
actionList.add(actionToPerform);
}
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java Mon Dec 9 12:32:52 2013
@@ -146,8 +146,8 @@ public class WSSecurity111Test extends W
{new TestParam("A", staxPort, false)},
{new TestParam("A-NoTimestamp", staxPort, false)},
{new TestParam("AD", staxPort, false)},
- // TODO Investigate {new TestParam("A-ES", staxPort, false)},
- // TODO Investigate {new TestParam("AD-ES", staxPort, false)},
+ {new TestParam("A-ES", staxPort, false)},
+ {new TestParam("AD-ES", staxPort, false)},
{new TestParam("UX", staxPort, false)},
{new TestParam("UX-NoTimestamp", staxPort, false)},
{new TestParam("UXD", staxPort, false)},
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java Mon Dec 9 12:32:52 2013
@@ -123,7 +123,7 @@ public class WSSecurity112Test extends W
{new TestParam("X-AES256", StaxServer12.PORT, false)},
{new TestParam("X-TripleDES", StaxServer12.PORT, false)},
{new TestParam("XD", StaxServer12.PORT, false)},
- // TODO Investigate {new TestParam("XD-ES", StaxServer12.PORT, false)},
+ {new TestParam("XD-ES", StaxServer12.PORT, false)},
// TODO Endorsing derived streaming not working
// {new TestParam("XD-SEES", StaxServer12.PORT, false)},
});
@@ -138,7 +138,7 @@ public class WSSecurity112Test extends W
{new TestParam("X", StaxServer12Restricted.PORT, false)},
{new TestParam("X-NoTimestamp", StaxServer12Restricted.PORT, false)},
{new TestParam("XD", StaxServer12Restricted.PORT, false)},
- // TODO Investigate {new TestParam("XD-ES", StaxServer12Restricted.PORT, false)},
+ {new TestParam("XD-ES", StaxServer12Restricted.PORT, false)},
// TODO Endorsing derived streaming not working
// {new TestParam("XD-SEES", StaxServer12Restricted.PORT, false)},
});