cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: opensaml-1.1 dependency [was: svn commit: r663146 - in /cxf/branches/2.0.x-fixes: ...]
Date Fri, 06 Jun 2008 14:44:08 GMT

On Jun 6, 2008, at 6:55 AM, Eoghan Glynn wrote:

>
> Hi Dan,
>
> I had to do an manual install of opensaml-1.1.jar in my local repo  
> in order to get a 2.0.x build to work.

That's not good.

> Is the opensaml stuff up on some obscure maven-repo that I need to  
> add to my ~/.m2/settings.xml?
>

Yea.  It's in the webservices groups little repository.   It should  
have worked fine though without modifiying your settings.xml.   
cruisecontrol was OK with it.  Maybe a network glitch or something.    
Strange.

Dan



> Cheers,
> Eoghan
>
>
> dkulp@apache.org wrote:
>> Author: dkulp
>> Date: Wed Jun  4 07:58:47 2008
>> New Revision: 663146
>> URL: http://svn.apache.org/viewvc?rev=663146&view=rev
>> Log:
>> Merged revisions 662883 via svnmerge from https://svn.apache.org/repos/asf/cxf/trunk
>> ........
>>  r662883 | dkulp | 2008-06-03 16:55:58 -0400 (Tue, 03 Jun 2008) | 3  
>> lines
>>    [CXF-1627] Update to latest wss4j to remove hacks needed to  
>> workaround bugs in the older version.
>>  Note: wss4j 1.5.4 requires the opensaml library to work at all.    
>> Thus, that is added.
>> ........
>> Modified:
>>    cxf/branches/2.0.x-fixes/   (props changed)
>>    cxf/branches/2.0.x-fixes/buildtools/src/main/resources/notice- 
>> supplements.xml
>>    cxf/branches/2.0.x-fixes/rt/ws/security/pom.xml
>>    cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/apache/ 
>> cxf/ws/security/wss4j/WSS4JInInterceptor.java
>>    cxf/branches/2.0.x-fixes/rt/ws/security/src/test/java/org/apache/ 
>> cxf/ws/security/wss4j/WSS4JInOutTest.java
>> Propchange: cxf/branches/2.0.x-fixes/
>> ------------------------------------------------------------------------------
>> Binary property 'svnmerge-integrated' - no diff available.
>> Modified: cxf/branches/2.0.x-fixes/buildtools/src/main/resources/ 
>> notice-supplements.xml
>> URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/buildtools/src/main/resources/notice-supplements.xml?rev=663146&r1=663145&r2=663146&view=diff
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> =====================================================================
>> --- cxf/branches/2.0.x-fixes/buildtools/src/main/resources/notice- 
>> supplements.xml (original)
>> +++ cxf/branches/2.0.x-fixes/buildtools/src/main/resources/notice- 
>> supplements.xml Wed Jun  4 07:58:47 2008
>> @@ -162,7 +162,7 @@
>>   </supplement>
>>   <supplement>
>>     <project>
>> -      <groupId>xml-security</groupId>
>> +      <groupId>org.apache.santuario</groupId>
>>       <artifactId>xmlsec</artifactId>
>>       <name>XML Security</name>
>>       <organization>
>> @@ -177,6 +177,23 @@
>>       </licenses>
>>     </project>
>>   </supplement>
>> +    <supplement>
>> +    <project>
>> +      <groupId>opensaml</groupId>
>> +      <artifactId>opensaml</artifactId>
>> +      <name>OpenSAML</name>
>> +      <organization>
>> +        <name>Internet2</name>
>> +        <url>http://www.opensaml.org</url>
>> +      </organization>
>> +      <licenses>
>> +        <license>
>> +          <name>The Apache Software License, Version 2.0</name>
>> +          <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
>> +        </license>
>> +      </licenses>
>> +    </project>
>> +  </supplement>
>>   <supplement>
>>     <project>
>>       <groupId>xml-apis</groupId>
>> Modified: cxf/branches/2.0.x-fixes/rt/ws/security/pom.xml
>> URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/rt/ws/security/pom.xml?rev=663146&r1=663145&r2=663146&view=diff
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> =====================================================================
>> --- cxf/branches/2.0.x-fixes/rt/ws/security/pom.xml (original)
>> +++ cxf/branches/2.0.x-fixes/rt/ws/security/pom.xml Wed Jun  4  
>> 07:58:47 2008
>> @@ -60,13 +60,29 @@
>>         <dependency>
>>             <groupId>org.apache.ws.security</groupId>
>>             <artifactId>wss4j</artifactId>
>> -            <version>1.5.2</version>
>> -        </dependency>
