cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r734732 - in /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security: policy/ policy/builders/ policy/model/ trust/ wss4j/policyhandlers/
Date Thu, 15 Jan 2009 15:33:00 GMT
Author: dkulp
Date: Thu Jan 15 07:32:59 2009
New Revision: 734732

URL: http://svn.apache.org/viewvc?rev=734732&view=rev
Log:
Add support for parsing KeyValueTokens in policy - Not wired in yet as wss4j does not support
them yet.


Added:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
  (with props)
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/KeyValueToken.java
  (with props)
Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java?rev=734732&r1=734731&r2=734732&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
Thu Jan 15 07:32:59 2009
@@ -123,6 +123,9 @@
 
     public static final QName USERNAME_TOKEN = new QName(SP12Constants.SP_NS,
             SPConstants.USERNAME_TOKEN , SP12Constants.SP_PREFIX);
+    public static final QName KEYVALUE_TOKEN = new QName(SP12Constants.SP_NS,
+                                                         SPConstants.KEYVALUE_TOKEN ,
+                                                         SP12Constants.SP_PREFIX);
 
     public static final QName WSS_USERNAME_TOKEN10 = new QName(SP12Constants.SP_NS,
             SPConstants.USERNAME_TOKEN10 , SP12Constants.SP_PREFIX);
@@ -437,6 +440,9 @@
     public QName getUserNameToken() {
         return USERNAME_TOKEN;
     }
+    public QName getKeyValueToken() {
+        return KEYVALUE_TOKEN;
+    }
     public QName getX509Token() {
         return X509_TOKEN;
     }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java?rev=734732&r1=734731&r2=734732&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
Thu Jan 15 07:32:59 2009
@@ -124,6 +124,7 @@
     
     
     public static final String USERNAME_TOKEN = "UsernameToken";
+    public static final String KEYVALUE_TOKEN = "KeyValueToken";
     
     public static final String USERNAME_TOKEN10 = "WssUsernameToken10";
     

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java?rev=734732&r1=734731&r2=734732&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
Thu Jan 15 07:32:59 2009
@@ -34,6 +34,7 @@
 import org.apache.cxf.ws.security.policy.builders.HttpsTokenBuilder;
 import org.apache.cxf.ws.security.policy.builders.InitiatorTokenBuilder;
 import org.apache.cxf.ws.security.policy.builders.IssuedTokenBuilder;
+import org.apache.cxf.ws.security.policy.builders.KeyValueTokenBuilder;
 import org.apache.cxf.ws.security.policy.builders.LayoutBuilder;
 import org.apache.cxf.ws.security.policy.builders.ProtectionTokenBuilder;
 import org.apache.cxf.ws.security.policy.builders.RecipientTokenBuilder;
@@ -103,6 +104,7 @@
         reg.register(new Trust10Builder());
         reg.register(new Trust13Builder());
         reg.register(new UsernameTokenBuilder(pbuild));
+        reg.register(new KeyValueTokenBuilder());
         reg.register(new WSS10Builder());
         reg.register(new WSS11Builder());
         reg.register(new X509TokenBuilder(pbuild));

Added: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java?rev=734732&view=auto
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
(added)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
Thu Jan 15 07:32:59 2009
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.policy.builders;
+
+import java.util.Arrays;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.ws.policy.AssertionBuilder;
+import org.apache.cxf.ws.policy.PolicyAssertion;
+import org.apache.cxf.ws.security.policy.SP11Constants;
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.model.KeyValueToken;
+
+
+public class KeyValueTokenBuilder implements AssertionBuilder {
+    private static final List<QName> KNOWN_ELEMENTS 
+        = Arrays.asList(SP12Constants.KEYVALUE_TOKEN);
+
+    public KeyValueTokenBuilder() {
+    }
+    
+    public PolicyAssertion build(Element element) {
+        
+        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
+            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
+
+        KeyValueToken token = new KeyValueToken(consts);
+
+        String attribute = element.getAttributeNS(element.getNamespaceURI(), SPConstants.ATTR_INCLUDE_TOKEN);
+        if (attribute != null) {
+            token.setInclusion(consts.getInclusionFromAttributeValue(attribute));
+        }
+
+        Element polEl = DOMUtils.getFirstChildWithName(element, SPConstants.POLICY);
+        if (polEl != null) {
+            Element child = DOMUtils.getFirstElement(polEl);
+            if (child != null) {
+                QName qname = new QName(child.getNamespaceURI(), child.getLocalName());
+                if ("RsaKeyValue".equals(qname.getLocalPart())) {
+                    token.setForceRsaKeyValue(true);
+                }
+            }
+        }
+        return token;
+    }
+
+    public List<QName> getKnownElements() {
+        return KNOWN_ELEMENTS;
+    }
+
+    public PolicyAssertion buildCompatible(PolicyAssertion a, PolicyAssertion b) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+}

