cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r697942 [1/2] - in /cxf/trunk: api/src/main/java/org/apache/cxf/service/model/ api/src/main/java/org/apache/cxf/ws/policy/ common/common/src/main/java/org/apache/cxf/helpers/ rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/ rt/ws/policy...
Date Mon, 22 Sep 2008 18:51:10 GMT
Author: dkulp
Date: Mon Sep 22 11:51:08 2008
New Revision: 697942

URL: http://svn.apache.org/viewvc?rev=697942&view=rev
Log:
Get parts of ws-secpolicy AsymBinding working (sign before encrypt is working, encrypt before sign is not)
Fixes problems with policy impl
Delay setting up interceptor chains and vocabs until actually needed.

Added:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java   (with props)
Modified:
    cxf/trunk/api/src/main/java/org/apache/cxf/service/model/BindingOperationInfo.java
    cxf/trunk/api/src/main/java/org/apache/cxf/ws/policy/AssertionInfoMap.java
    cxf/trunk/common/common/src/main/java/org/apache/cxf/helpers/DOMUtils.java
    cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/ClientPolicyInInterceptor.java
    cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EffectivePolicyImpl.java
    cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EndpointPolicyImpl.java
    cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyEngineImpl.java
    cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EffectivePolicyImplTest.java
    cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EndpointPolicyImplTest.java
    cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyEngineTest.java
    cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyInterceptorsTest.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityInterceptorProvider.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ProtectionToken.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/RecipientToken.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SignatureToken.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SupportingToken.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricAsymmetricBindingBase.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricBinding.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TokenWrapper.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TransportToken.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/BindingBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
    cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
    cxf/trunk/systests/src/test/resources/wsdl_systest/DoubleIt.wsdl
    cxf/trunk/testutils/src/main/java/org/apache/cxf/testutil/common/ServerLauncher.java

Modified: cxf/trunk/api/src/main/java/org/apache/cxf/service/model/BindingOperationInfo.java
URL: http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/service/model/BindingOperationInfo.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/api/src/main/java/org/apache/cxf/service/model/BindingOperationInfo.java (original)
+++ cxf/trunk/api/src/main/java/org/apache/cxf/service/model/BindingOperationInfo.java Mon Sep 22 11:51:08 2008
@@ -45,7 +45,7 @@
     public BindingOperationInfo() {
     }
     
-    BindingOperationInfo(BindingInfo bi, OperationInfo opinfo) { 
+    public BindingOperationInfo(BindingInfo bi, OperationInfo opinfo) { 
         bindingInfo = bi;
         opInfo = opinfo;
         
@@ -61,7 +61,7 @@
         }
         
         Collection<FaultInfo> of = opinfo.getFaults();
-        if (!of.isEmpty()) {
+        if (of != null && !of.isEmpty()) {
             faults = new ConcurrentHashMap<QName, BindingFaultInfo>(of.size());
             for (FaultInfo fault : of) {
                 faults.put(fault.getFaultName(), new BindingFaultInfo(fault, this));
@@ -136,7 +136,7 @@
     @Override
     public String toString() {
         return new StringBuilder().append("[BindingOperationInfo: ")
-            .append(getName())
+            .append(getName() == null ? "" : getName())
             .append("]").toString();
     }
     

Modified: cxf/trunk/api/src/main/java/org/apache/cxf/ws/policy/AssertionInfoMap.java
URL: http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/ws/policy/AssertionInfoMap.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/api/src/main/java/org/apache/cxf/ws/policy/AssertionInfoMap.java (original)
+++ cxf/trunk/api/src/main/java/org/apache/cxf/ws/policy/AssertionInfoMap.java Mon Sep 22 11:51:08 2008
@@ -50,7 +50,7 @@
             putAssertionInfo(a);
         }
     }
-    
+
     private void putAssertionInfo(PolicyAssertion a) {
         Policy p = a.getPolicy();
         if (p != null) {

Modified: cxf/trunk/common/common/src/main/java/org/apache/cxf/helpers/DOMUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/common/common/src/main/java/org/apache/cxf/helpers/DOMUtils.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/common/common/src/main/java/org/apache/cxf/helpers/DOMUtils.java (original)
+++ cxf/trunk/common/common/src/main/java/org/apache/cxf/helpers/DOMUtils.java Mon Sep 22 11:51:08 2008
@@ -255,9 +255,11 @@
     }
     public static Element getFirstChildWithName(Element parent, String ns, String lp) { 
         Node n = parent.getFirstChild();
-        while (n != null 
-            && !ns.equals(n.getNamespaceURI())
-            && !lp.equals(n.getLocalName())) {
+        while (n != null) {
+            if (ns.equals(n.getNamespaceURI())
+                && lp.equals(n.getLocalName())) {
+                return (Element)n;
+            }
             n = n.getNextSibling();
         }
         return (Element)n;

Modified: cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/ClientPolicyInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/ClientPolicyInInterceptor.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/ClientPolicyInInterceptor.java (original)
+++ cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/ClientPolicyInInterceptor.java Mon Sep 22 11:51:08 2008
@@ -21,7 +21,6 @@
 
 import java.util.Collection;
 import java.util.List;
-import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import org.apache.cxf.common.logging.LogUtils;
@@ -31,6 +30,7 @@
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.Phase;
+import org.apache.cxf.service.model.BindingOperationInfo;
 import org.apache.cxf.service.model.EndpointInfo;
 import org.apache.cxf.transport.Conduit;
 
@@ -66,27 +66,38 @@
             return;
         }
         
-        Conduit conduit = exchange.getConduit(msg);
+        BindingOperationInfo boi = exchange.get(BindingOperationInfo.class);
         
-        // We do not know the underlying message type yet - so we pre-emptively add interceptors 
-        // that can deal with any resposes or faults returned to this client endpoint.
+        if (boi == null) {
+            Conduit conduit = exchange.getConduit(msg);
         
-        EndpointPolicy ep = pe.getClientEndpointPolicy(ei, conduit);
-        
-        List<Interceptor> interceptors = ep.getInterceptors();
-        for (Interceptor i : interceptors) {
-            msg.getInterceptorChain().add(i);
-            LOG.log(Level.FINE, "Added interceptor of type {0}", i.getClass().getSimpleName());            
-        }
-        
-        // insert assertions of endpoint's vocabulary into message
-        
-        Collection<PolicyAssertion> assertions = ep.getVocabulary();
-        if (null != assertions) {
-            msg.put(AssertionInfoMap.class, new AssertionInfoMap(assertions));
+            EndpointPolicy ep = pe.getClientEndpointPolicy(ei, conduit);
+            
+            List<Interceptor> interceptors = ep.getInterceptors();
+            for (Interceptor i : interceptors) {
+                msg.getInterceptorChain().add(i);
+            }
+            
+            // insert assertions of endpoint's vocabulary into message
+            
+            Collection<PolicyAssertion> assertions = ep.getVocabulary();
+            if (null != assertions) {
+                msg.put(AssertionInfoMap.class, new AssertionInfoMap(assertions));
+            }
+        } else {
+            // We do not know the underlying message type yet - so we pre-emptively add interceptors 
+            // that can deal with any resposes or faults returned to this client endpoint.
+            
+            EffectivePolicy ep = pe.getEffectiveClientResponsePolicy(ei, boi);
+    
+            List<Interceptor> interceptors = ep.getInterceptors();
+            for (Interceptor i : interceptors) {
+                msg.getInterceptorChain().add(i);
+            }
+            // insert assertions of endpoint's vocabulary into message
+            if (ep.getPolicy() != null) {
+                msg.put(AssertionInfoMap.class, new AssertionInfoMap(ep.getPolicy()));
+            }
         }
-        
-        // if the conduit implements the Assertor interface, 
-        
     }
 }

