You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/10/12 18:21:42 UTC
svn commit: r1182460 -
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Author: coheigea
Date: Wed Oct 12 16:21:42 2011
New Revision: 1182460
URL: http://svn.apache.org/viewvc?rev=1182460&view=rev
Log:
[CXF-3857] - Support for subclassing of STSClient and adding Claims to RST
- Patch applied, thanks.
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1182460&r1=1182459&r2=1182460&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java Wed Oct 12 16:21:42 2011
@@ -137,49 +137,50 @@ import org.apache.xml.security.keys.cont
public class STSClient implements Configurable, InterceptorProvider {
private static final Logger LOG = LogUtils.getL7dLogger(STSClient.class);
- Bus bus;
- String name = "default.sts-client";
- Client client;
- String location;
-
- String wsdlLocation;
- QName serviceName;
- QName endpointName;
-
- Policy policy;
- String soapVersion = SoapBindingConstants.SOAP11_BINDING_ID;
- int keySize = 256;
- boolean requiresEntropy = true;
- Element template;
- AlgorithmSuite algorithmSuite;
- String namespace = STSUtils.WST_NS_05_12;
- String addressingNamespace;
- Object onBehalfOf;
- boolean enableAppliesTo = true;
-
- boolean useCertificateForConfirmationKeyInfo;
- boolean isSecureConv;
- boolean enableLifetime;
- int ttl = 300;
-
- Object actAs;
- String tokenType;
- String keyType;
- boolean sendKeyType = true;
- Message message;
- String context;
+ protected Bus bus;
+ protected String name = "default.sts-client";
+ protected Client client;
+ protected String location;
+
+ protected String wsdlLocation;
+ protected QName serviceName;
+ protected QName endpointName;
+
+ protected Policy policy;
+ protected String soapVersion = SoapBindingConstants.SOAP11_BINDING_ID;
+ protected int keySize = 256;
+ protected boolean requiresEntropy = true;
+ protected Element template;
+ protected Element claims;
+ protected AlgorithmSuite algorithmSuite;
+ protected String namespace = STSUtils.WST_NS_05_12;
+ protected String addressingNamespace;
+ protected Object onBehalfOf;
+ protected boolean enableAppliesTo = true;
+
+ protected boolean useCertificateForConfirmationKeyInfo;
+ protected boolean isSecureConv;
+ protected boolean enableLifetime;
+ protected int ttl = 300;
+
+ protected Object actAs;
+ protected String tokenType;
+ protected String keyType;
+ protected boolean sendKeyType = true;
+ protected Message message;
+ protected String context;
- Map<String, Object> ctx = new HashMap<String, Object>();
+ protected Map<String, Object> ctx = new HashMap<String, Object>();
- List<Interceptor<? extends Message>> in
+ protected List<Interceptor<? extends Message>> in
= new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
- List<Interceptor<? extends Message>> out
+ protected List<Interceptor<? extends Message>> out
= new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
- List<Interceptor<? extends Message>> outFault
+ protected List<Interceptor<? extends Message>> outFault
= new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
- List<Interceptor<? extends Message>> inFault
+ protected List<Interceptor<? extends Message>> inFault
= new ModCountCopyOnWriteArrayList<Interceptor<? extends Message>>();
- List<AbstractFeature> features;
+ protected List<AbstractFeature> features;
public STSClient(Bus b) {
bus = b;
@@ -459,7 +460,7 @@ public class STSClient implements Config
}
}
}
- private String findMEXLocation(EndpointReferenceType ref) {
+ protected String findMEXLocation(EndpointReferenceType ref) {
if (ref.getMetadata() != null && ref.getMetadata().getAny() != null) {
for (Object any : ref.getMetadata().getAny()) {
if (any instanceof Element) {
@@ -472,7 +473,7 @@ public class STSClient implements Config
}
return EndpointReferenceUtils.getAddress(ref);
}
- private String findMEXLocation(Element ref) {
+ protected String findMEXLocation(Element ref) {
Element el = DOMUtils.getFirstElement(ref);
while (el != null) {
if (el.getLocalName().equals("Address")
