You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by we...@apache.org on 2004/03/03 21:44:52 UTC
cvs commit: ws-fx/wss4j/src/org/apache/ws/security/message/token UsernameToken.java
werner 2004/03/03 12:44:51
Modified: wss4j/src/org/apache/ws/security WSConstants.java
wss4j/src/org/apache/ws/axis/security WSDoAllConstants.java
WSDoAllSender.java
wss4j/src/org/apache/ws/security/message/token
UsernameToken.java
Log:
Fix problem with UsernameToken (password type,
setting of Nonce, timestamp)
Revision Changes Path
1.5 +3 -0 ws-fx/wss4j/src/org/apache/ws/security/WSConstants.java
Index: WSConstants.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/WSConstants.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- WSConstants.java 29 Feb 2004 13:38:18 -0000 1.4
+++ WSConstants.java 3 Mar 2004 20:44:51 -0000 1.5
@@ -86,6 +86,7 @@
* <p/>
* This is a required method as defined by WS Specification, Username token profile.
*/
+ public static final String PW_DIGEST = "PasswordDigest";
public static final String PASSWORD_DIGEST = WSSE_NS + "#PasswordDigest";
/**
@@ -94,6 +95,8 @@
* <p/>
* This is a required method as defined by WS Specification, Username token profile.
*/
+ public static final String PW_TEXT = "PasswordText";
+
public static final String PASSWORD_TEXT = WSSE_NS + "#PasswordText";
/**
1.3 +4 -4 ws-fx/wss4j/src/org/apache/ws/axis/security/WSDoAllConstants.java
Index: WSDoAllConstants.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/axis/security/WSDoAllConstants.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- WSDoAllConstants.java 26 Feb 2004 12:59:42 -0000 1.2
+++ WSDoAllConstants.java 3 Mar 2004 20:44:51 -0000 1.3
@@ -412,17 +412,17 @@
* Specific parameter for UsernameToken action to define the encoding
* of the passowrd.
* <p/>
- * The parameter can be set to either {@link WSConstants#PASSWORD_DIGEST}
- * or to {@link WSConstants#PASSWORD_TEXT}.
+ * The parameter can be set to either {@link WSConstants#PW_DIGEST}
+ * or to {@link WSConstants#PW_TEXT}.
* <p/>
* The application may set this parameter using the following method:
* <pre>
- * call.setProperty(WSDoAllConstants.PASSWORD_TYPE, WSConstants.PASSWORD_DIGEST);
+ * call.setProperty(WSDoAllConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
* </pre>
* However, the parameter in the WSDD deployment file overwrites the
* property setting (deployment setting overwrites application setting).
* <p/>
- * The default setting is PASSWORD_DIGEST.
+ * The default setting is PW_DIGEST.
*/
public static final String PASSWORD_TYPE = "passwordType";
1.3 +13 -6 ws-fx/wss4j/src/org/apache/ws/axis/security/WSDoAllSender.java
Index: WSDoAllSender.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/axis/security/WSDoAllSender.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- WSDoAllSender.java 26 Feb 2004 12:59:42 -0000 1.2
+++ WSDoAllSender.java 3 Mar 2004 20:44:51 -0000 1.3
@@ -232,19 +232,20 @@
WSSAddUsernameToken builder =
new WSSAddUsernameToken(actor, mu);
builder.setPasswordType(pwType);
+ // add the UsernameToken to the SOAP Enevelope
+ builder.build(doc, username, password);
if (utElements != null && utElements.length > 0) {
for (int j = 0; j < utElements.length; j++) {
- if (utElements[i].equals("Nonce")) {
+ utElements[j].trim();
+ if (utElements[j].equals("Nonce")) {
builder.addNonce(doc);
}
- if (utElements[i].equals("Created")) {
+ if (utElements[j].equals("Created")) {
builder.addCreated(doc);
}
}
}
- // add the UsernameToken to the SOAP Enevelope
- builder.build(doc, username, password);
break;
case WSConstants.ENCR :
@@ -418,11 +419,17 @@
pwType =
(String) msgContext.getProperty(WSDoAllConstants.PASSWORD_TYPE);
}
+ if (pwType != null) {
+ pwType =
+ pwType.equals(WSConstants.PW_TEXT)
+ ? WSConstants.PASSWORD_TEXT
+ : WSConstants.PASSWORD_DIGEST;
+ }
String tmpS = null;
- if ((tmpS = (String) getOption(WSDoAllConstants.PASSWORD_TYPE))
+ if ((tmpS = (String) getOption(WSDoAllConstants.ADD_UT_ELEMENTS))
== null) {
tmpS =
- (String) msgContext.getProperty(WSDoAllConstants.PASSWORD_TYPE);
+ (String) msgContext.getProperty(WSDoAllConstants.ADD_UT_ELEMENTS);
}
if (tmpS != null) {
utElements = tmpS.split(" ");
1.3 +8 -7 ws-fx/wss4j/src/org/apache/ws/security/message/token/UsernameToken.java
Index: UsernameToken.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/message/token/UsernameToken.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- UsernameToken.java 29 Feb 2004 13:38:18 -0000 1.2
+++ UsernameToken.java 3 Mar 2004 20:44:51 -0000 1.3
@@ -142,13 +142,8 @@
hashed = false;
} else {
hashed = true;
-
- if (elementNonce == null) {
- addNonce(doc);
- }
- if (elementCreated == null) {
- addCreated(doc);
- }
+ addNonce(doc);
+ addCreated(doc);
}
}
@@ -156,6 +151,9 @@
* Creates and adds a Nonce element to this UsernameToken
*/
public void addNonce(Document doc) {
+ if (elementNonce != null) {
+ return;
+ }
byte[] nonceValue = new byte[16];
random.nextBytes(nonceValue);
this.elementNonce = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" + WSConstants.NONCE_LN);
@@ -168,6 +166,9 @@
* Creates and adds a Created element to this UsernameToken
*/
public void addCreated(Document doc) {
+ if (elementCreated != null) {
+ return;
+ }
SimpleDateFormat zulu = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
zulu.setTimeZone(TimeZone.getTimeZone("GMT"));
Calendar rightNow = Calendar.getInstance();