Modified: cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EffectivePolicyImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EffectivePolicyImpl.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EffectivePolicyImpl.java (original)
+++ cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EffectivePolicyImpl.java Mon Sep 22 11:51:08 2008
@@ -72,7 +72,7 @@
     void initialise(EndpointPolicyImpl epi, PolicyEngineImpl engine) {
         policy = epi.getPolicy();
         chosenAlternative = epi.getChosenAlternative();
-        initialiseInterceptors(engine);  
+        initialiseInterceptors(engine, false);  
     }
     
     void initialise(EndpointInfo ei, 
@@ -80,9 +80,17 @@
                     PolicyEngineImpl engine, 
                     Assertor assertor,
                     boolean requestor) {
-        initialisePolicy(ei, boi, engine, requestor);
+        initialisePolicy(ei, boi, engine, requestor, assertor);
         chooseAlternative(engine, assertor);
-        initialiseInterceptors(engine);  
+        initialiseInterceptors(engine, false);  
+    }
+    void initialise(EndpointInfo ei, 
+                    BindingOperationInfo boi, 
+                    PolicyEngineImpl engine, 
+                    boolean requestor) {
+        Assertor assertor = initialisePolicy(ei, boi, engine, requestor, null);
+        chooseAlternative(engine, assertor);
+        initialiseInterceptors(engine, requestor);  
     }
     
     void initialise(EndpointInfo ei, 
@@ -91,21 +99,28 @@
                     Assertor assertor) {
         initialisePolicy(ei, bfi, engine);
         chooseAlternative(engine, assertor);
-        initialiseInterceptors(engine);  
+        initialiseInterceptors(engine, false);  
     }
      
-    void initialisePolicy(EndpointInfo ei,
+    Assertor initialisePolicy(EndpointInfo ei,
                           BindingOperationInfo boi,  
                           PolicyEngineImpl engine, 
-                          boolean requestor) {
+                          boolean requestor,
+                          Assertor assertor) {
+        
         if (boi.isUnwrapped()) {
             boi = boi.getUnwrappedOperation();
         }
         BindingMessageInfo bmi = requestor ? boi.getInput() : boi.getOutput();
+        EndpointPolicy ep;
         if (requestor) {
-            policy = engine.getClientEndpointPolicy(ei, (Conduit)null).getPolicy();
+            ep = engine.getClientEndpointPolicy(ei, (Conduit)assertor);
         } else {
-            policy = engine.getServerEndpointPolicy(ei, (Destination)null).getPolicy();
+            ep = engine.getServerEndpointPolicy(ei, (Destination)assertor);
+        }
+        policy = ep.getPolicy();
+        if (ep instanceof EndpointPolicyImpl) {
+            assertor = ((EndpointPolicyImpl)ep).getAssertor();
         }
         
         policy = policy.merge(engine.getAggregatedOperationPolicy(boi));
@@ -113,6 +128,7 @@
             policy = policy.merge(engine.getAggregatedMessagePolicy(bmi));
         }
         policy = (Policy)policy.normalize(true);
+        return assertor;
     }
     
     void initialisePolicy(EndpointInfo ei, BindingFaultInfo bfi, PolicyEngineImpl engine) {
@@ -135,13 +151,18 @@
     }
 
     void initialiseInterceptors(PolicyEngineImpl engine) {
-        PolicyInterceptorProviderRegistry reg 
-            = engine.getBus().getExtension(PolicyInterceptorProviderRegistry.class);
-        Set<Interceptor> out = new LinkedHashSet<Interceptor>();
-        for (PolicyAssertion a : getChosenAlternative()) {
-            initialiseInterceptors(reg, engine, out, a);
-        }        
-        setInterceptors(new ArrayList<Interceptor>(out));
+        initialiseInterceptors(engine, false);
+    }
+    void initialiseInterceptors(PolicyEngineImpl engine, boolean useIn) {
+        if (engine.getBus() != null) {
+            PolicyInterceptorProviderRegistry reg 
+                = engine.getBus().getExtension(PolicyInterceptorProviderRegistry.class);
+            Set<Interceptor> out = new LinkedHashSet<Interceptor>();
+            for (PolicyAssertion a : getChosenAlternative()) {
+                initialiseInterceptors(reg, engine, out, a, useIn);
+            }        
+            setInterceptors(new ArrayList<Interceptor>(out));
+        }
     }
     
     
@@ -160,16 +181,17 @@
     void initialiseInterceptors(PolicyInterceptorProviderRegistry reg,
                                 PolicyEngineImpl engine,
                                 Set<Interceptor> out,
-                                PolicyAssertion a) {
+                                PolicyAssertion a,
+                                boolean usIn) {
         QName qn = a.getName();
         PolicyInterceptorProvider pp = reg.get(qn);
         if (null != pp) {
-            out.addAll(pp.getOutInterceptors());
+            out.addAll(usIn ? pp.getInInterceptors() : pp.getOutInterceptors());
         }
         Policy p = a.getPolicy();
         if (p != null) {
             for (PolicyAssertion a2 : getSupportedAlternatives(engine, p)) {
-                initialiseInterceptors(reg, engine, out, a2);
+                initialiseInterceptors(reg, engine, out, a2, usIn);
             }
         }
     }

Modified: cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EndpointPolicyImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EndpointPolicyImpl.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EndpointPolicyImpl.java (original)
+++ cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/EndpointPolicyImpl.java Mon Sep 22 11:51:08 2008
@@ -36,6 +36,8 @@
 import org.apache.cxf.service.model.BindingFaultInfo;
 import org.apache.cxf.service.model.BindingOperationInfo;
 import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.transport.Conduit;
+import org.apache.cxf.transport.Destination;
 import org.apache.neethi.ExactlyOne;
 import org.apache.neethi.Policy;
 
@@ -48,6 +50,7 @@
     
     private Policy policy;
     private Collection<PolicyAssertion> chosenAlternative;
+    
     private Collection<PolicyAssertion> vocabulary;
     private Collection<PolicyAssertion> faultVocabulary;
     private List<Interceptor> interceptors;
@@ -76,6 +79,10 @@
         return policy;        
     }
     
+    public Assertor getAssertor() {
+        return assertor;
+    }
+    
     public EndpointPolicy updatePolicy(Policy p) {
         EndpointPolicyImpl epi = createEndpointPolicy();
         Policy np = (Policy)p.normalize(true);
@@ -89,19 +96,31 @@
         return chosenAlternative;
     }
     
-    public Collection<PolicyAssertion> getVocabulary() {
+    public synchronized Collection<PolicyAssertion> getVocabulary() {
+        if (vocabulary == null) {
+            initializeVocabulary();
+        }
         return vocabulary;
     }
     
-    public Collection<PolicyAssertion> getFaultVocabulary() {
+    public synchronized Collection<PolicyAssertion> getFaultVocabulary() {
+        if (vocabulary == null) {
+            initializeVocabulary();
+        }
         return faultVocabulary;
     }    
     
-    public List<Interceptor> getInterceptors() {
+    public synchronized List<Interceptor> getInterceptors() {
+        if (interceptors == null) {
+            initializeInterceptors();
+        }
         return interceptors;
     }
     
-    public List<Interceptor> getFaultInterceptors() {
+    public synchronized List<Interceptor> getFaultInterceptors() {
+        if (interceptors == null) {
+            initializeInterceptors();
+        }
         return faultInterceptors;
     }
     
@@ -113,8 +132,6 @@
     
     void finalizeConfig() {
         chooseAlternative();
-        initializeVocabulary();
-        initializeInterceptors(); 
     }
    
     void initializePolicy() {
@@ -157,7 +174,9 @@
         }
        
         // vocabulary of alternative chosen for endpoint
-        
+        if (getChosenAlternative() == null) { 
+            return;
+        }
         for (PolicyAssertion a : getChosenAlternative()) {
             if (a.isOptional()) {
                 continue;
@@ -170,25 +189,49 @@
    
