You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by sh...@apache.org on 2011/01/06 11:28:06 UTC
svn commit: r1055819 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/
rampart-trust/src/main/java/org/apache/rahas/
Author: shankar
Date: Thu Jan 6 10:28:05 2011
New Revision: 1055819
URL: http://svn.apache.org/viewvc?rev=1055819&view=rev
Log:
Applying patch from RAMPART-298
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/SimpleTokenStore.java
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/TokenStorage.java
Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1055819&r1=1055818&r2=1055819&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java Thu Jan 6 10:28:05 2011
@@ -148,6 +148,14 @@ public class RampartEngine {
signatureCrypto,
RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(),
msgCtx.getAxisService().getClassLoader()));
+
+ // Remove encryption tokens if this is the initiator and if initiator is receiving a message
+
+ if (rmd.isInitiator() && (msgCtx.getFLOW() == MessageContext.IN_FLOW ||
+ msgCtx.getFLOW() == MessageContext.IN_FAULT_FLOW)) {
+ tokenCallbackHandler.removeEncryptedToken();
+ }
+
} else {
if(doDebug){
log.debug("Processing security header in normal path");
Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java?rev=1055819&r1=1055818&r2=1055819&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java Thu Jan 6 10:28:05 2011
@@ -34,15 +34,19 @@ public class TokenCallbackHandler implem
private TokenStorage store;
private CallbackHandler handler;
-
+ private String tokenIdentifier;
+
public TokenCallbackHandler(TokenStorage store, CallbackHandler handler) {
this.store = store;
this.handler = handler;
+ this.tokenIdentifier = null;
}
+
+
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
-
+
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
@@ -67,8 +71,10 @@ public class TokenCallbackHandler implem
}
} else if (pc.getUsage() == WSPasswordCallback.ENCRYPTED_KEY_TOKEN){
try {
- String[] tokenIdentifiers = this.store.getTokenIdentifiers();
+
+ String[] tokenIdentifiers = this.store.getTokenIdentifiers();
Token tok;
+
for (int j = 0 ; j < tokenIdentifiers.length ; j++) {
tok = this.store.getToken(tokenIdentifiers[j]);
@@ -77,6 +83,8 @@ public class TokenCallbackHandler implem
((EncryptedKeyToken)tok).getSHA1().equals(id)){
pc.setKey(tok.getSecret());
pc.setCustomToken((Element)tok.getToken());
+
+ tokenIdentifier = tokenIdentifiers[j];
}
}
@@ -97,6 +105,14 @@ public class TokenCallbackHandler implem
}
}
}
+
+ public void removeEncryptedToken() {
+
+ if (tokenIdentifier != null) {
+ this.store.removeToken(tokenIdentifier);
+ }
+
+ }
Modified: axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/SimpleTokenStore.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/SimpleTokenStore.java?rev=1055819&r1=1055818&r2=1055819&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/SimpleTokenStore.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/SimpleTokenStore.java Thu Jan 6 10:28:05 2011
@@ -191,6 +191,17 @@ public class SimpleTokenStore implements
return token;
}
+ public void removeToken(String id){
+
+ writeLock.lock();
+
+ try {
+ this.tokens.remove(id);
+ } finally {
+ writeLock.unlock();
+ }
+ }
+
protected void processTokenExpiry() throws TrustException {
readLock.lock();
@@ -228,6 +239,4 @@ public class SimpleTokenStore implements
}
}
-
-
}
Modified: axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/TokenStorage.java
URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/TokenStorage.java?rev=1055819&r1=1055818&r2=1055819&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/TokenStorage.java (original)
+++ axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/TokenStorage.java Thu Jan 6 10:28:05 2011
@@ -83,5 +83,11 @@ public interface TokenStorage {
* @throws TrustException
*/
Token getToken(String id) throws TrustException;
-
+
+ /**
+ * Removes the given token from token storage.
+ * @param id Token id to remove.
+ */
+ void removeToken(String id);
+
}