>> -        <dependency>
>> -            <groupId>xml-security</groupId>
>> -            <artifactId>xmlsec</artifactId>
>> -            <version>1.3.0</version>
>> -            <scope>runtime</scope>
>> +            <version>1.5.4</version>
>> +            <exclusions>
>> +                <exclusion>
>> +                    <groupId>axis</groupId>
>> +                    <artifactId>axis</artifactId>
>> +                </exclusion>
>> +                <exclusion>
>> +                    <groupId>axis</groupId>
>> +                    <artifactId>axis-ant</artifactId>
>> +                </exclusion>
>> +                <exclusion>
>> +                    <groupId>bouncycastle</groupId>
>> +                    <artifactId>bcprov-jdk15</artifactId>
>> +                </exclusion>
>> +                <exclusion>
>> +                    <groupId>xerces</groupId>
>> +                    <artifactId>xercesImpl</artifactId>
>> +                </exclusion>
>> +                <exclusion>
>> +                    <groupId>xml-apis</groupId>
>> +                    <artifactId>xml-apis</artifactId>
>> +                </exclusion>
>> +            </exclusions>
>>         </dependency>
>>         <dependency>
>>             <groupId>xalan</groupId>
>> Modified: cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/ 
>> apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
>> URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=663146&r1=663145&r2=663146&view=diff
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> =====================================================================
>> --- cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/ 
>> apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java (original)
>> +++ cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/ 
>> apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java Wed Jun  4  
>> 07:58:47 2008
>> @@ -24,8 +24,8 @@
>> import java.util.Vector;
>> import java.util.logging.Level;
>> import java.util.logging.Logger;
>> -
>> import javax.security.auth.callback.CallbackHandler;
>> +import javax.xml.namespace.QName;
>> import javax.xml.soap.SOAPBody;
>> import javax.xml.soap.SOAPException;
>> import javax.xml.soap.SOAPMessage;
>> @@ -44,6 +44,8 @@
>> import org.apache.cxf.phase.Phase;
>> import org.apache.cxf.staxutils.StaxUtils;
>> import org.apache.ws.security.WSConstants;
>> +import org.apache.ws.security.WSSConfig;
>> +import org.apache.ws.security.WSSecurityEngine;
>> import org.apache.ws.security.WSSecurityEngineResult;
>> import org.apache.ws.security.WSSecurityException;
>> import org.apache.ws.security.handler.RequestData;
>> @@ -61,12 +63,18 @@
>>      public static final String TIMESTAMP_RESULT =  
>> "wss4j.timestamp.result";
>>     public static final String SIGNATURE_RESULT =  
>> "wss4j.signature.result";
>> +    public static final String PROCESSOR_MAP =  
>> "wss4j.processor.map";
>>      private static final Logger LOG =  
>> LogUtils.getL7dLogger(WSS4JInInterceptor.class);
>>     private static final Logger TIME_LOG =  
>> LogUtils.getL7dLogger(WSS4JInInterceptor.class,
>>                                                                   
>> null,
>>                                                                   
>> WSS4JInInterceptor.class.getName()
>>                                                                      + 
>>  "-Time");
>> +
>> +    /**
>> +     *
>> +     */
>> +    private WSSecurityEngine secEngineOverride;
>>          public WSS4JInInterceptor() {
>>         super();
>> @@ -75,9 +83,15 @@
>>         getAfter().add(SAAJInInterceptor.class.getName());
>>     }
>> +    @SuppressWarnings("unchecked")
>>     public WSS4JInInterceptor(Map<String, Object> properties) {
>>         this();
>>         setProperties(properties);
>> +        final Map<QName, String> map = +            (Map<QName,  
>> String>) properties.get(PROCESSOR_MAP);
>> +        if (map != null) {
>> +            secEngineOverride = createSecurityEngine(map);
>> +        }
>>     }
>>      @SuppressWarnings("unchecked")
>> @@ -127,15 +141,20 @@
>>              * they may be used for encryption too.