         // add assertions for specific inbound (in case of a server endpoint) or outbound 
         // (in case of a client endpoint) messages
-        
         for (BindingOperationInfo boi : ei.getBinding().getOperations()) {
-            Policy p = engine.getAggregatedOperationPolicy(boi);
+            EffectivePolicy p = null;
+            if (this.requestor) {
+                p = engine.getEffectiveClientRequestPolicy(ei, boi, 
+                                                           (Conduit)assertor);
+            } else {
+                p = engine.getEffectiveServerRequestPolicy(ei, boi);
+            }
             Collection<PolicyAssertion> c = engine.getAssertions(p, false);
-            vocabulary.addAll(c);
-            if (null != faultVocabulary) {
-                faultVocabulary.addAll(c);
+            if (c != null) {
+                vocabulary.addAll(c);
+                if (null != faultVocabulary) {
+                    faultVocabulary.addAll(c);
+                }
             }
- 
-            if (!requestor) {
-                p = engine.getAggregatedMessagePolicy(boi.getInput());
-                vocabulary.addAll(engine.getAssertions(p, false));
-            } else if (null != boi.getOutput()) {
-                p = engine.getAggregatedMessagePolicy(boi.getOutput());
-                vocabulary.addAll(engine.getAssertions(p, false));
-                
-                for (BindingFaultInfo bfi : boi.getFaults()) { 
-                    p = engine.getAggregatedFaultPolicy(bfi);
-                    faultVocabulary.addAll(engine.getAssertions(p, false));
+            if (this.requestor) {
+                p = engine.getEffectiveClientResponsePolicy(ei, boi);
+            } else {
+                p = engine.getEffectiveServerResponsePolicy(ei, boi, 
+                                                            (Destination)assertor);
+            }
+            c = engine.getAssertions(p, false);
+            if (c != null) {
+                vocabulary.addAll(c);
+                if (null != faultVocabulary) {
+                    faultVocabulary.addAll(c);
+                }
+            }
+            if (boi.getFaults() != null) {
+                for (BindingFaultInfo bfi : boi.getFaults()) {
+                    if (this.requestor) {
+                        p = engine.getEffectiveClientFaultPolicy(ei, bfi);
+                    } else {
+                        p = engine.getEffectiveServerFaultPolicy(ei, bfi, 
+                                                                 (Destination)assertor);
+                    }
+                    c = engine.getAssertions(p, false);
+                    if (c != null) {
+                        vocabulary.addAll(c);
+                        if (null != faultVocabulary) {
+                            faultVocabulary.addAll(c);
+                        }
+                    }
                 }
             }
         }
@@ -223,6 +266,10 @@
     }
 
     void initializeInterceptors() {
+        if (engine == null || engine.getBus() == null
+            || engine.getBus().getExtension(PolicyInterceptorProviderRegistry.class) == null) {
+            return;
+        }
         PolicyInterceptorProviderRegistry reg 
             = engine.getBus().getExtension(PolicyInterceptorProviderRegistry.class);
         

Modified: cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyEngineImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyEngineImpl.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyEngineImpl.java (original)
+++ cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyEngineImpl.java Mon Sep 22 11:51:08 2008
@@ -226,11 +226,12 @@
         ei.setProperty(POLICY_INFO_ENDPOINT_SERVER, ep);
     }
 
-    public EffectivePolicy getEffectiveServerRequestPolicy(EndpointInfo ei, BindingOperationInfo boi) {
+    public EffectivePolicy getEffectiveServerRequestPolicy(EndpointInfo ei, 
+                                                           BindingOperationInfo boi) {
         EffectivePolicy effectivePolicy = (EffectivePolicy)boi.getProperty(POLICY_INFO_REQUEST_SERVER);
         if (null == effectivePolicy) {
             EffectivePolicyImpl epi = createOutPolicyInfo();
-            epi.initialisePolicy(ei, boi, this, false);
+            epi.initialise(ei, boi, this, false);
             boi.setProperty(POLICY_INFO_REQUEST_SERVER, epi);
             effectivePolicy = epi;
         }
@@ -246,7 +247,7 @@
         EffectivePolicy effectivePolicy = (EffectivePolicy)boi.getProperty(POLICY_INFO_RESPONSE_CLIENT);
         if (null == effectivePolicy) {
             EffectivePolicyImpl epi = createOutPolicyInfo();
-            epi.initialisePolicy(ei, boi, this, true);        
+            epi.initialise(ei, boi, this, true);        
             boi.setProperty(POLICY_INFO_RESPONSE_CLIENT, epi);
             effectivePolicy = epi;
         }
@@ -418,6 +419,23 @@
         }
         return assertions;
     }
+    Collection<PolicyAssertion> getAssertions(EffectivePolicy pc, boolean includeOptional) {
+        if (pc == null || pc.getChosenAlternative() == null) {
+            return null;
+        }
+        Collection<PolicyAssertion> assertions = new ArrayList<PolicyAssertion>();
+        for (PolicyAssertion assertion : pc.getChosenAlternative()) {
+            if (Constants.TYPE_ASSERTION == assertion.getType()) {
+                PolicyAssertion a = assertion;
+                if (includeOptional || !a.isOptional()) {
+                    assertions.add(a);
+                }
+            } else {   
+                addAssertions(assertion, includeOptional, assertions);
+            }
+        }
+        return assertions;
+    }
 
     void addAssertions(PolicyComponent pc, boolean includeOptional, 
                                Collection<PolicyAssertion> assertions) {

Modified: cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EffectivePolicyImplTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EffectivePolicyImplTest.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EffectivePolicyImplTest.java (original)
+++ cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EffectivePolicyImplTest.java Mon Sep 22 11:51:08 2008
@@ -87,8 +87,8 @@
         EasyMock.expect(endpointPolicy.getPolicy()).andReturn(p);
         Collection<PolicyAssertion> chosenAlternative = new ArrayList<PolicyAssertion>();
         EasyMock.expect(endpointPolicy.getChosenAlternative()).andReturn(chosenAlternative);
-        PolicyEngineImpl pe = control.createMock(PolicyEngineImpl.class);
-        effectivePolicy.initialiseInterceptors(pe);
+        PolicyEngineImpl pe = new PolicyEngineImpl();
+        effectivePolicy.initialiseInterceptors(pe, false);
         EasyMock.expectLastCall();
         control.replay();
         effectivePolicy.initialise(endpointPolicy, pe);
@@ -98,8 +98,11 @@
     @Test
     public void testInitialise() throws NoSuchMethodException {
         Method m1 = EffectivePolicyImpl.class.getDeclaredMethod("initialisePolicy",
-            new Class[] {EndpointInfo.class, BindingOperationInfo.class, PolicyEngineImpl.class, 
-                         boolean.class});
+            new Class[] {EndpointInfo.class, 
+                         BindingOperationInfo.class, 
+                         PolicyEngineImpl.class,
+                         boolean.class,
+                         Assertor.class});
         Method m2 = EffectivePolicyImpl.class.getDeclaredMethod("chooseAlternative",
             new Class[] {PolicyEngineImpl.class, Assertor.class});
         Method m3 = EffectivePolicyImpl.class.getDeclaredMethod("initialiseInterceptors",
@@ -108,15 +111,15 @@
             control.createMock(EffectivePolicyImpl.class, new Method[] {m1, m2, m3});        
         EndpointInfo ei = control.createMock(EndpointInfo.class);
         BindingOperationInfo boi = control.createMock(BindingOperationInfo.class);
-        PolicyEngineImpl pe = control.createMock(PolicyEngineImpl.class);
+        PolicyEngineImpl pe = new PolicyEngineImpl();
         Assertor a = control.createMock(Assertor.class);
         boolean requestor = true;
        
