You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/10/11 13:25:17 UTC
svn commit: r1531256 - in /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers: AbstractStaxBindingHandler.java StaxSymmetricBindingHandler.java

Author: coheigea
Date: Fri Oct 11 11:25:17 2013
New Revision: 1531256

URL: http://svn.apache.org/r1531256
Log:
Some fixes following from some WSS4J work

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1531256&r1=1531255&r2=1531256&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java Fri Oct 11 11:25:17 2013
@@ -60,6 +60,7 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.bean.KeyInfoBean;
 import org.apache.wss4j.common.saml.bean.SubjectBean;
+import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
@@ -222,6 +223,9 @@ public abstract class AbstractStaxBindin
             
                 @Override
                 public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
+                    if (secToken.getSecret() != null && algorithmURI != null && !"".equals(algorithmURI)) {
+                        return KeyUtils.prepareSecretKey(algorithmURI, secToken.getSecret());
+                    }
                     return secToken.getKey();
                 }
             };

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1531256&r1=1531255&r2=1531256&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java Fri Oct 11 11:25:17 2013
@@ -47,6 +47,7 @@ import org.apache.cxf.ws.security.tokens
 import org.apache.wss4j.common.ConfigurationConstants;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -256,7 +257,7 @@ public class StaxSymmetricBindingHandler
             if (sigToken != null) {
                 if (sigToken instanceof KerberosToken) {
                     sigTok = getSecurityToken();
-                    if (MessageUtils.isRequestor(message)) {
+                    if (isRequestor()) {
                         addKerberosToken((KerberosToken)sigToken, false, true, true);
                     }
                 } else if (sigToken instanceof IssuedToken) {
@@ -266,6 +267,16 @@ public class StaxSymmetricBindingHandler
                     || sigToken instanceof SecurityContextToken
                     || sigToken instanceof SpnegoContextToken) {
                     sigTok = getSecurityToken();
+                    if (sigTok != null && isRequestor()) {
+                        Map<String, Object> config = getProperties();
+                        String actionToPerform = ConfigurationConstants.CUSTOM_TOKEN;
+                        if (config.containsKey(ConfigurationConstants.ACTION)) {
+                            String action = (String)config.get(ConfigurationConstants.ACTION);
+                            config.put(ConfigurationConstants.ACTION, action + " " + actionToPerform);
+                        } else {
+                            config.put(ConfigurationConstants.ACTION, actionToPerform);
+                        }
+                    }
                 } else if (sigToken instanceof X509Token) {
                     if (isRequestor()) {
                         sigTokId = setupEncryptedKey(sigAbstractTokenWrapper, sigToken);
@@ -425,7 +436,9 @@ public class StaxSymmetricBindingHandler
                 config.put(ConfigurationConstants.ENCRYPTION_USER, encUser);
             }
             
-            if (encrToken instanceof KerberosToken || encrToken instanceof IssuedToken) {
+            if (encrToken instanceof KerberosToken || encrToken instanceof IssuedToken
+                || encrToken instanceof SpnegoContextToken || encrToken instanceof SecurityContextToken
+                || encrToken instanceof SecureConversationToken) {
                 config.put(ConfigurationConstants.ENC_SYM_ENC_KEY, "false");
             }
         }
@@ -655,6 +668,9 @@ public class StaxSymmetricBindingHandler
           
                 @Override
                 public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
+                    if (secret != null && algorithmURI != null && !"".equals(algorithmURI)) {
+                        return KeyUtils.prepareSecretKey(algorithmURI, secret);
+                    }
                     if (key != null) {
                         return key;
                     }
@@ -685,6 +701,8 @@ public class StaxSymmetricBindingHandler
                            encryptedKeySecurityTokenProvider);
         outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, 
                            encryptedKeySecurityTokenProvider);
+        outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN, 
+                           encryptedKeySecurityTokenProvider);
     }
     
     private class TokenStoreCallbackHandler implements CallbackHandler {
@@ -699,15 +717,18 @@ public class StaxSymmetricBindingHandler
             for (int i = 0; i < callbacks.length; i++) {
                 WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
                 
-                if (pc.getKey() != null) {
-                    String id = pc.getIdentifier();
-                    SecurityToken token = store.getToken(id);
-                    if (token != null && token.getSHA1() == null) {
+                String id = pc.getIdentifier();
+                SecurityToken token = store.getToken(id);
+                if (token != null) {
+                    if (token.getSHA1() == null && pc.getKey() != null) {
                         token.setSHA1(getSHA1(pc.getKey()));
                         // Create another cache entry with the SHA1 Identifier as the key 
                         // for easy retrieval
                         store.add(token.getSHA1(), token);
                     }
+                    pc.setKey(token.getSecret());
+                    pc.setCustomToken(token.getToken());
+                    return;
                 }
             }
             if (internal != null) {