You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/10/11 13:25:17 UTC
svn commit: r1531256 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers:
AbstractStaxBindingHandler.java StaxSymmetricBindingHandler.java
Author: coheigea
Date: Fri Oct 11 11:25:17 2013
New Revision: 1531256
URL: http://svn.apache.org/r1531256
Log:
Some fixes following from some WSS4J work
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1531256&r1=1531255&r2=1531256&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java Fri Oct 11 11:25:17 2013
@@ -60,6 +60,7 @@ import org.apache.wss4j.common.ext.WSSec
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.bean.KeyInfoBean;
import org.apache.wss4j.common.saml.bean.SubjectBean;
+import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
@@ -222,6 +223,9 @@ public abstract class AbstractStaxBindin
@Override
public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
+ if (secToken.getSecret() != null && algorithmURI != null && !"".equals(algorithmURI)) {
+ return KeyUtils.prepareSecretKey(algorithmURI, secToken.getSecret());
+ }
return secToken.getKey();
}
};
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1531256&r1=1531255&r2=1531256&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java Fri Oct 11 11:25:17 2013
@@ -47,6 +47,7 @@ import org.apache.cxf.ws.security.tokens
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -256,7 +257,7 @@ public class StaxSymmetricBindingHandler
if (sigToken != null) {
if (sigToken instanceof KerberosToken) {
sigTok = getSecurityToken();
- if (MessageUtils.isRequestor(message)) {
+ if (isRequestor()) {
addKerberosToken((KerberosToken)sigToken, false, true, true);
}
} else if (sigToken instanceof IssuedToken) {
@@ -266,6 +267,16 @@ public class StaxSymmetricBindingHandler
|| sigToken instanceof SecurityContextToken
|| sigToken instanceof SpnegoContextToken) {
sigTok = getSecurityToken();
+ if (sigTok != null && isRequestor()) {
+ Map<String, Object> config = getProperties();
+ String actionToPerform = ConfigurationConstants.CUSTOM_TOKEN;
+ if (config.containsKey(ConfigurationConstants.ACTION)) {
+ String action = (String)config.get(ConfigurationConstants.ACTION);
+ config.put(ConfigurationConstants.ACTION, action + " " + actionToPerform);
+ } else {
+ config.put(ConfigurationConstants.ACTION, actionToPerform);
+ }
+ }
} else if (sigToken instanceof X509Token) {
if (isRequestor()) {
sigTokId = setupEncryptedKey(sigAbstractTokenWrapper, sigToken);
@@ -425,7 +436,9 @@ public class StaxSymmetricBindingHandler
config.put(ConfigurationConstants.ENCRYPTION_USER, encUser);
}
- if (encrToken instanceof KerberosToken || encrToken instanceof IssuedToken) {
+ if (encrToken instanceof KerberosToken || encrToken instanceof IssuedToken
+ || encrToken instanceof SpnegoContextToken || encrToken instanceof SecurityContextToken
+ || encrToken instanceof SecureConversationToken) {
config.put(ConfigurationConstants.ENC_SYM_ENC_KEY, "false");
}
}
@@ -655,6 +668,9 @@ public class StaxSymmetricBindingHandler
@Override
public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
+ if (secret != null && algorithmURI != null && !"".equals(algorithmURI)) {
+ return KeyUtils.prepareSecretKey(algorithmURI, secret);
+ }
if (key != null) {
return key;
}
@@ -685,6 +701,8 @@ public class StaxSymmetricBindingHandler
encryptedKeySecurityTokenProvider);
outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
encryptedKeySecurityTokenProvider);
+ outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN,
+ encryptedKeySecurityTokenProvider);
}
private class TokenStoreCallbackHandler implements CallbackHandler {
@@ -699,15 +717,18 @@ public class StaxSymmetricBindingHandler
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
- if (pc.getKey() != null) {
- String id = pc.getIdentifier();
- SecurityToken token = store.getToken(id);
- if (token != null && token.getSHA1() == null) {
+ String id = pc.getIdentifier();
+ SecurityToken token = store.getToken(id);
+ if (token != null) {
+ if (token.getSHA1() == null && pc.getKey() != null) {
token.setSHA1(getSHA1(pc.getKey()));
// Create another cache entry with the SHA1 Identifier as the key
// for easy retrieval
store.add(token.getSHA1(), token);
}
+ pc.setKey(token.getSecret());
+ pc.setCustomToken(token.getToken());
+ return;
}
}
if (internal != null) {