-        effectivePolicy.initialisePolicy(ei, boi, pe, requestor);
-        EasyMock.expectLastCall();
+        effectivePolicy.initialisePolicy(ei, boi, pe, requestor, a);
+        EasyMock.expectLastCall().andReturn(a);
         effectivePolicy.chooseAlternative(pe, a);
         EasyMock.expectLastCall();
-        effectivePolicy.initialiseInterceptors(pe);
+        effectivePolicy.initialiseInterceptors(pe, false);
         EasyMock.expectLastCall();
         
         control.replay();
@@ -136,14 +139,14 @@
             control.createMock(EffectivePolicyImpl.class, new Method[] {m1, m2, m3});        
         EndpointInfo ei = control.createMock(EndpointInfo.class);
         BindingFaultInfo bfi = control.createMock(BindingFaultInfo.class);
-        PolicyEngineImpl pe = control.createMock(PolicyEngineImpl.class);
+        PolicyEngineImpl pe = new PolicyEngineImpl();
         Assertor a = control.createMock(Assertor.class);
        
         effectivePolicy.initialisePolicy(ei, bfi, pe);
         EasyMock.expectLastCall();
         effectivePolicy.chooseAlternative(pe, a);
         EasyMock.expectLastCall();
-        effectivePolicy.initialiseInterceptors(pe);
+        effectivePolicy.initialiseInterceptors(pe, false);
         EasyMock.expectLastCall();
         
         control.replay();
@@ -191,7 +194,7 @@
         
         control.replay();
         EffectivePolicyImpl epi = new EffectivePolicyImpl();
-        epi.initialisePolicy(ei, boi, engine, requestor);
+        epi.initialisePolicy(ei, boi, engine, requestor, null);
         assertSame(merged, epi.getPolicy());
         control.verify();
     }
@@ -306,7 +309,7 @@
     private void setupPolicyInterceptorProviderRegistry(PolicyEngineImpl engine, 
                                                         PolicyInterceptorProviderRegistry reg) {
         Bus bus = control.createMock(Bus.class);        
-        EasyMock.expect(engine.getBus()).andReturn(bus);
+        EasyMock.expect(engine.getBus()).andReturn(bus).anyTimes();
         EasyMock.expect(bus.getExtension(PolicyInterceptorProviderRegistry.class)).andReturn(reg);
     }
     

Modified: cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EndpointPolicyImplTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EndpointPolicyImplTest.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EndpointPolicyImplTest.java (original)
+++ cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/EndpointPolicyImplTest.java Mon Sep 22 11:51:08 2008
@@ -23,7 +23,6 @@
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
-import java.util.Iterator;
 import java.util.List;
 
 import javax.xml.namespace.QName;
@@ -31,10 +30,6 @@
 import org.apache.cxf.Bus;
 import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.interceptor.Interceptor;
-import org.apache.cxf.service.model.BindingFaultInfo;
-import org.apache.cxf.service.model.BindingInfo;
-import org.apache.cxf.service.model.BindingMessageInfo;
-import org.apache.cxf.service.model.BindingOperationInfo;
 import org.apache.cxf.service.model.EndpointInfo;
 import org.apache.cxf.service.model.ServiceInfo;
 import org.apache.neethi.All;
@@ -75,8 +70,6 @@
         assertNull(epi.getChosenAlternative());
         assertNull(epi.getInterceptors());
         assertNull(epi.getFaultInterceptors());
-        assertNull(epi.getVocabulary());
-        assertNull(epi.getFaultVocabulary());
         
         Policy p = control.createMock(Policy.class);
         PolicyAssertion a = control.createMock(PolicyAssertion.class);
@@ -120,8 +113,6 @@
         EasyMock.expectLastCall();
         epi.chooseAlternative();
         EasyMock.expectLastCall();
-        epi.initializeInterceptors(); 
-        EasyMock.expectLastCall();
         
         control.replay();
         epi.initialize();
@@ -183,97 +174,7 @@
         control.verify();
     }
     
-    @Test
-    public void testInitialiseVocabularyServer() {
-        dotestInitializeVocabulary(false);
-    }
-    
-    @Test
-    public void testInitialiseVocabularyClient() {
-        dotestInitializeVocabulary(true);
-    }
-    
-    private void dotestInitializeVocabulary(boolean requestor) {
-        
-        EndpointInfo ei = control.createMock(EndpointInfo.class);
-        PolicyEngineImpl engine = control.createMock(PolicyEngineImpl.class);
-        
-        EndpointPolicyImpl epi = new EndpointPolicyImpl(ei, engine, requestor, null);   
-        List<PolicyAssertion> alternative = new ArrayList<PolicyAssertion>();
-        epi.setChosenAlternative(alternative);
-        PolicyAssertion ea = control.createMock(PolicyAssertion.class);        
-        alternative.add(ea);
-        EasyMock.expect(ea.isOptional()).andReturn(false);
-        PolicyAssertion eaOpt = control.createMock(PolicyAssertion.class);        
-        alternative.add(eaOpt);
-        EasyMock.expect(eaOpt.isOptional()).andReturn(true);
-        
-        BindingInfo bi = control.createMock(BindingInfo.class);
-        EasyMock.expect(ei.getBinding()).andReturn(bi);
-        BindingOperationInfo boi = control.createMock(BindingOperationInfo.class);
-        EasyMock.expect(bi.getOperations()).andReturn(Collections.singletonList(boi));
-        
-        Policy op = control.createMock(Policy.class);
-        EasyMock.expect(engine.getAggregatedOperationPolicy(boi)).andReturn(op);
-        PolicyAssertion oa = control.createMock(PolicyAssertion.class);
-        EasyMock.expect(engine.getAssertions(op, false)).andReturn(Collections.singletonList(oa));
-        BindingMessageInfo bmi = control.createMock(BindingMessageInfo.class);
-        if (requestor) {
-            EasyMock.expect(boi.getOutput()).andReturn(bmi).times(2);
-        } else {
-            EasyMock.expect(boi.getInput()).andReturn(bmi);
-        }
-        Policy mp = control.createMock(Policy.class);
-        EasyMock.expect(engine.getAggregatedMessagePolicy(bmi)).andReturn(mp);
-        PolicyAssertion ma = control.createMock(PolicyAssertion.class);
-        EasyMock.expect(engine.getAssertions(mp, false)).andReturn(Collections.singletonList(ma));
-        PolicyAssertion fa = null;
-        if (requestor) {
-            BindingFaultInfo bfi = control.createMock(BindingFaultInfo.class);
-            EasyMock.expect(boi.getFaults()).andReturn(Collections.singletonList(bfi));
-            Policy fp = control.createMock(Policy.class);
-            EasyMock.expect(engine.getAggregatedFaultPolicy(bfi)).andReturn(fp);
-            fa = control.createMock(PolicyAssertion.class);
-            EasyMock.expect(engine.getAssertions(fp, false)).andReturn(Collections.singletonList(fa));
-        }
-        
-        control.replay();
-        epi.initializeVocabulary();
-        Collection<PolicyAssertion> expected = new ArrayList<PolicyAssertion>();
-        expected.add(ea);
-        expected.add(oa);
-        expected.add(ma);
-        verifyVocabulary(expected, epi.getVocabulary());
-        if (requestor) {
-            expected.remove(ma);
-            expected.add(fa);
-            verifyVocabulary(expected, epi.getFaultVocabulary());
-            // 
-        } else {
-            assertNull(epi.getFaultVocabulary());
-        }
-          
-        control.verify();          
-    }
-    
-    private void verifyVocabulary(Collection<PolicyAssertion> expected, 
-                                  Collection<PolicyAssertion> actual) {
-        
-        assertEquals(expected.size(), actual.size());
-        for (Iterator<PolicyAssertion> i = expected.iterator(); i.hasNext();) {
-            PolicyAssertion e = i.next();
-            Iterator<PolicyAssertion> j = actual.iterator();
-            boolean eFound = false;
-            while (j.hasNext()) {
-                if (e == j.next()) {
-                    eFound = true;
-                    break;
-                }              
-            }
-            assertTrue("Expected assertion not found.", eFound);
-        }
-    }
-    
+
     @Test
     public void testUpdatePolicy() {
         
@@ -378,8 +279,9 @@
     private void setupPolicyInterceptorProviderRegistry(PolicyEngineImpl engine, 
                                                         PolicyInterceptorProviderRegistry reg) {
         Bus bus = control.createMock(Bus.class);        
-        EasyMock.expect(engine.getBus()).andReturn(bus);
-        EasyMock.expect(bus.getExtension(PolicyInterceptorProviderRegistry.class)).andReturn(reg);
+        EasyMock.expect(engine.getBus()).andReturn(bus).anyTimes();
+        EasyMock.expect(bus.getExtension(PolicyInterceptorProviderRegistry.class))
+            .andReturn(reg).anyTimes();
     }
     
   