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/KeyValueToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/KeyValueToken.java?rev=734732&view=auto
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/KeyValueToken.java
(added)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/KeyValueToken.java
Thu Jan 15 07:32:59 2009
@@ -0,0 +1,92 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.policy.model;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
+
+public class KeyValueToken extends Token {
+    boolean forceRsaKeyValue;
+    public KeyValueToken(SPConstants version) {
+        super(version);
+    }
+
+
+    public QName getName() {
+        return SP12Constants.INSTANCE.getKeyValueToken();
+    }
+
+    public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+        QName name = constants.getUserNameToken();
+        String localname = name.getLocalPart();
+        String namespaceURI = name.getNamespaceURI();
+
+        String prefix = writer.getPrefix(namespaceURI);
+        if (prefix == null) {
+            prefix = name.getPrefix();
+            writer.setPrefix(prefix, namespaceURI);
+        }
+
+        // <sp:KeyValueToken
+        writer.writeStartElement(prefix, localname, namespaceURI);
+
+        writer.writeNamespace(prefix, namespaceURI);
+
+        String inclusion;
+
+        inclusion = constants.getAttributeValueFromInclusion(getInclusion());
+
+        if (inclusion != null) {
+            writer.writeAttribute(prefix, namespaceURI, SPConstants.ATTR_INCLUDE_TOKEN, inclusion);
+        }
+
+
+        if (forceRsaKeyValue) {
+            String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
+            if (pPrefix == null) {
+                writer.setPrefix(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getNamespaceURI());
+            }
+
+            // <wsp:Policy>
+            writer.writeStartElement(prefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY
+                .getNamespaceURI());
+            
+            writer.writeEmptyElement(prefix, "RsaKeyValue", namespaceURI);
+
+            // </wsp:Policy>
+            writer.writeEndElement();
+
+        }
+        writer.writeEndElement();
+        // </sp:KeyValueToken>
+
+    }
+
+
+    public void setForceRsaKeyValue(boolean b) {
+        forceRsaKeyValue = b;
+    }
+    public boolean isForceRsaKeyValue() {
+        return forceRsaKeyValue;
+    }
+}

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/KeyValueToken.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/KeyValueToken.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=734732&r1=734731&r2=734732&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Thu Jan 15 07:32:59 2009
@@ -350,6 +350,22 @@
                 writer.writeCharacters(namespace + "/CK/PSHA1");
                 writer.writeEndElement();
             }
+        } else if (keyType.endsWith("PublicKey")) {
+            writer.writeStartElement(namespace, "UseKey");
+            writer.writeStartElement("http://www.w3.org/2000/09/xmldsig#", "KeyInfo");
+            writer.writeStartElement("http://www.w3.org/2000/09/xmldsig#", "KeyValue");
+            
+            /*
+            //REVISIT - KeyValueToken support - how to get the key?
+            RSAPublicKey key = getPublicKey();
+            
+            RSAKeyValue value = new RSAKeyValue(writer.getDocument(), key);
+            StaxUtils.copy(value.getElement(), writer);
+            */
+            
+            writer.writeEndElement();
+            writer.writeEndElement();
+            writer.writeEndElement();
         }
         writer.writeEndElement();
         
@@ -359,7 +375,6 @@
         return createSecurityToken((Document)((DOMSource)obj[0]).getNode(), requestorEntropy);
     }
 
-
     private SecurityToken createSecurityToken(Document document, byte[] requestorEntropy)

         throws WSSecurityException {
         

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=734732&r1=734731&r2=734732&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
Thu Jan 15 07:32:59 2009
@@ -21,6 +21,7 @@
 
 import java.io.IOException;
 import java.net.URL;
+import java.security.Key;
 import java.security.KeyStoreException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -371,7 +372,7 @@
         }
     }
     
