You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2009/07/09 22:54:25 UTC
svn commit: r792685 - in /cxf/trunk:
distribution/src/main/release/samples/ws_security/interopfest/wstrust10/src/main/resources/etc/client.xml
rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Author: dkulp
Date: Thu Jul 9 20:54:25 2009
New Revision: 792685
URL: http://svn.apache.org/viewvc?rev=792685&view=rev
Log:
Turns out, we don't have to decrypt the internal token. Pass it back to
the target server and they should do it.
Modified:
cxf/trunk/distribution/src/main/release/samples/ws_security/interopfest/wstrust10/src/main/resources/etc/client.xml
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Modified: cxf/trunk/distribution/src/main/release/samples/ws_security/interopfest/wstrust10/src/main/resources/etc/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/interopfest/wstrust10/src/main/resources/etc/client.xml?rev=792685&r1=792684&r2=792685&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/interopfest/wstrust10/src/main/resources/etc/client.xml (original)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/interopfest/wstrust10/src/main/resources/etc/client.xml Thu Jul 9 20:54:25 2009
@@ -128,7 +128,6 @@
<entry key="ws-security.password" value="abcd!1234"/>
<entry key="ws-security.signature.properties" value="etc/wssip.properties"/>
<entry key="ws-security.sts.token.properties" value="etc/wssip.properties"/>
- <entry key="ws-security.sts.token.properties.decrypt" value="etc/bob.properties"/>
<entry key="ws-security.callback-handler" value="interop.client.KeystorePasswordCallback"/>
</map>
</property>
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=792685&r1=792684&r2=792685&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java Thu Jul 9 20:54:25 2009
@@ -101,7 +101,6 @@
import org.apache.ws.security.conversation.ConversationException;
import org.apache.ws.security.conversation.dkalgo.P_SHA1;
import org.apache.ws.security.message.token.Reference;
-import org.apache.ws.security.processor.EncryptedDataProcessor;
import org.apache.ws.security.processor.EncryptedKeyProcessor;
import org.apache.ws.security.util.Base64;
import org.apache.ws.security.util.WSSecurityUtil;
@@ -670,11 +669,6 @@
el = DOMUtils.getNextElement(el);
}
Element rstDec = rst;
- try {
- rstDec = decrypt(rst);
- } catch (IOException e1) {
- throw new TrustException(e1);
- }
String id = findID(rar, rur, rstDec);
if (StringUtils.isEmpty(id)) {
throw new TrustException(new Message("NO_ID", LOG));
@@ -736,27 +730,6 @@
return token;
}
- protected Element decrypt(Element firstElement) throws IOException {
- if ("EncryptedData".equals(firstElement.getLocalName())
- && "http://www.w3.org/2001/04/xmlenc#".equals(firstElement.getNamespaceURI())) {
- Node parent = firstElement.getParentNode();
- Node prev = firstElement.getPreviousSibling();
-
- // encrypted even more. WCF seems to do this periodically
- EncryptedDataProcessor processor = new EncryptedDataProcessor();
-
- processor.handleToken(firstElement, null, createCrypto(true), createHandler(), null,
- new Vector(), null);
-
- if (prev == null) {
- firstElement = (Element)parent.getFirstChild();
- } else {
- firstElement = (Element)prev.getNextSibling();
- }
- }
- return firstElement;
- }
-
private CallbackHandler createHandler() {
Object o = getProperty(SecurityConstants.CALLBACK_HANDLER);
if (o instanceof String) {