@@ -489,7 +490,7 @@ public class STSClient implements Config
}
return null;
}
- private void createClient() throws BusException, EndpointException {
+ protected void createClient() throws BusException, EndpointException {
if (client != null) {
return;
}
@@ -526,7 +527,7 @@ public class STSClient implements Config
}
}
- private BindingOperationInfo findOperation(String suffix) {
+ protected BindingOperationInfo findOperation(String suffix) {
BindingInfo bi = client.getEndpoint().getBinding().getBindingInfo();
for (BindingOperationInfo boi : bi.getOperations()) {
SoapOperationInfo soi = boi.getExtensor(SoapOperationInfo.class);
@@ -616,6 +617,9 @@ public class STSClient implements Config
if (enableAppliesTo) {
addAppliesTo(writer, appliesTo);
}
+
+ addClaims(writer);
+
Element onBehalfOfToken = getOnBehalfOfToken();
if (onBehalfOfToken != null) {
writer.writeStartElement("wst", "OnBehalfOf", namespace);
@@ -696,7 +700,7 @@ public class STSClient implements Config
return getDelegationSecurityToken(this.actAs);
}
- private Element getDelegationSecurityToken(Object delegationObject) throws Exception {
+ protected Element getDelegationSecurityToken(Object delegationObject) throws Exception {
if (delegationObject != null) {
final boolean isString = delegationObject instanceof String;
final boolean isElement = delegationObject instanceof Element;
@@ -718,7 +722,7 @@ public class STSClient implements Config
return null;
}
- private byte[] writeElementsForRSTSymmetricKey(W3CDOMStreamWriter writer,
+ protected byte[] writeElementsForRSTSymmetricKey(W3CDOMStreamWriter writer,
boolean wroteKeySize) throws Exception {
byte[] requestorEntropy = null;
@@ -750,7 +754,7 @@ public class STSClient implements Config
}
- private void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer,
+ protected void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer,
X509Certificate cert) throws Exception {
writer.writeStartElement("wst", "UseKey", namespace);
writer.writeStartElement("dsig", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#");
@@ -783,13 +787,13 @@ public class STSClient implements Config
writer.writeEndElement();
}
- private void addRequestType(String requestType, W3CDOMStreamWriter writer) throws XMLStreamException {
+ protected void addRequestType(String requestType, W3CDOMStreamWriter writer) throws XMLStreamException {
writer.writeStartElement("wst", "RequestType", namespace);
writer.writeCharacters(namespace + requestType);
writer.writeEndElement();
}
- private Element getDocumentElement(DOMSource ds) {
+ protected Element getDocumentElement(DOMSource ds) {
Node nd = ds.getNode();
if (nd instanceof Document) {
nd = ((Document)nd).getDocumentElement();
@@ -805,7 +809,7 @@ public class STSClient implements Config
requestSecurityToken(tok.getIssuerAddress(), action, "/Renew", tok);
}
- private PrimitiveAssertion getAddressingAssertion() {
+ protected PrimitiveAssertion getAddressingAssertion() {
String ns = "http://schemas.xmlsoap.org/ws/2004/08/addressing/policy";
String local = "UsingAddressing";
if ("http://www.w3.org/2005/08/addressing".equals(addressingNamespace)) {
@@ -823,7 +827,7 @@ public class STSClient implements Config
return validateSecurityToken(tok, validateTokenType);
}
- private List<SecurityToken> validateSecurityToken(SecurityToken tok, String tokentype)
+ protected List<SecurityToken> validateSecurityToken(SecurityToken tok, String tokentype)
throws Exception {
createClient();
@@ -1014,11 +1018,11 @@ public class STSClient implements Config
}
}
- private boolean useSecondaryParameters() {
+ protected boolean useSecondaryParameters() {
return !STSUtils.WST_NS_05_02.equals(namespace);
}
- private String writeKeyType(W3CDOMStreamWriter writer, String keyTypeToWrite)
+ protected String writeKeyType(W3CDOMStreamWriter writer, String keyTypeToWrite)
throws XMLStreamException {
if (isSecureConv) {
if (keyTypeToWrite == null) {
@@ -1040,7 +1044,7 @@ public class STSClient implements Config
return keyTypeToWrite;
}
- private X509Certificate getCert(Crypto crypto) throws Exception {