Modified: cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyEngineTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyEngineTest.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyEngineTest.java (original)
+++ cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyEngineTest.java Mon Sep 22 11:51:08 2008
@@ -38,6 +38,7 @@
 import org.apache.cxf.service.model.BindingMessageInfo;
 import org.apache.cxf.service.model.BindingOperationInfo;
 import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.service.model.OperationInfo;
 import org.apache.cxf.service.model.ServiceInfo;
 import org.apache.cxf.transport.Conduit;
 import org.apache.cxf.transport.Destination;
@@ -72,7 +73,8 @@
         return ei;
     }
     private BindingOperationInfo createMockBindingOperationInfo() throws Exception {
-        BindingOperationInfo boi = new BindingOperationInfo() {
+        OperationInfo info = new OperationInfo();
+        BindingOperationInfo boi = new BindingOperationInfo(null, info) {
             public boolean isUnwrapped() {
                 return false;
             }
@@ -206,7 +208,7 @@
         BindingOperationInfo boi = createMockBindingOperationInfo(); 
         EffectivePolicyImpl epi = control.createMock(EffectivePolicyImpl.class);
         EasyMock.expect(engine.createOutPolicyInfo()).andReturn(epi);
-        epi.initialisePolicy(ei, boi, engine, false);
+        epi.initialise(ei, boi, engine, false);
         EasyMock.expectLastCall();
         control.replay();
         assertSame(epi, engine.getEffectiveServerRequestPolicy(ei, boi));
@@ -235,7 +237,7 @@
         BindingOperationInfo boi = createMockBindingOperationInfo(); 
         EffectivePolicyImpl epi = control.createMock(EffectivePolicyImpl.class);
         EasyMock.expect(engine.createOutPolicyInfo()).andReturn(epi);
-        epi.initialisePolicy(ei, boi, engine, true);
+        epi.initialise(ei, boi, engine, true);
         EasyMock.expectLastCall();
         control.replay();
         assertSame(epi, engine.getEffectiveClientResponsePolicy(ei, boi));

Modified: cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyInterceptorsTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyInterceptorsTest.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyInterceptorsTest.java (original)
+++ cxf/trunk/rt/ws/policy/src/test/java/org/apache/cxf/ws/policy/PolicyInterceptorsTest.java Mon Sep 22 11:51:08 2008
@@ -36,6 +36,7 @@
 import org.apache.cxf.service.model.FaultInfo;
 import org.apache.cxf.transport.Conduit;
 import org.apache.cxf.transport.Destination;
+import org.apache.neethi.Policy;
 import org.easymock.classextension.EasyMock;
 import org.easymock.classextension.IMocksControl;
 import org.junit.Assert;
@@ -109,19 +110,17 @@
         doTestBasics(interceptor, true, false);
         
         control.reset();
-        setupMessage(true, true, false, false, true, true);        
-        EndpointPolicy endpointPolicy = control.createMock(EndpointPolicy.class);
-        EasyMock.expect(pe.getClientEndpointPolicy(ei, conduit)).andReturn(endpointPolicy);
+        setupMessage(true, true, true, true, true, true);
+        EffectivePolicy effectivePolicy = control.createMock(EffectivePolicy.class);
+        EasyMock.expect(pe.getEffectiveClientResponsePolicy(ei, boi)).andReturn(effectivePolicy);
+        EasyMock.expect(effectivePolicy.getPolicy()).andReturn(new Policy()).times(2);
         Interceptor i = control.createMock(Interceptor.class);
-        EasyMock.expect(endpointPolicy.getInterceptors())
+        EasyMock.expect(effectivePolicy.getInterceptors())
             .andReturn(CastUtils.cast(Collections.singletonList(i), Interceptor.class));
         InterceptorChain ic = control.createMock(InterceptorChain.class);
         EasyMock.expect(message.getInterceptorChain()).andReturn(ic);
         ic.add(i);
         EasyMock.expectLastCall();
-        Collection<PolicyAssertion> assertions = 
-            CastUtils.cast(Collections.EMPTY_LIST, PolicyAssertion.class);
-        EasyMock.expect(endpointPolicy.getVocabulary()).andReturn(assertions);
         message.put(EasyMock.eq(AssertionInfoMap.class), EasyMock.isA(AssertionInfoMap.class));
         EasyMock.expectLastCall();
         control.replay();
@@ -360,7 +359,7 @@
             
         if (isClient) {
             conduit = control.createMock(Conduit.class);
-            EasyMock.expect(exchange.getConduit(message)).andReturn(conduit);
+            EasyMock.expect(exchange.getConduit(message)).andReturn(conduit).anyTimes();
         } else {
             destination = control.createMock(Destination.class);
             EasyMock.expect(exchange.getDestination()).andReturn(destination);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Mon Sep 22 11:51:08 2008
@@ -27,6 +27,10 @@
     public static final String PASSWORD = "ws-security.password";
     public static final String CALLBACK_HANDLER = "ws-security.callback-handler";
     
+    public static final String SIGNATURE_PROPERTIES = "ws-security.signature.properties";
+    public static final String ENCRYPT_USERNAME = "ws-security.encryption.username";
+    public static final String ENCRYPT_PROPERTIES = "ws-security.encryption.properties";
+    
     private SecurityConstants() {
         //utility class
     }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java Mon Sep 22 11:51:08 2008
@@ -82,12 +82,6 @@
     public static final QName INCLUDE_TIMESTAMP = new QName(SP12Constants.SP_NS,
             SPConstants.INCLUDE_TIMESTAMP, SP12Constants.SP_PREFIX);
     
-    public static final QName ENCRYPT_BEFORE_SIGNING = new QName(SP12Constants.SP_NS, 
-            SPConstants.ENCRYPT_BEFORE_SIGNING, SP12Constants.SP_PREFIX);
-    
-    public static final QName SIGN_BEFORE_ENCRYPTING = new QName(SP12Constants.SP_NS,
-            SPConstants.SIGN_BEFORE_ENCRYPTING, SP12Constants.SP_PREFIX);
-    
     public static final QName ONLY_SIGN_ENTIRE_HEADERS_AND_BODY = new QName(SP12Constants.SP_NS,
             SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, SP12Constants.SP_PREFIX);
 

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java Mon Sep 22 11:51:08 2008
@@ -50,11 +50,15 @@
     
     ////////////////////////////////////////////////////////////////////////////////////////////////
 
+    
+    public enum ProtectionOrder {
+        EncryptBeforeSigning,
+        SignBeforeEncrypting
+    };
     /**
      * Protection Order : EncryptBeforeSigning
      */
     public static final String ENCRYPT_BEFORE_SIGNING = "EncryptBeforeSigning";
-
     /**
      * Protection Order : SignBeforeEncrypting
      */

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java Mon Sep 22 11:51:08 2008
@@ -88,7 +88,8 @@
             assertion = (Assertion)iterator.next();
             name = assertion.getName();
 
-            if (!consts.getNamespace().equals(name.getNamespaceURI())) {
+            if (!consts.getNamespace().equals(name.getNamespaceURI())
+                && !SP12Constants.INSTANCE.getNamespace().equals(name.getNamespaceURI())) {
                 continue;
             }
 
@@ -109,10 +110,10 @@
                 asymmetricBinding.setIncludeTimestamp(true);
 
             } else if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(name.getLocalPart())) {
-                asymmetricBinding.setProtectionOrder(SPConstants.ENCRYPT_BEFORE_SIGNING);
+                asymmetricBinding.setProtectionOrder(SPConstants.ProtectionOrder.EncryptBeforeSigning);
 
             } else if (SPConstants.SIGN_BEFORE_ENCRYPTING.equals(name.getLocalPart())) {
-                asymmetricBinding.setProtectionOrder(SPConstants.SIGN_BEFORE_ENCRYPTING);
+                asymmetricBinding.setProtectionOrder(SPConstants.ProtectionOrder.SignBeforeEncrypting);
 
             } else if (SPConstants.ENCRYPT_SIGNATURE.equals(name.getLocalPart())) {
                 asymmetricBinding.setSignatureProtection(true);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java Mon Sep 22 11:51:08 2008
@@ -101,10 +101,10 @@
                 symmetricBinding.setProtectionToken((ProtectionToken)assertion);
 