-    protected Map<Token, WSSecBase> handleSupportingTokens(SupportingToken suppTokens)
{
+    protected Map<Token, WSSecBase> handleSupportingTokens(SupportingToken suppTokens,
boolean endorse) {
         Map<Token, WSSecBase> ret = new HashMap<Token, WSSecBase>();
         if (suppTokens == null) {
             return ret;
@@ -405,7 +406,7 @@
             } else if (token instanceof X509Token) {
                 //We have to use a cert
                 //Prepare X509 signature
-                WSSecSignature sig = getSignatureBuider(suppTokens, token);
+                WSSecSignature sig = getSignatureBuider(suppTokens, token, endorse);
                 Element bstElem = sig.getBinarySecurityTokenElement();
                 if (bstElem != null) {
                     sig.prependBSTElementToHeader(secHeader);
@@ -790,24 +791,26 @@
         
         return encrKey;
     }
+
     public Crypto getSignatureCrypto(TokenWrapper wrapper) {
-        return getCrypto(wrapper, true);
+        return getCrypto(wrapper, SecurityConstants.SIGNATURE_CRYPTO,
+                         SecurityConstants.SIGNATURE_PROPERTIES);
     }
+
+
     public Crypto getEncryptionCrypto(TokenWrapper wrapper) {
-        return getCrypto(wrapper, false);
+        return getCrypto(wrapper, 
+                         SecurityConstants.ENCRYPT_CRYPTO,
+                         SecurityConstants.ENCRYPT_PROPERTIES);
     }
-    public Crypto getCrypto(TokenWrapper wrapper, boolean sign) {
-        Crypto crypto = (Crypto)message.getContextualProperty(sign 
-                                                      ? SecurityConstants.SIGNATURE_CRYPTO

-                                                      : SecurityConstants.ENCRYPT_CRYPTO);
+    public Crypto getCrypto(TokenWrapper wrapper, String cryptoKey, String propKey) {
+        Crypto crypto = (Crypto)message.getContextualProperty(cryptoKey);
         if (crypto != null) {
             return crypto;
         }
         
         
-        Object o = message.getContextualProperty(sign 
-                                                 ? SecurityConstants.SIGNATURE_PROPERTIES

-                                                 : SecurityConstants.ENCRYPT_PROPERTIES);
+        Object o = message.getContextualProperty(propKey); 
         Properties properties = null;
         if (o instanceof Properties) {
             properties = (Properties)o;
@@ -1014,7 +1017,7 @@
             }
         }
     }
-    protected WSSecSignature getSignatureBuider(TokenWrapper wrapper, Token token) {
+    protected WSSecSignature getSignatureBuider(TokenWrapper wrapper, Token token, boolean
endorse) {
         WSSecSignature sig = new WSSecSignature();
         checkForX509PkiPath(sig, token);        
         setKeyIdentifierType(sig, wrapper, token);
@@ -1022,14 +1025,18 @@
         boolean encryptCrypto = false;
         String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
         String type = "signature";
-        if (binding instanceof SymmetricBinding) {
+        if (binding instanceof SymmetricBinding && !endorse) {
             encryptCrypto = ((SymmetricBinding)binding).getProtectionToken() != null;
             userNameKey = SecurityConstants.ENCRYPT_USERNAME;
         }
 
-        Crypto crypto = encryptCrypto ? getEncryptionCrypto(wrapper) : getSignatureCrypto(wrapper);
-        message.getExchange().put(SecurityConstants.SIGNATURE_CRYPTO, crypto);
-
+        Crypto crypto = encryptCrypto ? getEncryptionCrypto(wrapper) 
+            : getSignatureCrypto(wrapper);
+        
+        
+        if (!endorse) {
+            message.getExchange().put(SecurityConstants.SIGNATURE_CRYPTO, crypto);
+        }
         String user = (String)message.getContextualProperty(userNameKey);
         if (StringUtils.isEmpty(user)) {
             user = crypto.getDefaultX509Alias();
@@ -1049,6 +1056,15 @@
                 //ignore
             }
         }
+        
+        try {
+            Key key = crypto.getKeyStore().getCertificate(user).getPublicKey();
+            System.out.println(key);
+        } catch (KeyStoreException e1) {
+            // TODO Auto-generated catch block
+            e1.printStackTrace();
+        }
+        
         if (StringUtils.isEmpty(user)) {
             policyNotAsserted(token, "No " + type + " username found.");
         }
@@ -1276,41 +1292,41 @@
         SupportingToken sgndSuppTokens = 
             (SupportingToken)findAndAssertPolicy(SP12Constants.SIGNED_SUPPORTING_TOKENS);
         
-        Map<Token, WSSecBase> sigSuppTokMap = this.handleSupportingTokens(sgndSuppTokens);
          
+        Map<Token, WSSecBase> sigSuppTokMap = this.handleSupportingTokens(sgndSuppTokens,
false);           
         