>>              */
>>             doReceiverAction(doAction, reqData);
>> -
>> +                         Vector wsResult = null;
>>             if (doTimeLog) {
>>                 t1 = System.currentTimeMillis();
>>             }
>>              try {
>> -                wsResult =  
>> secEngine.processSecurityHeader(doc.getSOAPPart(), actor,  
>> cbHandler, reqData
>> -                    .getSigCrypto(), reqData.getDecCrypto());
>> +                wsResult =  
>> getSecurityEngine().processSecurityHeader(
>> +                    doc.getSOAPPart(), +                    actor,  
>> +                    cbHandler, +                     
>> reqData.getSigCrypto(), +                    reqData.getDecCrypto()
>> +                );
>>             } catch (WSSecurityException ex) {
>>                 LOG.log(Level.WARNING, "", ex);
>>                 throw new SoapFault(new Message("SECURITY_FAILED",  
>> LOG), ex, version.getSender());
>> @@ -157,13 +176,6 @@
>>             if  
>> (reqData.getWssConfig().isEnableSignatureConfirmation()) {
>>                 checkSignatureConfirmation(reqData, wsResult);
>>             }
>> -            -            //
>> -            // Now remove the Signature Confirmation results. This  
>> is needed to work around the
>> -            // wsResult.size() != actions.size() comparison below.  
>> The real issue is to fix the
>> -            // broken checkReceiverResults method in WSS4J.
>> -            //
>> -            removeSignatureConfirmationResults(wsResult);
>>              /*
>>              * Now we can check the certificate used to sign the  
>> message. In the
>> @@ -213,11 +225,8 @@
>>              /*
>>              * now check the security actions: do they match, in  
>> right order?
>> -             *
>> -             * Added size comparison to work around
>> -             * https://issues.apache.org/jira/browse/WSS-70
>>              */
>> -            if (wsResult.size() != actions.size() || ! 
>> checkReceiverResults(wsResult, actions)) {
>> +            if (!checkReceiverResults(wsResult, actions)) {
>>                 LOG.warning("Security processing failed (actions  
>> mismatch)");
>>                 throw new SoapFault(new Message("ACTION_MISMATCH",  
>> LOG), version.getSender());
>> @@ -303,18 +312,52 @@
>>         return cbHandler;
>>     }
>>     -    private void  
>> removeSignatureConfirmationResults(List<Object> wsResult) {
>> -        //
>> -        // Now remove the Signature Confirmation results. This is  
>> needed to work around the
>> -        // wsResult.size() != actions.size() comparison below. The  
>> real issue is to fix the
>> -        // broken checkReceiverResults method in WSS4J.
>> -        //
>> -        for (int i = 0; i < wsResult.size(); i++) {
>> -            Integer action = (Integer) 
>> ((WSSecurityEngineResult)wsResult.get(i))
>> -                .get(WSSecurityEngineResult.TAG_ACTION);
>> -            if (action != null && action.intValue() ==  
>> WSConstants.SC) {
>> -                wsResult.remove(i);
>> +    /**
>> +     * @return      the WSSecurityEngine in use by this interceptor.
>> +     *              This engine is defined to be the  
>> secEngineOverride
>> +     *              instance, if defined in this class (and  
>> supplied through
>> +     *              construction); otherwise, it is taken to be  
>> the default
>> +     *              WSSecEngine instance (currently defined in the  
>> WSHandler
>> +     *              base class).
>> +     *
>> +     * TODO the WSHandler base class defines secEngine to be  
>> static, which
>> +     * is really bad, because the engine has mutable state on it.
>> +     */
>> +    private WSSecurityEngine
>> +    getSecurityEngine() {
>> +        if (secEngineOverride != null) {
>> +            return secEngineOverride;
>> +        }
>> +        return secEngine;
>> +    }
>> +
>> +    /**
>> +     * @return      a freshly minted WSSecurityEngine instance,  
>> using the
>> +     *              (non-null) processor map, to be used to  
>> initialize the
>> +     *              WSSecurityEngine instance.
