You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/04/13 12:16:27 UTC
cxf git commit: Removing WSS4J dependency from a CallbackHandler call
in rt-security
Repository: cxf
Updated Branches:
refs/heads/master 7a17ee621 -> 71e9ada9b
Removing WSS4J dependency from a CallbackHandler call in rt-security
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/71e9ada9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/71e9ada9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/71e9ada9
Branch: refs/heads/master
Commit: 71e9ada9b119ad8d960b9be15bc5689d718273ef
Parents: 7a17ee6
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon Apr 13 11:15:48 2015 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Mon Apr 13 11:15:48 2015 +0100
----------------------------------------------------------------------
.../security/saml/sso/AbstractSSOSpHandler.java | 2 +-
.../cxf/rs/security/common/SecurityUtils.java | 6 +++++-
.../cxf/rt/security/utils/SecurityUtils.java | 12 ++++-------
.../cxf/ws/security/kerberos/KerberosUtils.java | 14 ++++++++-----
.../SpnegoContextTokenOutInterceptor.java | 3 +--
.../wss4j/AbstractTokenInterceptor.java | 3 +--
.../wss4j/AbstractWSS4JStaxInterceptor.java | 7 ++++++-
.../wss4j/BinarySecurityTokenInterceptor.java | 6 +++++-
.../ws/security/wss4j/SamlTokenInterceptor.java | 6 +++++-
.../wss4j/UsernameTokenInterceptor.java | 6 +++++-
.../ws/security/wss4j/WSS4JInInterceptor.java | 7 ++++++-
.../policyhandlers/AbstractBindingBuilder.java | 21 +++++++++++---------
.../AbstractStaxBindingHandler.java | 14 ++++++++-----
.../org/apache/cxf/sts/StaticSTSProperties.java | 2 +-
.../apache/cxf/sts/token/realm/SAMLRealm.java | 2 +-
.../crypto/provider/CryptoProviderUtils.java | 3 +--
16 files changed, 72 insertions(+), 42 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
index d9d4572..6c02ed3 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
@@ -177,7 +177,7 @@ public class AbstractSSOSpHandler {
LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
return null;
}
- } catch (WSSecurityException ex) {
+ } catch (Exception ex) {
LOG.log(Level.FINE, "Error in loading callback handler", ex);
return null;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
index bc9849f..06b3462 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
@@ -153,7 +153,11 @@ public final class SecurityUtils {
//Then try to get the password from the given callback handler
Object o = message.getContextualProperty(callbackProperty);
- return org.apache.cxf.rt.security.utils.SecurityUtils.getCallbackHandler(o);
+ try {
+ return org.apache.cxf.rt.security.utils.SecurityUtils.getCallbackHandler(o);
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java b/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
index 1f918f7..d86f115 100644
--- a/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
+++ b/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
@@ -35,7 +35,6 @@ import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.PhaseInterceptorChain;
import org.apache.cxf.resource.ResourceManager;
-import org.apache.wss4j.common.ext.WSSecurityException;
/**
* Some common functionality
@@ -48,17 +47,14 @@ public final class SecurityUtils {
// complete
}
- public static CallbackHandler getCallbackHandler(Object o) throws WSSecurityException {
+ public static CallbackHandler getCallbackHandler(Object o) throws InstantiationException,
+ IllegalAccessException, ClassNotFoundException {
CallbackHandler handler = null;
if (o instanceof CallbackHandler) {
handler = (CallbackHandler)o;
} else if (o instanceof String) {
- try {
- handler = (CallbackHandler)ClassLoaderUtils.loadClass((String)o,
- SecurityUtils.class).newInstance();
- } catch (Exception e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
- }
+ handler = (CallbackHandler)ClassLoaderUtils.loadClass((String)o,
+ SecurityUtils.class).newInstance();
}
return handler;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
index 62c4dd3..f5e9c28 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
@@ -46,10 +46,15 @@ public final class KerberosUtils {
(String)message.getContextualProperty(SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME);
String kerberosSpn =
(String)message.getContextualProperty(SecurityConstants.KERBEROS_SPN);
- CallbackHandler callbackHandler =
- SecurityUtils.getCallbackHandler(
- message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER)
- );
+ try {
+ CallbackHandler callbackHandler =
+ SecurityUtils.getCallbackHandler(
+ message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER)
+ );
+ client.setCallbackHandler(callbackHandler);
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
boolean useCredentialDelegation =
MessageUtils.getContextualBoolean(message,
SecurityConstants.KERBEROS_USE_CREDENTIAL_DELEGATION,
@@ -67,7 +72,6 @@ public final class KerberosUtils {
client.setContextName(jaasContext);
client.setServiceName(kerberosSpn);
- client.setCallbackHandler(callbackHandler);
client.setUseDelegatedCredential(useCredentialDelegation);
client.setUsernameServiceNameForm(isInServiceNameForm);
client.setRequestCredentialDelegation(requestCredentialDelegation);
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
index 48cf22c..a2608b1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
@@ -38,7 +38,6 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.trust.STSUtils;
-import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.spnego.SpnegoClientAction;
import org.apache.wss4j.common.spnego.SpnegoTokenContext;
import org.apache.wss4j.policy.SPConstants;
@@ -117,7 +116,7 @@ class SpnegoContextTokenOutInterceptor extends AbstractPhaseInterceptor<SoapMess
);
spnegoToken.retrieveServiceTicket(jaasContext, callbackHandler, kerberosSpn);
- } catch (WSSecurityException e) {
+ } catch (Exception e) {
throw new Fault(e);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
index 258d043..5bd393a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
@@ -51,7 +51,6 @@ import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.wss4j.common.ext.WSPasswordCallback;
-import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AbstractToken;
@@ -184,7 +183,7 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor {
policyNotAsserted(info, "No callback handler and no password available", message);
return null;
}
- } catch (WSSecurityException ex) {
+ } catch (Exception ex) {
policyNotAsserted(info, "No callback handler and no password available", message);
return null;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
index 27737f8..bed078f 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
@@ -193,7 +193,12 @@ public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
SoapMessage soapMessage, WSSSecurityProperties securityProperties
) throws WSSecurityException {
Object o = soapMessage.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
- CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(o);
+ CallbackHandler callbackHandler = null;