             } else if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(name.getLocalPart())) {
-                symmetricBinding.setProtectionOrder(SPConstants.ENCRYPT_BEFORE_SIGNING);
+                symmetricBinding.setProtectionOrder(SPConstants.ProtectionOrder.EncryptBeforeSigning);
 
             } else if (SPConstants.SIGN_BEFORE_ENCRYPTING.equals(name.getLocalPart())) {
-                symmetricBinding.setProtectionOrder(SPConstants.SIGN_BEFORE_ENCRYPTING);
+                symmetricBinding.setProtectionOrder(SPConstants.ProtectionOrder.SignBeforeEncrypting);
 
             } else if (SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY.equals(name.getLocalPart())) {
                 symmetricBinding.setEntireHeadersAndBodySignatures(true);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityInterceptorProvider.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityInterceptorProvider.java Mon Sep 22 11:51:08 2008
@@ -37,32 +37,22 @@
     private static final Collection<QName> ASSERTION_TYPES;
     static {
         ASSERTION_TYPES = new ArrayList<QName>();
-        ASSERTION_TYPES.add(SP11Constants.LAYOUT);
-        ASSERTION_TYPES.add(SP11Constants.INCLUDE_TIMESTAMP);
-        ASSERTION_TYPES.add(SP11Constants.ALGORITHM_SUITE);
-        ASSERTION_TYPES.add(SP11Constants.WSS10);
-        ASSERTION_TYPES.add(SP11Constants.WSS11);
-        ASSERTION_TYPES.add(SP11Constants.SIGNED_SUPPORTING_TOKENS);
-        ASSERTION_TYPES.add(SP11Constants.USERNAME_TOKEN);
-
-        ASSERTION_TYPES.add(SP12Constants.LAYOUT);
-        ASSERTION_TYPES.add(SP12Constants.INCLUDE_TIMESTAMP);
-        ASSERTION_TYPES.add(SP12Constants.ALGORITHM_SUITE);
-        ASSERTION_TYPES.add(SP12Constants.WSS10);
-        ASSERTION_TYPES.add(SP12Constants.WSS11);
-        ASSERTION_TYPES.add(SP12Constants.SIGNED_SUPPORTING_TOKENS);
-        ASSERTION_TYPES.add(SP12Constants.USERNAME_TOKEN);
         
         ASSERTION_TYPES.add(SP11Constants.TRANSPORT_BINDING);
         ASSERTION_TYPES.add(SP12Constants.TRANSPORT_BINDING);
 
+        ASSERTION_TYPES.add(SP11Constants.ASYMMETRIC_BINDING);
+        ASSERTION_TYPES.add(SP12Constants.ASYMMETRIC_BINDING);
+
+        ASSERTION_TYPES.add(SP11Constants.SYMMETRIC_BINDING);
+        ASSERTION_TYPES.add(SP12Constants.SYMMETRIC_BINDING);
     }
 
     public WSSecurityInterceptorProvider() {
         super(ASSERTION_TYPES);
         this.getOutInterceptors().add(new PolicyBasedWSS4JOutInterceptor());
         this.getOutFaultInterceptors().add(new PolicyBasedWSS4JOutInterceptor());
-        this.getInInterceptors().add(new WSS4JInInterceptor());
+        this.getInInterceptors().add(new WSS4JInInterceptor(true));
         this.getInFaultInterceptors().add(new WSS4JInInterceptor());
     }
 }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java Mon Sep 22 11:51:08 2008
@@ -35,10 +35,27 @@
     private static final Collection<QName> ASSERTION_TYPES;
     static {
         ASSERTION_TYPES = new ArrayList<QName>();
-        //ASSERTION_TYPES.add(SP11Constants.TRANSPORT_BINDING);
-        //ASSERTION_TYPES.add(SP12Constants.TRANSPORT_BINDING);
+        ASSERTION_TYPES.add(SP11Constants.LAYOUT);
+        ASSERTION_TYPES.add(SP11Constants.INCLUDE_TIMESTAMP);
+        ASSERTION_TYPES.add(SP11Constants.ALGORITHM_SUITE);
+        ASSERTION_TYPES.add(SP11Constants.WSS10);
+        ASSERTION_TYPES.add(SP11Constants.WSS11);
+        ASSERTION_TYPES.add(SP11Constants.SIGNED_SUPPORTING_TOKENS);
+        ASSERTION_TYPES.add(SP11Constants.USERNAME_TOKEN);
         ASSERTION_TYPES.add(SP11Constants.TRANSPORT_TOKEN);
-        ASSERTION_TYPES.add(SP12Constants.TRANSPORT_TOKEN);
+        ASSERTION_TYPES.add(SP11Constants.SIGNED_PARTS);
+        ASSERTION_TYPES.add(SP11Constants.ENCRYPTED_PARTS);
+
+        ASSERTION_TYPES.add(SP12Constants.LAYOUT);
+        ASSERTION_TYPES.add(SP12Constants.INCLUDE_TIMESTAMP);
+        ASSERTION_TYPES.add(SP12Constants.ALGORITHM_SUITE);
+        ASSERTION_TYPES.add(SP12Constants.WSS10);
+        ASSERTION_TYPES.add(SP12Constants.WSS11);
+        ASSERTION_TYPES.add(SP12Constants.SIGNED_SUPPORTING_TOKENS);
+        ASSERTION_TYPES.add(SP12Constants.USERNAME_TOKEN);
+        ASSERTION_TYPES.add(SP12Constants.TRANSPORT_TOKEN);            
+        ASSERTION_TYPES.add(SP12Constants.SIGNED_PARTS);
+        ASSERTION_TYPES.add(SP12Constants.ENCRYPTED_PARTS);
     }
 
     public WSSecurityPolicyInterceptorProvider() {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java Mon Sep 22 11:51:08 2008
@@ -74,7 +74,7 @@
     public boolean isAsserted(AssertionInfoMap aim) {
         Collection<AssertionInfo> ail = aim.getAssertionInfo(getName());
         for (AssertionInfo ai : ail) {
-            if (ai.isAsserted() && ai.getAssertion().equal(this)) {
+            if (ai.isAsserted() && ai.getAssertion() == this) {
                 return true;
             }
         }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java Mon Sep 22 11:51:08 2008
@@ -23,6 +23,7 @@
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamWriter;
 
+import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
 import org.apache.cxf.ws.security.policy.SP12Constants;
 import org.apache.cxf.ws.security.policy.SPConstants;
 import org.apache.neethi.All;
@@ -75,38 +76,47 @@
         return SP12Constants.INSTANCE.getAsymmetricBinding();
     }
     public PolicyComponent normalize() {
-
-        if (isNormalized()) {
-            return this;
-        }
-
-        AlgorithmSuite algorithmSuite = getAlgorithmSuite();
-
-        Policy policy = new Policy();
-        ExactlyOne exactlyOne = new ExactlyOne();
-
-        policy.addPolicyComponent(exactlyOne);
-
-
-        All wrapper = new All();
-        AsymmetricBinding asymmetricBinding = new AsymmetricBinding(constants);
-
+        return this;
+    }
+    public Policy getPolicy() {
+        Policy p = new Policy();
+        ExactlyOne ea = new ExactlyOne();
+        p.addPolicyComponent(ea);
+        All all = new All();
+        
+        /*
         asymmetricBinding.setAlgorithmSuite(algorithmSuite);
-        asymmetricBinding.setEntireHeadersAndBodySignatures(isEntireHeadersAndBodySignatures());
-        asymmetricBinding.setIncludeTimestamp(isIncludeTimestamp());
-        asymmetricBinding.setInitiatorToken(getInitiatorToken());
-        asymmetricBinding.setLayout(getLayout());
         asymmetricBinding.setProtectionOrder(getProtectionOrder());
-        asymmetricBinding.setRecipientToken(getRecipientToken());
         asymmetricBinding.setSignatureProtection(isSignatureProtection());
         asymmetricBinding.setSignedEndorsingSupportingTokens(getSignedEndorsingSupportingTokens());
         asymmetricBinding.setTokenProtection(isTokenProtection());
-
-        asymmetricBinding.setNormalized(true);
-        wrapper.addPolicyComponent(wrapper);
-
-        return policy;
-
+        */
+        if (getInitiatorToken() != null) {
+            all.addPolicyComponent(getInitiatorToken());
+        }
+        if (getRecipientToken() != null) {
+            all.addPolicyComponent(getRecipientToken());
+        }
+        /*
+        if (isEntireHeadersAndBodySignatures()) {
+            all.addPolicyComponent(new PrimitiveAssertion(SP12Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
+        }
+        */
+        if (isIncludeTimestamp()) {
+            all.addPolicyComponent(new PrimitiveAssertion(SP12Constants.INCLUDE_TIMESTAMP));
+        }
+        if (getLayout() != null) {
+            all.addPolicyComponent(getLayout());
+        }
+        ea.addPolicyComponent(all);
+        PolicyComponent pc = p.normalize(true);
+        if (pc instanceof Policy) {
+            return (Policy)pc;
+        } else {
+            p = new Policy();
+            p.addPolicyComponent(pc);
+            return p;
+        }
     }
 
     public void serialize(XMLStreamWriter writer) throws XMLStreamException {
@@ -173,9 +183,10 @@
             // </sp:IncludeTimestamp>
         }
 
