cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r752601 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Date Wed, 11 Mar 2009 20:07:39 GMT
Author: dkulp
Date: Wed Mar 11 20:07:39 2009
New Revision: 752601

URL: http://svn.apache.org/viewvc?rev=752601&view=rev
Log:
Work toward validate.   The MS server is not responding at all to validate or cancel requests
(hang) so I'm not sure if they are correct yet or not.  

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=752601&r1=752600&r2=752601&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Wed Mar 11 20:07:39 2009
@@ -420,6 +420,74 @@
         String ns = "http://schemas.xmlsoap.org/ws/2004/08/addressing/policy";
         return new PrimitiveAssertion(new QName(ns, "UsingAddressing"));
     }
+    public boolean validateSecurityToken(SecurityToken tok) throws Exception {
+        return validateSecurityToken(tok,
+                                     namespace + "/RSTR/Status");
+    }
+    private boolean validateSecurityToken(SecurityToken tok, String string) 
+        throws Exception {
+        createClient();
+
+        if (addressingNamespace == null) {
+            addressingNamespace = "http://www.w3.org/2005/08/addressing";
+        }
+
+        Policy validatePolicy = new Policy();
+        ExactlyOne one = new ExactlyOne();
+        validatePolicy.addPolicyComponent(one);
+        All all = new All();
+        SymmetricBinding binding = new SymmetricBinding();
+        all.addAssertion(binding);
+        one.addPolicyComponent(all);
+        all.addAssertion(getAddressingAssertion());
+        ProtectionToken ptoken = new ProtectionToken();
+        binding.setProtectionToken(ptoken);
+        binding.setIncludeTimestamp(true);
+        binding.setEntireHeadersAndBodySignatures(true);
+        binding.setTokenProtection(false);
+        AlgorithmSuite suite = new AlgorithmSuite();
+        binding.setAlgorithmSuite(suite);
+        SecureConversationToken sct = new SecureConversationToken();
+        sct.setOptional(true);
+        ptoken.setToken(sct);
+        
+        SignedEncryptedParts parts = new SignedEncryptedParts(true);
+        parts.setBody(true);
+        parts.addHeader(new Header("To", addressingNamespace));
+        parts.addHeader(new Header("From", addressingNamespace));
+        parts.addHeader(new Header("FaultTo", addressingNamespace));
+        parts.addHeader(new Header("ReplyTo", addressingNamespace));
+        parts.addHeader(new Header("Action", addressingNamespace));
+        parts.addHeader(new Header("MessageID", addressingNamespace));
+        parts.addHeader(new Header("RelatesTo", addressingNamespace));
+        all.addPolicyComponent(parts);
+        
+        client.getRequestContext().putAll(ctx);
+        client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, validatePolicy);
+        client.getRequestContext().put(SecurityConstants.TOKEN, tok);
+        BindingOperationInfo boi = findOperation("/RST/Validate");
+        
+        W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
+        writer.writeStartElement("wst", "RequestSecurityToken", namespace);
+        writer.writeStartElement("wst", "RequestType", namespace);
+        writer.writeCharacters(namespace + "/Validate");
+        writer.writeEndElement();
+
+        writer.writeStartElement("wst", "ValidateTarget", namespace);
+        Element el = tok.getUnattachedReference();
+        if (el == null) {
+            el = tok.getAttachedReference();
+        }
+        StaxUtils.copy(el, writer);
+
+        writer.writeEndElement();
+        writer.writeEndElement();
+
+        client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement()));
+        
+        return false;
+    }
+
     public void cancelSecurityToken(SecurityToken token) throws Exception {
         createClient();
 



Mime
View raw message