         SupportingToken endSuppTokens = 
             (SupportingToken)findAndAssertPolicy(SP12Constants.ENDORSING_SUPPORTING_TOKENS);
-        
-        endSuppTokMap = this.handleSupportingTokens(endSuppTokens);
-        
+
+        endSuppTokMap = this.handleSupportingTokens(endSuppTokens, true);
+
         SupportingToken sgndEndSuppTokens 
             = (SupportingToken)findAndAssertPolicy(SP12Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS);
-        sgndEndSuppTokMap = this.handleSupportingTokens(sgndEndSuppTokens);
+        sgndEndSuppTokMap = this.handleSupportingTokens(sgndEndSuppTokens, true);
         
         SupportingToken sgndEncryptedSuppTokens 
             = (SupportingToken)findAndAssertPolicy(SP12Constants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS);
         Map<Token, WSSecBase> sgndEncSuppTokMap 
-            = this.handleSupportingTokens(sgndEncryptedSuppTokens);
+            = this.handleSupportingTokens(sgndEncryptedSuppTokens, false);
         
         SupportingToken endorsingEncryptedSuppTokens 
             = (SupportingToken)findAndAssertPolicy(SP12Constants.ENDORSING_ENCRYPTED_SUPPORTING_TOKENS);
         endEncSuppTokMap 
-            = this.handleSupportingTokens(endorsingEncryptedSuppTokens);
-        
+            = this.handleSupportingTokens(endorsingEncryptedSuppTokens, true);
+
         SupportingToken sgndEndEncSuppTokens 
             = (SupportingToken)findAndAssertPolicy(SP12Constants
                                                        .SIGNED_ENDORSING_ENCRYPTED_SUPPORTING_TOKENS);
         sgndEndEncSuppTokMap 
-            = this.handleSupportingTokens(sgndEndEncSuppTokens);
-        
+            = this.handleSupportingTokens(sgndEndEncSuppTokens, true);
+
         SupportingToken supportingToks 
             = (SupportingToken)findAndAssertPolicy(SP12Constants.SUPPORTING_TOKENS);
-        this.handleSupportingTokens(supportingToks);
-        
+        this.handleSupportingTokens(supportingToks, false);
+
         SupportingToken encryptedSupportingToks 
             = (SupportingToken)findAndAssertPolicy(SP12Constants.ENCRYPTED_SUPPORTING_TOKENS);
-        this.handleSupportingTokens(encryptedSupportingToks);
-    
+        this.handleSupportingTokens(encryptedSupportingToks, false);
+
         //Setup signature parts
         addSignatureParts(sigSuppTokMap, sigs);
         addSignatureParts(sgndEncSuppTokMap, sigs);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java?rev=734732&r1=734731&r2=734732&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
Thu Jan 15 07:32:59 2009
@@ -375,7 +375,7 @@
                 e.printStackTrace();
             }
         } else {
-            WSSecSignature sig = getSignatureBuider(wrapper, sigToken);
+            WSSecSignature sig = getSignatureBuider(wrapper, sigToken, false);
             sig.prependBSTElementToHeader(secHeader);
             
             if (abinding.isTokenProtection()

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=734732&r1=734731&r2=734732&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
Thu Jan 15 07:32:59 2009
@@ -36,6 +36,7 @@
 import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
 import org.apache.cxf.ws.security.policy.model.Header;
 import org.apache.cxf.ws.security.policy.model.IssuedToken;
+import org.apache.cxf.ws.security.policy.model.KeyValueToken;
 import org.apache.cxf.ws.security.policy.model.SecureConversationToken;
 import org.apache.cxf.ws.security.policy.model.SignedEncryptedParts;
 import org.apache.cxf.ws.security.policy.model.SupportingToken;
@@ -170,6 +171,8 @@
                             } else if (token instanceof SecureConversationToken) {
                                 signatureValues.add(doSecureConversationSignature(token,
                                                                                   null));
+                            } else if (token instanceof KeyValueToken) {
+                                //
                             }
                         }
                     }
@@ -185,7 +188,7 @@
                     }
                     if (suppTokens != null && suppTokens.getTokens() != null 
                         && suppTokens.getTokens().size() > 0) {
-                        handleSupportingTokens(suppTokens);
+                        handleSupportingTokens(suppTokens, false);
                     }
                 }
 
@@ -257,7 +260,7 @@
             
             return dkSig.getSignatureValue();
         } else {
-            WSSecSignature sig = getSignatureBuider(wrapper, token);
+            WSSecSignature sig = getSignatureBuider(wrapper, token, false);
             sig.prependBSTElementToHeader(secHeader);
             /*
             if (isTokenProtection()



Mime
View raw message