-        if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(getProtectionOrder())) {
+        if (SPConstants.ProtectionOrder.EncryptBeforeSigning.equals(getProtectionOrder())) {
             // <sp:EncryptBeforeSign />
-            writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING, namespaceURI);
+            writer.writeStartElement(prefix, SPConstants.ProtectionOrder.EncryptBeforeSigning.toString(),
+                                     namespaceURI);
             writer.writeEndElement();
         }
 

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java Mon Sep 22 11:51:08 2008
@@ -39,6 +39,10 @@
     public Token getEncryptionToken() {
         return encryptionToken;
     }
+    public Token getToken() {
+        return encryptionToken;
+    }
+
 
     /**
      * @param encryptionToken The encryptionToken to set.

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java Mon Sep 22 11:51:08 2008
@@ -39,6 +39,10 @@
     public Token getInitiatorToken() {
         return initiatorToken;
     }
+    public Token getToken() {
+        return initiatorToken;
+    }
+
 
     /**
      * @param initiatorToken The initiatorToken to set.

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ProtectionToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ProtectionToken.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ProtectionToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ProtectionToken.java Mon Sep 22 11:51:08 2008
@@ -40,6 +40,9 @@
     public Token getProtectionToken() {
         return protectionToken;
     }
+    public Token getToken() {
+        return protectionToken;
+    }
 
     /**
      * @param protectionToken The protectionToken to set.

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/RecipientToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/RecipientToken.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/RecipientToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/RecipientToken.java Mon Sep 22 11:51:08 2008
@@ -27,7 +27,7 @@
 
 public class RecipientToken extends AbstractSecurityAssertion implements TokenWrapper {
 
-    private Token receipientToken;
+    private Token recipientToken;
 
     public RecipientToken(SPConstants version) {
         super(version);
@@ -36,15 +36,18 @@
     /**
      * @return Returns the receipientToken.
      */
-    public Token getReceipientToken() {
-        return receipientToken;
+    public Token getRecipientToken() {
+        return recipientToken;
+    }
+    public Token getToken() {
+        return recipientToken;
     }
 
     /**
      * @param receipientToken The receipientToken to set.
      */
-    public void setReceipientToken(Token receipientToken) {
-        this.receipientToken = receipientToken;
+    public void setRecipientToken(Token recipientToken) {
+        this.recipientToken = recipientToken;
     }
 
     /*
@@ -52,7 +55,7 @@
      * @see org.apache.ws.security.policy.TokenWrapper#setToken(org.apache.ws.security.policy.Token)
      */
     public void setToken(Token tok) {
-        this.setReceipientToken(tok);
+        this.setRecipientToken(tok);
     }
 
     public QName getRealName() {
@@ -85,7 +88,7 @@
         writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY
             .getNamespaceURI());
 
-        Token token = getReceipientToken();
+        Token token = getRecipientToken();
         if (token == null) {
             throw new RuntimeException("RecipientToken doesn't contain any token assertions");
         }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SignatureToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SignatureToken.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SignatureToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SignatureToken.java Mon Sep 22 11:51:08 2008
@@ -39,6 +39,9 @@
     public Token getSignatureToken() {
         return signatureToken;
     }
+    public Token getToken() {
+        return signatureToken;
+    }
 
     /**
      * @param signatureToken The signatureToken to set.

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SupportingToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SupportingToken.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SupportingToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SupportingToken.java Mon Sep 22 11:51:08 2008
@@ -167,6 +167,10 @@
     public void setToken(Token tok) {
         this.addToken(tok);
     }
+    public Token getToken() {
+        return null;
+    }
+
 
     public QName getRealName() {
         QName ret = null;

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricAsymmetricBindingBase.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricAsymmetricBindingBase.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricAsymmetricBindingBase.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricAsymmetricBindingBase.java Mon Sep 22 11:51:08 2008
@@ -22,7 +22,7 @@
 
 public abstract class SymmetricAsymmetricBindingBase extends Binding {
 
-    private String protectionOrder = SPConstants.SIGN_BEFORE_ENCRYPTING;
+    private SPConstants.ProtectionOrder protectionOrder = SPConstants.ProtectionOrder.SignBeforeEncrypting;
 
     private boolean signatureProtection;
 
@@ -51,21 +51,15 @@
     /**
      * @return Returns the protectionOrder.
      */
-    public String getProtectionOrder() {
+    public SPConstants.ProtectionOrder getProtectionOrder() {
         return protectionOrder;
     }
 
     /**
      * @param protectionOrder The protectionOrder to set.
      */
-    public void setProtectionOrder(String protectionOrder) {
-        if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(protectionOrder)
-            || SPConstants.SIGN_BEFORE_ENCRYPTING.equals(protectionOrder)) {
-            this.protectionOrder = protectionOrder;
-        } else {
-            // throw new WSSPolicyException("Incorrect protection order value : "
-            // + protectionOrder);
-        }
+    public void setProtectionOrder(SPConstants.ProtectionOrder protectionOrder) {
+        this.protectionOrder = protectionOrder;
     }
 
     /**

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricBinding.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricBinding.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricBinding.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/SymmetricBinding.java Mon Sep 22 11:51:08 2008
@@ -204,7 +204,7 @@
             writer.writeEndElement();
         }
 
-        if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(getProtectionOrder())) {
+        if (SPConstants.ProtectionOrder.EncryptBeforeSigning == getProtectionOrder()) {
             // <sp:EncryptBeforeSigning />
             writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING, namespaceURI);
             writer.writeEndElement();

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TokenWrapper.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TokenWrapper.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TokenWrapper.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TokenWrapper.java Mon Sep 22 11:51:08 2008
@@ -18,7 +18,12 @@
  */
 package org.apache.cxf.ws.security.policy.model;
 
-public interface TokenWrapper {
+
+import org.apache.cxf.ws.policy.PolicyAssertion;
+
+public interface TokenWrapper extends PolicyAssertion {
 
     void setToken(Token tok);
+    Token getToken();
+    
 }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TransportToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TransportToken.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TransportToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/TransportToken.java Mon Sep 22 11:51:08 2008
@@ -40,6 +40,9 @@
     public Token getTransportToken() {
         return transportToken;
     }
+    public Token getToken() {
+        return transportToken;
+    }
 
     public QName getRealName() {
         return constants.getTransportToken();

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java Mon Sep 22 11:51:08 2008
@@ -18,25 +18,34 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
+import java.io.IOException;
 import java.net.URI;
+import java.net.URL;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Properties;
 import java.util.Set;
 
 import javax.xml.namespace.QName;
 
+import org.apache.cxf.Bus;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.binding.soap.interceptor.SoapInterceptor;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptor;
+import org.apache.cxf.resource.ResourceManager;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
+import org.apache.cxf.ws.policy.PolicyAssertion;
+import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.SP12Constants;
 import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.model.AsymmetricBinding;
 import org.apache.cxf.ws.security.policy.model.Layout;
 import org.apache.cxf.ws.security.policy.model.SupportingToken;
 import org.apache.cxf.ws.security.policy.model.Token;
@@ -154,6 +163,55 @@
             org.apache.cxf.message.Message.REQUESTOR_ROLE));
     }  
     
