You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/03/27 21:11:11 UTC
cxf git commit: Finalizing XmlSecInInterceptor updates
Repository: cxf
Updated Branches:
refs/heads/master d3b88b5f4 -> fade9b81d
Finalizing XmlSecInInterceptor updates
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fade9b81
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fade9b81
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fade9b81
Branch: refs/heads/master
Commit: fade9b81dabe27f864ca38e7b40f28fb44d6f165
Parents: d3b88b5
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Mon Mar 27 22:10:55 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Mon Mar 27 22:10:55 2017 +0100
----------------------------------------------------------------------
.../security/xml/ClientXmlSecInInterceptor.java | 46 -------------------
.../rs/security/xml/XmlSecInInterceptor.java | 47 ++++++++++++++------
2 files changed, 33 insertions(+), 60 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/fade9b81/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/ClientXmlSecInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/ClientXmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/ClientXmlSecInInterceptor.java
deleted file mode 100644
index cfbc508..0000000
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/ClientXmlSecInInterceptor.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.xml;
-
-import java.io.IOException;
-
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.ext.ReaderInterceptor;
-import javax.ws.rs.ext.ReaderInterceptorContext;
-
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.message.Message;
-
-public class ClientXmlSecInInterceptor extends XmlSecInInterceptor implements ReaderInterceptor {
-
- @Override
- public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException {
- Message message = JAXRSUtils.getCurrentMessage();
- handleMessage(message);
- Object object = ctx.proceed();
- new StaxActionInInterceptor(super.isRequireSignature(),
- super.isRequireEncryption()).handleMessage(message);
- return object;
- }
-
- @Override
- protected void registerStaxActionInInterceptor(Message inMsg) {
- // complete
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/fade9b81/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 48db383..2d4014e 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -34,7 +34,10 @@ import java.util.regex.PatternSyntaxException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ReaderInterceptor;
+import javax.ws.rs.ext.ReaderInterceptorContext;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
@@ -44,6 +47,7 @@ import org.apache.cxf.interceptor.StaxInInterceptor;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.rs.security.common.CryptoLoader;
@@ -72,7 +76,7 @@ import org.apache.xml.security.stax.securityToken.SecurityToken;
/**
* A new StAX-based interceptor for processing messages with XML Signature + Encryption content.
*/
-public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
+public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> implements ReaderInterceptor {
private static final Logger LOG = LogUtils.getL7dLogger(XmlSecInInterceptor.class);
@@ -94,14 +98,16 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
}
public void handleMessage(Message message) throws Fault {
- String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
- if ("GET".equals(method)) {
+ if (isServerGet(message)) {
return;
}
-
- Message outMs = message.getExchange().getOutMessage();
- Message inMsg = outMs == null ? message : outMs.getExchange().getInMessage();
-
+ prepareMessage(message);
+ message.getInterceptorChain().add(
+ new StaxActionInInterceptor(requireSignature, requireEncryption));
+ }
+
+ private void prepareMessage(Message inMsg) throws Fault {
+
XMLStreamReader originalXmlStreamReader = inMsg.getContent(XMLStreamReader.class);
if (originalXmlStreamReader == null) {
InputStream is = inMsg.getContent(InputStream.class);
@@ -110,8 +116,6 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
}
}
- registerStaxActionInInterceptor(inMsg);
-
try {
XMLSecurityProperties properties = new XMLSecurityProperties();
configureDecryptionKeys(inMsg, properties);
@@ -137,12 +141,12 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
}
}
- protected void registerStaxActionInInterceptor(Message inMsg) {
- inMsg.getInterceptorChain().add(
- new StaxActionInInterceptor(requireSignature, requireEncryption));
-
+ private boolean isServerGet(Message message) {
+ String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
+ return "GET".equals(method) && !MessageUtils.isRequestor(message);
}
+
private void configureDecryptionKeys(Message message, XMLSecurityProperties properties)
throws IOException,
UnsupportedCallbackException, WSSecurityException {
@@ -400,11 +404,26 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
return subjectDNPatterns;
}
+ @Override
+ public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException {
+ Message message = JAXRSUtils.getCurrentMessage();
+ if (isServerGet(message)) {
+ return ctx.proceed();
+ } else {
+ prepareMessage(message);
+ Object object = ctx.proceed();
+ new StaxActionInInterceptor(requireSignature,
+ requireEncryption).handleMessage(message);
+ return object;
+ }
+
+ }
+
/**
* This interceptor handles parsing the StaX results (events) + checks to see whether the
* required (if any) Actions (signature or encryption) were fulfilled.
*/
- protected static class StaxActionInInterceptor extends AbstractPhaseInterceptor<Message> {
+ private static class StaxActionInInterceptor extends AbstractPhaseInterceptor<Message> {
private static final Logger LOG =
LogUtils.getL7dLogger(StaxActionInInterceptor.class);