>> +     *
>> +     * TODO The WSS4J APIs leave something to be desired here, but  
>> hopefully
>> +     * we'll clean all this up in WSS4J-2.0
>> +     */
>> +    private WSSecurityEngine
>> +    createSecurityEngine(
>> +        final Map<QName, String> map
>> +    ) {
>> +        assert map != null;
>> +        final WSSConfig config = WSSConfig.getNewInstance();
>> +        for (Map.Entry<QName, String> entry : map.entrySet()) {
>> +            final QName key = entry.getKey();
>> +            String val = entry.getValue();
>> +            if (val != null) {
>> +                val = val.trim();
>> +                if ("null".equals(val) || val.length() == 0) {
>> +                    val = null;
>> +                }
>>             }
>> +            config.setProcessor(key, val);
>>         }
>> +        final WSSecurityEngine ret = new WSSecurityEngine();
>> +        ret.setWssConfig(config);
>> +        return ret;
>>     }
>> }
>> Modified: cxf/branches/2.0.x-fixes/rt/ws/security/src/test/java/org/ 
>> apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
>> URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java?rev=663146&r1=663145&r2=663146&view=diff
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> = 
>> =====================================================================
>> --- cxf/branches/2.0.x-fixes/rt/ws/security/src/test/java/org/ 
>> apache/cxf/ws/security/wss4j/WSS4JInOutTest.java (original)
>> +++ cxf/branches/2.0.x-fixes/rt/ws/security/src/test/java/org/ 
>> apache/cxf/ws/security/wss4j/WSS4JInOutTest.java Wed Jun  4  
>> 07:58:47 2008
>> @@ -22,10 +22,12 @@
>> import java.io.ByteArrayOutputStream;
>> import java.security.cert.X509Certificate;
>> import java.util.ArrayList;
>> +import java.util.HashMap;
>> import java.util.List;
>> +import java.util.Map;
>> import java.util.SortedSet;
>> import java.util.TreeSet;
>> -
>> +import javax.xml.namespace.QName;
>> import javax.xml.parsers.DocumentBuilder;
>> import javax.xml.parsers.DocumentBuilderFactory;
>> import javax.xml.soap.MessageFactory;
>> @@ -41,6 +43,7 @@
>> import  
>> org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor;
>> import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
>> import org.apache.cxf.helpers.DOMUtils.NullResolver;
>> +import org.apache.cxf.helpers.XMLUtils;
>> import org.apache.cxf.interceptor.Interceptor;
>> import org.apache.cxf.message.Exchange;
>> import org.apache.cxf.message.ExchangeImpl;
>> @@ -48,8 +51,11 @@
>> import org.apache.cxf.phase.Phase;
>> import org.apache.cxf.phase.PhaseInterceptorChain;
>> import org.apache.cxf.staxutils.StaxUtils;
>> +import org.apache.ws.security.WSConstants;
>> +import org.apache.ws.security.WSDataRef;
>> import org.apache.ws.security.WSSecurityEngineResult;
>> import org.apache.ws.security.handler.WSHandlerConstants;
>> +import org.apache.ws.security.handler.WSHandlerResult;
>> import org.junit.Test;
>>  @@ -203,19 +209,198 @@
>>             .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
>>         assertNotNull(certificate);
>>     }
>> +    +    @Test
>> +    @SuppressWarnings("unchecked")
>> +    public void testEncryption() throws Exception {
>> +        Document doc = readDocument("wsse-request-clean.xml");
>> +
>> +        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
>> +        PhaseInterceptor<SoapMessage> handler =  
>> ohandler.createEndingInterceptor();
>> +
>> +        SoapMessage msg = new SoapMessage(new MessageImpl());
>> +        Exchange ex = new ExchangeImpl();
>> +        ex.setInMessage(msg);
>> +        +        SOAPMessage saajMsg =  
>> MessageFactory.newInstance().createMessage();
>> +        SOAPPart part = saajMsg.getSOAPPart();
>> +        part.setContent(new DOMSource(doc));
>> +        saajMsg.saveChanges();
>> +        msg.setContent(SOAPMessage.class, saajMsg);
>> +        +        msg.put(WSHandlerConstants.ACTION,  
>> WSHandlerConstants.ENCRYPT);