+    protected void policyAsserted(AssertionInfoMap aim, PolicyAssertion assertion) {
+        Collection<AssertionInfo> ais;
+        ais = aim.get(assertion.getName());
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                if (ai.getAssertion() == assertion) {
+                    ai.setAsserted(true);
+                }
+            }
+        }
+    }
+    protected void policyAsserted(AssertionInfoMap aim, QName qn) {
+        Collection<AssertionInfo> ais;
+        ais = aim.get(qn);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                ai.setAsserted(true);
+            }
+        }
+    }
+    private static Properties getProps(Object o, SoapMessage message) {
+        Properties properties = null;
+        if (o instanceof Properties) {
+            properties = (Properties)o;
+        } else if (o instanceof String) {
+            ResourceManager rm = message.getExchange().get(Bus.class).getExtension(ResourceManager.class);
+            URL url = rm.resolveResource((String)o, URL.class);
+            try {
+                if (url == null) {
+                    url = ClassLoaderUtils.getResource((String)o, AbstractWSS4JInterceptor.class);
+                }
+                if (url != null) {
+                    properties = new Properties();
+                    properties.load(url.openStream());
+                }
+            } catch (IOException e) {
+                properties = null;
+            }
+        } else if (o instanceof URL) {
+            properties = new Properties();
+            try {
+                properties.load(((URL)o).openStream());
+            } catch (IOException e) {
+                properties = null;
+            }            
+        }
+        
+        return properties;
+    }
     
     protected void checkPolicies(SoapMessage message, RequestData data) {
         AssertionInfoMap aim = message.get(AssertionInfoMap.class);
@@ -188,6 +246,37 @@
                     ai.setAsserted(true);
                 }                    
             }
+            ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+            if (ais != null) {
+                for (AssertionInfo ai : ais) {
+                    AsymmetricBinding abinding = (AsymmetricBinding)ai.getAssertion();
+                    if (abinding.getProtectionOrder() == SPConstants.ProtectionOrder.EncryptBeforeSigning) {
+                        action = "Encrypt Signature " + action;
+                    } else {
+                        action = "Signature Encrypt " + action;                      
+                    }
+                    Object s = message.getContextualProperty(SecurityConstants.SIGNATURE_PROPERTIES);
+                    Object e = message.getContextualProperty(SecurityConstants.ENCRYPT_PROPERTIES);
+                    if (isRequestor(message)) {
+                        message.put("SignaturePropRefId", "SigRefId");
+                        message.put("SigRefId", getProps(e, message));
+                        message.put("decryptionPropRefId", "DecRefId");
+                        message.put("DecRefId", getProps(s, message));
+                    } else {
+                        message.put("SignaturePropRefId", "SigRefId");
+                        message.put("SigRefId", getProps(s, message));
+                        message.put("decryptionPropRefId", "DecRefId");
+                        message.put("DecRefId", getProps(e, message));                        
+                    }
+                    ai.setAsserted(true);
+                    policyAsserted(aim, abinding.getInitiatorToken());
+                    policyAsserted(aim, abinding.getRecipientToken());
+                    policyAsserted(aim, abinding.getInitiatorToken().getToken());
+                    policyAsserted(aim, abinding.getRecipientToken().getToken());
+                    policyAsserted(aim, SP12Constants.ENCRYPTED_PARTS);
+                    policyAsserted(aim, SP12Constants.SIGNED_PARTS);
+                }
+            }
             ais = aim.get(SP12Constants.SIGNED_SUPPORTING_TOKENS);
             if (ais != null) {
                 for (AssertionInfo ai : ais) {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java Mon Sep 22 11:51:08 2008
@@ -33,7 +33,11 @@
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.model.AsymmetricBinding;
+import org.apache.cxf.ws.security.policy.model.Binding;
+import org.apache.cxf.ws.security.policy.model.SymmetricBinding;
 import org.apache.cxf.ws.security.policy.model.TransportBinding;
+import org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler;
 import org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler;
 import org.apache.ws.security.message.WSSecHeader;
 
@@ -82,18 +86,40 @@
             AssertionInfoMap aim = message.get(AssertionInfoMap.class);
             // extract Assertion information
             if (aim != null) {
-                TransportBinding transport = null;
+                Binding transport = null;
                 ais = aim.get(SP12Constants.TRANSPORT_BINDING);
                 if (ais != null) {
                     for (AssertionInfo ai : ais) {
-                        transport = (TransportBinding)ai.getAssertion();
+                        transport = (Binding)ai.getAssertion();
+                        ai.setAsserted(true);
+                    }                    
+                }
+                ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+                if (ais != null) {
+                    for (AssertionInfo ai : ais) {
+                        transport = (Binding)ai.getAssertion();
+                        ai.setAsserted(true);
+                    }                    
+                }
+                ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
+                if (ais != null) {
+                    for (AssertionInfo ai : ais) {
+                        transport = (Binding)ai.getAssertion();
                         ai.setAsserted(true);
                     }                    
                 }
                 
                 
                 if (transport != null) {
-                    new TransportBindingHandler(transport, saaj, secHeader, aim, message).handleBinding();
+                    if (transport instanceof TransportBinding) {
+                        new TransportBindingHandler((TransportBinding)transport, saaj,
+                                                    secHeader, aim, message).handleBinding();
+                    } else if (transport instanceof SymmetricBinding) {
+                        //TODO
+                    } else {
+                        new AsymmetricBindingHandler((AsymmetricBinding)transport, saaj,
+                                                     secHeader, aim, message).handleBinding();
+                    }
                 }
                 
                 ais = aim.get(SP12Constants.WSS10);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=697942&r1=697941&r2=697942&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java Mon Sep 22 11:51:08 2008
@@ -39,6 +39,7 @@
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.binding.soap.SoapVersion;
 import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
 import org.apache.cxf.common.i18n.Message;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.helpers.CastUtils;
@@ -76,6 +77,7 @@
                                                                  WSS4JInInterceptor.class.getName()
                                                                      + "-Time");
     private SAAJInInterceptor saajIn = new SAAJInInterceptor();
+    private boolean ignoreActions;
 
     /**
      *
@@ -88,6 +90,10 @@
         setPhase(Phase.PRE_PROTOCOL);
         getAfter().add(SAAJInInterceptor.class.getName());
     }
+    public WSS4JInInterceptor(boolean ignore) {
+        this();
+        ignoreActions = ignore;
+    }
 
     public WSS4JInInterceptor(Map<String, Object> properties) {
         this();
@@ -99,6 +105,9 @@
         }
     }
 
+    public void setIgnoreActions(boolean i) {
+        ignoreActions = i;
+    }
     private SOAPMessage getSOAPMessage(SoapMessage msg) {
         SOAPMessage doc = msg.getContent(SOAPMessage.class);
         if (doc == null) {
@@ -234,7 +243,7 @@
             /*
              * now check the security actions: do they match, in right order?
              */
-            if (!checkReceiverResults(wsResult, actions)) {
+            if (!ignoreActions && !checkReceiverResults(wsResult, actions)) {
                 LOG.warning("Security processing failed (actions mismatch)");
                 throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
             }
@@ -334,9 +343,18 @@
          */
         CallbackHandler cbHandler = null;
         if ((doAction & (WSConstants.ENCR | WSConstants.UT)) != 0) {
-            cbHandler 
-                = (CallbackHandler)((SoapMessage)reqData.getMsgContext())
-                    .getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+            Object o = ((SoapMessage)reqData.getMsgContext())
+                .getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+            if (o instanceof String) {
+                try {
+                    o = ClassLoaderUtils.loadClass((String)o, this.getClass()).newInstance();
+                } catch (Exception e) {
+                    throw new WSSecurityException(e.getMessage(), e);
+                }
+            }            
+            if (o instanceof CallbackHandler) {
+                cbHandler = (CallbackHandler)o;
+            }
             if (cbHandler == null) {
                 cbHandler = getPasswordCB(reqData);
             }



Mime
View raw message