You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ru...@apache.org on 2005/11/05 22:01:28 UTC
svn commit: r331033 - in
/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security:
WSDoAllSender.java handler/WSSHandlerConstants.java
handler/config/OutflowConfiguration.java util/MessageOptimizer.java
Author: ruchithf
Date: Sat Nov 5 13:01:25 2005
New Revision: 331033
URL: http://svn.apache.org/viewcvs?rev=331033&view=rev
Log:
1.) Enable preservation of the original env - this helps in securing MTOM scenarios
2.) Added support to handle multiple xpath expressions to select content to be optimized
Modified:
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/config/OutflowConfiguration.java
webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java?rev=331033&r1=331032&r2=331033&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/WSDoAllSender.java Sat Nov 5 13:01:25 2005
@@ -190,6 +190,14 @@
} else {
SOAPEnvelope processedEnv = null;
+ String preserve = null;
+ if ((preserve = (String) getOption(WSSHandlerConstants.PRESERVE_ORIGINAL_ENV)) == null) {
+ preserve = (String) getProperty(msgContext, WSSHandlerConstants.PRESERVE_ORIGINAL_ENV);
+ }
+ if(preserve != null) {
+ this.preserveOriginalEnvelope = "true".equalsIgnoreCase(preserve);
+ }
+
if(preserveOriginalEnvelope) {
processedEnv = Axis2Util.getSOAPEnvelopeFromDocument(doc,reqData.getSoapConstants(), msgContext.getEnvelope());
// msgContext.getEnvelope().build();
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java?rev=331033&r1=331032&r2=331033&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/WSSHandlerConstants.java Sat Nov 5 13:01:25 2005
@@ -54,6 +54,9 @@
*/
public static final String OPTIMIZE_PARTS = "optimizeParts";
+ public static final String PRESERVE_ORIGINAL_ENV = "preserveOriginalEnvelope";
+
+
/*
* These are useful in configuring using the OutflowConfiguration
* and InflowConfiguration
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/config/OutflowConfiguration.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/config/OutflowConfiguration.java?rev=331033&r1=331032&r2=331033&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/config/OutflowConfiguration.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/handler/config/OutflowConfiguration.java Sat Nov 5 13:01:25 2005
@@ -490,4 +490,22 @@
return (String) this.actionList[this.currentAction]
.get(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION);
}
+
+ /**
+ * Sets whether signature confirmation should be enabled or not
+ * @param embeddedKeyName
+ */
+ public void setPreserveOriginalEnvelope(boolean value) {
+ this.actionList[this.currentAction].put(
+ WSSHandlerConstants.PRESERVE_ORIGINAL_ENV, value?"true":"false");
+ }
+
+ /**
+ * Returns whether signature confirmation should be enabled or not
+ * @return
+ */
+ public String getPreserveOriginalEnvelope() {
+ return (String) this.actionList[this.currentAction]
+ .get(WSSHandlerConstants.PRESERVE_ORIGINAL_ENV);
+ }
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java?rev=331033&r1=331032&r2=331033&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/axis2/security/util/MessageOptimizer.java Sat Nov 5 13:01:25 2005
@@ -26,8 +26,11 @@
import org.jaxen.SimpleNamespaceContext;
import org.jaxen.XPath;
+import sun.security.krb5.internal.n;
+
import java.util.Iterator;
import java.util.List;
+import java.util.StringTokenizer;
/**
* Utility class to handle MTOM-Optimizing Base64 Text values
@@ -37,21 +40,28 @@
/**
* Mark the requied Base64 text values as optimized
* @param env
- * @param optimizeParts This is a set of xPath expressions
- * (NOTE: Right now we support only one expression)
+ * @param optimizeParts This is a set of xPath expressions
+ *
* @throws WSSecurityException
*/
public static void optimize(SOAPEnvelope env, String optimizeParts) throws WSSecurityException {
+ String separater = "<>";
+ StringTokenizer tokenizer = new StringTokenizer(optimizeParts, separater);
- //Find binary content
- List list = findElements(env,optimizeParts);
-
- Iterator cipherValueElements = list.iterator();
-
- while (cipherValueElements.hasNext()) {
- OMElement element = (OMElement) cipherValueElements.next();
- OMText text = (OMText)element.getFirstOMChild();
- text.setOptimize(true);
+ while(tokenizer.hasMoreTokens()) {
+
+ String xpathExpr = tokenizer.nextToken();
+
+ //Find binary content
+ List list = findElements(env,xpathExpr);
+
+ Iterator cipherValueElements = list.iterator();
+
+ while (cipherValueElements.hasNext()) {
+ OMElement element = (OMElement) cipherValueElements.next();
+ OMText text = (OMText)element.getFirstOMChild();
+ text.setOptimize(true);
+ }
}
}