>> +        msg.put(WSHandlerConstants.SIG_PROP_FILE, "META-INF/cxf/ 
>> outsecurity.properties");
>> +        msg.put(WSHandlerConstants.ENC_PROP_FILE, "META-INF/cxf/ 
>> outsecurity.properties");
>> +        msg.put(WSHandlerConstants.USER, "myalias");
>> +        msg.put("password", "myAliasPassword");
>> +
>> +        handler.handleMessage(msg);
>> +        doc = part;
>> +
>> +        assertValid("//wsse:Security", doc);
>> +        assertValid("//s:Body/xenc:EncryptedData", doc);
>> +        byte[] docbytes = getMessageBytes(doc);
>> +        XMLStreamReader reader =  
>> StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
>> +
>> +        DocumentBuilderFactory dbf =  
>> DocumentBuilderFactory.newInstance();
>> +
>> +        dbf.setValidating(false);
>> +        dbf.setIgnoringComments(false);
>> +        dbf.setIgnoringElementContentWhitespace(true);
>> +        dbf.setNamespaceAware(true);
>> +
>> +        DocumentBuilder db = dbf.newDocumentBuilder();
>> +        db.setEntityResolver(new NullResolver());
>> +        doc = StaxUtils.read(db, reader, false);
>> +
>> +        WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
>> +
>> +        SoapMessage inmsg = new SoapMessage(new MessageImpl());
>> +        ex.setInMessage(inmsg);
>> +        inmsg.setContent(SOAPMessage.class, saajMsg);
>> +
>> +        inHandler.setProperty(WSHandlerConstants.ACTION,  
>> WSHandlerConstants.ENCRYPT);
>> +        inHandler.setProperty(WSHandlerConstants.DEC_PROP_FILE,  
>> "META-INF/cxf/insecurity.properties");
>> +        inHandler.setProperty(
>> +            WSHandlerConstants.PW_CALLBACK_CLASS, +             
>> "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
>> +        );
>> +
>> +        inHandler.handleMessage(inmsg);
>> +        //
>> +        // Check that the EncryptedData is no longer there
>> +        //
>> +        assertInvalid("//s:Body/xenc:EncryptedData",  
>> saajMsg.getSOAPPart());
>> +        //
>> +        // There should be exactly 1 (WSS4J) HandlerResult
>> +        //
>> +        final java.util.List<WSHandlerResult> handlerResults =  
>> +            (java.util.List<WSHandlerResult>)  
>> inmsg.get(WSHandlerConstants.RECV_RESULTS);
>> +        assertNotNull(handlerResults);
>> +        assertSame(handlerResults.size(), 1);
>> +        //
>> +        // This should contain exactly 1 protection result
>> +        //
>> +        final java.util.List<Object> protectionResults =
>> +            (java.util.List<Object>)  
>> handlerResults.get(0).getResults();
>> +        assertNotNull(protectionResults);
>> +        assertSame(protectionResults.size(), 1);
>> +        //
>> +        // This result should contain a reference to the decrypted  
>> element,
>> +        // which should contain the soap:Body Qname
>> +        //
>> +        final java.util.Map<String, Object> result =
>> +            (java.util.Map<String, Object>)  
>> protectionResults.get(0);
>> +        final java.util.List<WSDataRef> protectedElements =
>> +            (java.util.List<WSDataRef>) +                 
>> result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
>> +        assertNotNull(protectedElements);
>> +        assertSame(protectedElements.size(), 1);
>> +        assertEquals(
>> +            protectedElements.get(0).getName(),
>> +            new javax.xml.namespace.QName(
>> +                "http://schemas.xmlsoap.org/soap/envelope/",
>> +                "Body"
>> +            )
>> +        );
>> +    }
>> +    +    @Test
>> +    public void testCustomProcessor() throws Exception {
>> +        Document doc = readDocument("wsse-request-clean.xml");
>> +
>> +        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
>> +        PhaseInterceptor<SoapMessage> handler =  
>> ohandler.createEndingInterceptor();
>> +
>> +        SoapMessage msg = new SoapMessage(new MessageImpl());
>> +        Exchange ex = new ExchangeImpl();
>> +        ex.setInMessage(msg);