+ protected X509Certificate getCert(Crypto crypto) throws Exception {
String alias = (String)getProperty(SecurityConstants.STS_TOKEN_USERNAME);
if (alias == null) {
alias = crypto.getDefaultX509Identifier();
@@ -1058,7 +1062,7 @@ public class STSClient implements Config
return certs[0];
}
- private void addLifetime(XMLStreamWriter writer) throws XMLStreamException {
+ protected void addLifetime(XMLStreamWriter writer) throws XMLStreamException {
Date creationTime = new Date();
Date expirationTime = new Date();
expirationTime.setTime(creationTime.getTime() + (ttl * 1000L));
@@ -1076,7 +1080,7 @@ public class STSClient implements Config
writer.writeEndElement();
}
- private void addAppliesTo(XMLStreamWriter writer, String appliesTo) throws XMLStreamException {
+ protected void addAppliesTo(XMLStreamWriter writer, String appliesTo) throws XMLStreamException {
if (appliesTo != null && addressingNamespace != null) {
writer.writeStartElement("wsp", "AppliesTo", "http://schemas.xmlsoap.org/ws/2004/09/policy");
writer.writeNamespace("wsp", "http://schemas.xmlsoap.org/ws/2004/09/policy");
@@ -1090,15 +1094,21 @@ public class STSClient implements Config
}
}
- private void addTokenType(XMLStreamWriter writer) throws XMLStreamException {
+ protected void addTokenType(XMLStreamWriter writer) throws XMLStreamException {
if (tokenType != null) {
writer.writeStartElement("wst", "TokenType", namespace);
writer.writeCharacters(tokenType);
writer.writeEndElement();
}
}
+
+ protected void addClaims(XMLStreamWriter writer) throws XMLStreamException {
+ if (claims != null) {
+ StaxUtils.copy(claims, writer);
+ }
+ }
- private SecurityToken createSecurityToken(Element el, byte[] requestorEntropy)
+ protected SecurityToken createSecurityToken(Element el, byte[] requestorEntropy)
throws WSSecurityException {
if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
@@ -1201,7 +1211,7 @@ public class STSClient implements Config
return token;
}
- private byte[] decryptKey(Element child) throws TrustException, WSSecurityException {
+ protected byte[] decryptKey(Element child) throws TrustException, WSSecurityException {
try {
EncryptedKeyProcessor proc = new EncryptedKeyProcessor();
WSDocInfo docInfo = new WSDocInfo(child.getOwnerDocument());
@@ -1220,7 +1230,7 @@ public class STSClient implements Config
}
}
- private CallbackHandler createHandler() {
+ protected CallbackHandler createHandler() {
Object o = getProperty(SecurityConstants.CALLBACK_HANDLER);
if (o instanceof String) {
try {
@@ -1233,7 +1243,7 @@ public class STSClient implements Config
return (CallbackHandler)o;
}
- private Object getProperty(String s) {
+ protected Object getProperty(String s) {
Object o = ctx.get(s);
if (o == null) {
o = client.getEndpoint().getEndpointInfo().getProperty(s);
@@ -1247,7 +1257,7 @@ public class STSClient implements Config
return o;
}
- private Crypto createCrypto(boolean decrypt) throws IOException, WSSecurityException {
+ protected Crypto createCrypto(boolean decrypt) throws IOException, WSSecurityException {
Crypto crypto = (Crypto)getProperty(SecurityConstants.STS_TOKEN_CRYPTO + (decrypt ? ".decrypt" : ""));
if (crypto != null) {
return crypto;
@@ -1287,7 +1297,7 @@ public class STSClient implements Config
return null;
}
- private String findID(Element rar, Element rur, Element rst) {
+ protected String findID(Element rar, Element rur, Element rst) {
String id = null;
if (rst != null) {
QName elName = DOMUtils.getElementQName(rst);
@@ -1314,7 +1324,7 @@ public class STSClient implements Config
return id;
}
- private String getIDFromSTR(Element el) {
+ protected String getIDFromSTR(Element el) {
Element child = DOMUtils.getFirstElement(el);
if (child == null) {
return null;
@@ -1335,6 +1345,10 @@ public class STSClient implements Config
public void setTemplate(Element rstTemplate) {
template = rstTemplate;
}
+
+ public void setClaims(Element rstClaims) {
+ claims = rstClaims;
+ }
public List<Interceptor<? extends Message>> getOutFaultInterceptors() {
if (client != null) {