+ try {
+ callbackHandler = SecurityUtils.getCallbackHandler(o);
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
if (callbackHandler != null) {
EndpointInfo info = soapMessage.getExchange().get(Endpoint.class).getEndpointInfo();
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
index b28cddc..e57780a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
@@ -105,7 +105,11 @@ public class BinarySecurityTokenInterceptor extends AbstractTokenInterceptor {
WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument());
RequestData data = new CXFRequestData();
Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
- data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+ try {
+ data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
data.setMsgContext(message);
data.setWssConfig(WSSConfig.getNewInstance());
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index d00288f..526e96d 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -173,7 +173,11 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
RequestData data = new CXFRequestData();
Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
- data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+ try {
+ data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
data.setMsgContext(message);
data.setWssConfig(WSSConfig.getNewInstance());
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
index d3a5f36..e7eb8e1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
@@ -199,7 +199,11 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor {
RequestData data = new CXFRequestData();
Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
- data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+ try {
+ data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
data.setMsgContext(message);
// Configure replay caching
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 35a2ac8..af43f97 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -659,7 +659,12 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor {
protected CallbackHandler getCallback(RequestData reqData) throws WSSecurityException {
Object o = ((SoapMessage)reqData.getMsgContext())
.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
- CallbackHandler cbHandler = SecurityUtils.getCallbackHandler(o);
+ CallbackHandler cbHandler = null;
+ try {
+ cbHandler = SecurityUtils.getCallbackHandler(o);
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
if (cbHandler == null) {
try {
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 9cb41fd..3a2e995 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -832,12 +832,6 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
}
}
- CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
- if (handler == null) {
- unassertPolicy(token, "No SAML CallbackHandler available");
- return null;
- }
-
SAMLCallback samlCallback = new SAMLCallback();
SamlTokenType tokenType = token.getSamlTokenType();
if (tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) {
@@ -845,7 +839,16 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
} else if (tokenType == SamlTokenType.WssSamlV20Token11) {
samlCallback.setSamlVersion(Version.SAML_20);
}
- SAMLUtil.doSAMLCallback(handler, samlCallback);
+ try {
+ CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
+ if (handler == null) {
+ unassertPolicy(token, "No SAML CallbackHandler available");
+ return null;
+ }
+ SAMLUtil.doSAMLCallback(handler, samlCallback);
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
if (samlCallback.isSignAssertion()) {
@@ -923,7 +926,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
unassertPolicy(info, "No callback handler and no password available");
return null;
}
- } catch (WSSecurityException ex) {
+ } catch (Exception ex) {
unassertPolicy(info, "No callback handler and no password available");
return null;
}
@@ -1486,7 +1489,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
if (callbackHandler != null) {
return new JasyptPasswordEncryptor(callbackHandler);
}
- } catch (WSSecurityException ex) {
+ } catch (Exception ex) {
return null;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
index efdf187..1c4d3c2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
@@ -286,12 +286,16 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
// Get the SAML CallbackHandler
//
Object o = message.getContextualProperty(SecurityConstants.SAML_CALLBACK_HANDLER);
- CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
- if (handler == null) {
- unassertPolicy(token, "No SAML CallbackHandler available");
- return null;
+ try {
+ CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
+ if (handler == null) {
+ unassertPolicy(token, "No SAML CallbackHandler available");
+ return null;
+ }
+ properties.setSamlCallbackHandler(handler);
+ } catch (Exception ex) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
}
- properties.setSamlCallbackHandler(handler);
// Action
WSSConstants.Action actionToPerform = WSSConstants.SAML_TOKEN_UNSIGNED;
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
index fa92bad..3dfbe54 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
@@ -109,7 +109,7 @@ public class StaticSTSProperties implements STSPropertiesMBean {
LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
throw new STSException("Configuration error: cannot load callback handler");
}
- } catch (WSSecurityException ex) {
+ } catch (Exception ex) {
LOG.fine("Error in loading the callback handler: " + ex.getMessage());
throw new STSException(ex.getMessage());
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
index 01aaf6f..881a19f 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
@@ -168,7 +168,7 @@ public class SAMLRealm {
LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
throw new STSException("Configuration error: cannot load callback handler");
}
- } catch (WSSecurityException ex) {
+ } catch (Exception ex) {
LOG.fine("Error in loading the callback handler object: " + ex.getMessage());
throw new STSException(ex.getMessage());
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
----------------------------------------------------------------------
diff --git a/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java b/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
index 1d55a25..6d46d08 100644
--- a/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
+++ b/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
@@ -28,7 +28,6 @@ import org.apache.cxf.rt.security.utils.SecurityUtils;
import org.apache.cxf.xkms.crypto.CryptoProviderException;
import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.ext.WSPasswordCallback;
-import org.apache.wss4j.common.ext.WSSecurityException;
final class CryptoProviderUtils {
@@ -68,7 +67,7 @@ final class CryptoProviderUtils {
}
return getCallbackPwd(userName, usage, handler);
- } catch (WSSecurityException ex) {
+ } catch (Exception ex) {
throw new CryptoProviderException("No callback handler and no password available", ex);
}
}