>> +        +        SOAPMessage saajMsg =  
>> MessageFactory.newInstance().createMessage();
>> +        SOAPPart part = saajMsg.getSOAPPart();
>> +        part.setContent(new DOMSource(doc));
>> +        saajMsg.saveChanges();
>> +
>> +        msg.setContent(SOAPMessage.class, saajMsg);
>> +
>> +        msg.put(WSHandlerConstants.ACTION,  
>> WSHandlerConstants.SIGNATURE);
>> +        msg.put(WSHandlerConstants.SIG_PROP_FILE, "META-INF/cxf/ 
>> outsecurity.properties");
>> +        msg.put(WSHandlerConstants.USER, "myalias");
>> +        msg.put("password", "myAliasPassword");
>> +
>> +        handler.handleMessage(msg);
>> +
>> +        doc = part;
>> +        +        assertValid("//wsse:Security", doc);
>> +        assertValid("//wsse:Security/ds:Signature", doc);
>> +
>> +        byte[] docbytes = getMessageBytes(doc);
>> +        XMLStreamReader reader =  
>> StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
>> +
>> +        DocumentBuilderFactory dbf =  
>> DocumentBuilderFactory.newInstance();
>> +
>> +        dbf.setValidating(false);
>> +        dbf.setIgnoringComments(false);
>> +        dbf.setIgnoringElementContentWhitespace(true);
>> +        dbf.setNamespaceAware(true);
>> +
>> +        DocumentBuilder db = dbf.newDocumentBuilder();
>> +        db.setEntityResolver(new NullResolver());
>> +        doc = StaxUtils.read(db, reader, false);
>> +
>> +        final Map<String, Object> properties = new HashMap<String,  
>> Object>();
>> +        properties.put(
>> +            WSS4JInInterceptor.PROCESSOR_MAP,
>> +            createCustomProcessorMap()
>> +        );
>> +        WSS4JInInterceptor inHandler = new  
>> WSS4JInInterceptor(properties);
>> +
>> +        SoapMessage inmsg = new SoapMessage(new MessageImpl());
>> +        ex.setInMessage(inmsg);
>> +        inmsg.setContent(SOAPMessage.class, saajMsg);
>> +
>> +        inHandler.setProperty(WSHandlerConstants.ACTION,  
>> WSHandlerConstants.NO_SECURITY);
>> +
>> +        inHandler.handleMessage(inmsg);
>> +        +        WSSecurityEngineResult result = +             
>> (WSSecurityEngineResult)  
>> inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
>> +        assertNull(result);
>> +    }
>> +         private byte[] getMessageBytes(Document doc) throws  
>> Exception {
>> -        // XMLOutputFactory factory =  
>> XMLOutputFactory.newInstance();
>>         ByteArrayOutputStream outputStream = new  
>> ByteArrayOutputStream();
>> -
>> -        // XMLStreamWriter byteArrayWriter =
>> -        // factory.createXMLStreamWriter(outputStream);
>>         XMLStreamWriter byteArrayWriter =  
>> StaxUtils.createXMLStreamWriter(outputStream);
>> -
>>         StaxUtils.writeDocument(doc, byteArrayWriter, false);
>> -
>>         byteArrayWriter.flush();
>>         return outputStream.toByteArray();
>>     }
>> +
>> +    /**
>> +     * @return      a processor map suitable for custom processing  
>> of
>> +     *              signatures (in this case, the actual processor  
>> is
>> +     *              null, which will cause the WSS4J runtime to do  
>> no
>> +     *              processing on the input)
>> +     */
>> +    private Map<QName, String>
>> +    createCustomProcessorMap() {
>> +        final Map<QName, String> ret = new HashMap<QName, String>();
>> +        ret.put(
>> +            new QName(
>> +                WSConstants.SIG_NS,
>> +                WSConstants.SIG_LN
>> +            ),
>> +            null
>> +        );
>> +        return ret;
>> +    }
>> +    +    +    // FOR DEBUGGING ONLY
>> +    /*private*/ static String serialize(Document doc) {
>> +        return XMLUtils.toString(doc);
>> +    }
>> }
>
> ----------------------------
> IONA Technologies PLC (registered in Ireland)
> Registered Number: 171387
> Registered Address: The IONA Building, Shelbourne Road, Dublin 4,  
> Ireland

---
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog





Mime
View raw message