You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Daniel Kulp (JIRA)" <ji...@apache.org> on 2008/12/18 18:31:44 UTC
[jira] Closed: (WSS-118) Support for SAML 1.1
SecurityTokenReferences in
/org/apache/ws/security/processor/DerivedKeyTokenProcessor
[ https://issues.apache.org/jira/browse/WSS-118?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp closed WSS-118.
---------------------------
Resolution: Fixed
Fix Version/s: 1.5.5
I fixed this this morning, but slightly differently.
I've kept the usage as ENCRYPTED_KEY_TOKEN, but added a "getKeyType()" method onto the callback so the handler can determine exactly the type of key requested. This should cover SHA1 and SAML right now and any other type of key reference found.
> Support for SAML 1.1 SecurityTokenReferences in /org/apache/ws/security/processor/DerivedKeyTokenProcessor
> -----------------------------------------------------------------------------------------------------------
>
> Key: WSS-118
> URL: https://issues.apache.org/jira/browse/WSS-118
> Project: WSS4J
> Issue Type: Improvement
> Environment: Trunk
> Reporter: Rasmus Rhein Helwigh
> Assignee: Daniel Kulp
> Fix For: 1.5.5
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> This patch enables handling of SecurityTokenReference is of type SAML_ID_URI in DerivedKeyTokenProcessor.
> Index: C:/src/Main/java/wss4j-svn/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java
> ===================================================================
> --- C:/src/Main/java/wss4j-svn/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java (revision 654702)
> +++ C:/src/Main/java/wss4j-svn/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java (working copy)
> @@ -200,20 +200,29 @@
> if (keyIdentifierType.equals
> (SecurityTokenReference.ENC_KEY_SHA1_URI)) {
>
> - pwcb = new WSPasswordCallback(keyIdentifierValue,
> + pwcb = new WSPasswordCallback(keyIdentifierValue,
> WSPasswordCallback.ENCRYPTED_KEY_TOKEN);
> - try {
> - cb.handle(new Callback[]{pwcb});
> - } catch (IOException e) {
> - throw new WSSecurityException(WSSecurityException.FAILURE, "noKey",
> - new Object[] { id });
> - } catch (UnsupportedCallbackException e) {
> - throw new WSSecurityException(WSSecurityException.FAILURE, "noKey",
> - new Object[] { id });
> - }
> -
> - }
> - return pwcb.getKey();
> + }
> + else if ( keyIdentifierType.equals(SecurityTokenReference.SAML_ID_URI))
> + {
> + pwcb = new WSPasswordCallback(keyIdentifierValue,
> + WSPasswordCallback.CUSTOM_TOKEN);
> + }
> + else
> + {
> + throw new WSSecurityException(WSSecurityException.FAILURE, "Keyidentifier unsupported",
> + new Object[] { keyIdentifierType });
> + }
> + try {
> + cb.handle(new Callback[]{pwcb});
> + } catch (IOException e) {
> + throw new WSSecurityException(WSSecurityException.FAILURE, "noKey",
> + new Object[] { id });
> + } catch (UnsupportedCallbackException e) {
> + throw new WSSecurityException(WSSecurityException.FAILURE, "noKey",
> + new Object[] { id });
> + }
> + return pwcb.getKey();
> }
>
> /**
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org