You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2013/06/10 16:21:46 UTC
svn commit: r1491462 - in /webservices/wss4j/trunk/ws-security-stax/src:
main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
Author: giger
Date: Mon Jun 10 14:21:46 2013
New Revision: 1491462
URL: http://svn.apache.org/r1491462
Log:
WSS-443 - Treat tokens received over TLS as "encrypted"
Modified:
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java?rev=1491462&r1=1491461&r2=1491462&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java Mon Jun 10 14:21:46 2013
@@ -258,6 +258,9 @@ public class InboundWSSecurityContextImp
} else if (signsSignature && signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
signedEndorsingEncryptedSupportingTokens = addTokenSecurityEvent(tokenSecurityEvent, signedEndorsingEncryptedSupportingTokens);
+ } else if (transportSecurityActive && signsTimestamp && signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
+ supportingTokensIterator.remove();
+ signedEndorsingEncryptedSupportingTokens = addTokenSecurityEvent(tokenSecurityEvent, signedEndorsingEncryptedSupportingTokens);
} else if (signsSignature && signingSecurityTokens.size() == 0 && encryptingSecurityTokens.size() > 0) {
supportingTokensIterator.remove();
endorsingEncryptedSupportingTokens = addTokenSecurityEvent(tokenSecurityEvent, endorsingEncryptedSupportingTokens);
Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java?rev=1491462&r1=1491461&r2=1491462&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java Mon Jun 10 14:21:46 2013
@@ -78,7 +78,7 @@ public class InboundWSSecurityContextImp
} else if (securityEvent instanceof X509TokenSecurityEvent) {
X509TokenSecurityEvent tokenSecurityEvent = (X509TokenSecurityEvent) securityEvent;
Assert.assertEquals(tokenSecurityEvent.getSecurityToken().getTokenUsages().size(), 1);
- Assert.assertTrue(tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_SignedEndorsingSupportingTokens));
+ Assert.assertTrue(tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_SignedEndorsingEncryptedSupportingTokens));
} else if (securityEvent instanceof UsernameTokenSecurityEvent) {
UsernameTokenSecurityEvent tokenSecurityEvent = (UsernameTokenSecurityEvent) securityEvent;
Assert.assertEquals(tokenSecurityEvent.getSecurityToken().getTokenUsages().size(), 1);
@@ -142,11 +142,11 @@ public class InboundWSSecurityContextImp
XMLSecEvent signedEndorsingSupportingTokenXmlEvent = XMLSecEventFactory.createXmlSecStartElement(WSSConstants.TAG_wsse_UsernameToken, null, null);
X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
- X509SecurityTokenImpl signedEndorsingSupportingToken = getX509Token(WSSecurityTokenConstants.X509V3Token);
- signedEndorsingSupportingToken.setElementPath(bstPath);
- signedEndorsingSupportingToken.setXMLSecEvent(signedEndorsingSupportingTokenXmlEvent);
- x509TokenSecurityEvent.setSecurityToken(signedEndorsingSupportingToken);
- signedEndorsingSupportingToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_Signature);
+ X509SecurityTokenImpl signedEndorsingEncryptedSupportingToken = getX509Token(WSSecurityTokenConstants.X509V3Token);
+ signedEndorsingEncryptedSupportingToken.setElementPath(bstPath);
+ signedEndorsingEncryptedSupportingToken.setXMLSecEvent(signedEndorsingSupportingTokenXmlEvent);
+ x509TokenSecurityEvent.setSecurityToken(signedEndorsingEncryptedSupportingToken);
+ signedEndorsingEncryptedSupportingToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_Signature);
inboundWSSecurityContext.registerSecurityEvent(x509TokenSecurityEvent);
SignatureValueSecurityEvent signatureValueSecurityEvent = new SignatureValueSecurityEvent();
@@ -155,11 +155,11 @@ public class InboundWSSecurityContextImp
List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
- SignedElementSecurityEvent signedTimestampElementSecurityEvent = new SignedElementSecurityEvent(signedEndorsingSupportingToken, true, protectionOrder);
+ SignedElementSecurityEvent signedTimestampElementSecurityEvent = new SignedElementSecurityEvent(signedEndorsingEncryptedSupportingToken, true, protectionOrder);
signedTimestampElementSecurityEvent.setElementPath(timestampPath);
inboundWSSecurityContext.registerSecurityEvent(signedTimestampElementSecurityEvent);
- SignedElementSecurityEvent signedBSTElementSecurityEvent = new SignedElementSecurityEvent(signedEndorsingSupportingToken, true, protectionOrder);
+ SignedElementSecurityEvent signedBSTElementSecurityEvent = new SignedElementSecurityEvent(signedEndorsingEncryptedSupportingToken, true, protectionOrder);
signedBSTElementSecurityEvent.setElementPath(bstPath);
signedBSTElementSecurityEvent.setXmlSecEvent(signedEndorsingSupportingTokenXmlEvent);
inboundWSSecurityContext.registerSecurityEvent(signedBSTElementSecurityEvent);