cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r792265 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/ systests/src/test/resources/wsdl_systest/
Date Wed, 08 Jul 2009 19:02:31 GMT
Author: dkulp
Date: Wed Jul  8 19:02:30 2009
New Revision: 792265

URL: http://svn.apache.org/viewvc?rev=792265&view=rev
Log:
[CXF-2334] Support for the RequiredElements/RequiredParts assertions

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
    cxf/trunk/systests/src/test/resources/wsdl_systest/DoubleIt.wsdl

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java?rev=792265&r1=792264&r2=792265&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/WSSecurityPolicyInterceptorProvider.java
Wed Jul  8 19:02:30 2009
@@ -49,6 +49,8 @@
         ASSERTION_TYPES.add(SP12Constants.USERNAME_TOKEN);
         ASSERTION_TYPES.add(SP12Constants.TRANSPORT_TOKEN);            
         ASSERTION_TYPES.add(SP12Constants.SIGNED_PARTS);
+        ASSERTION_TYPES.add(SP12Constants.REQUIRED_PARTS);
+        ASSERTION_TYPES.add(SP12Constants.REQUIRED_ELEMENTS);
         ASSERTION_TYPES.add(SP12Constants.ENCRYPTED_PARTS);
         ASSERTION_TYPES.add(SP12Constants.ENCRYPTED_ELEMENTS);
         ASSERTION_TYPES.add(SP12Constants.SIGNED_ELEMENTS);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=792265&r1=792264&r2=792265&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Wed Jul  8 19:02:30 2009
@@ -32,10 +32,12 @@
 
 import javax.xml.namespace.QName;
 import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPHeader;
 import javax.xml.soap.SOAPMessage;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.xpath.XPath;
 import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathExpressionException;
 import javax.xml.xpath.XPathFactory;
 
 import org.w3c.dom.Element;
@@ -60,6 +62,8 @@
 import org.apache.cxf.ws.security.policy.model.AsymmetricBinding;
 import org.apache.cxf.ws.security.policy.model.ContentEncryptedElements;
 import org.apache.cxf.ws.security.policy.model.Header;
+import org.apache.cxf.ws.security.policy.model.RequiredElements;
+import org.apache.cxf.ws.security.policy.model.RequiredParts;
 import org.apache.cxf.ws.security.policy.model.SignedEncryptedElements;
 import org.apache.cxf.ws.security.policy.model.SignedEncryptedParts;
 import org.apache.cxf.ws.security.policy.model.SymmetricBinding;
@@ -519,6 +523,8 @@
         assertXPathTokens(aim, SP12Constants.ENCRYPTED_ELEMENTS, encrypted, msg, doc, "encrypted",
false);
         assertXPathTokens(aim, SP12Constants.CONTENT_ENCRYPTED_ELEMENTS, encrypted, msg,
                           doc, "encrypted", true);
+        
+        assertHeadersExists(aim, msg, doc);
 
         assertAsymetricBinding(aim, msg, doc, prots, hasDerivedKeys);
         assertSymetricBinding(aim, msg, doc, prots, hasDerivedKeys);
@@ -539,6 +545,51 @@
         
         super.doResults(msg, actor, doc, results);
     }
+    private void assertHeadersExists(AssertionInfoMap aim, SoapMessage msg, SOAPMessage doc)

+        throws SOAPException {
+        
+        SOAPHeader header = doc.getSOAPHeader();
+        Collection<AssertionInfo> ais = aim.get(SP12Constants.REQUIRED_PARTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                RequiredParts rp = (RequiredParts)ai.getAssertion();
+                ai.setAsserted(true);
+                for (Header h : rp.getHeaders()) {
+                    if (header == null || !header.getChildElements(h.getQName()).hasNext())
{
+                        ai.setNotAsserted("No header element of name " + h.getQName() + "
found.");
+                    }
+                }
+            }
+        }
+        ais = aim.get(SP12Constants.REQUIRED_ELEMENTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                RequiredElements rp = (RequiredElements)ai.getAssertion();
+                ai.setAsserted(true);
+                Map<String, String> namespaces = rp.getDeclaredNamespaces();
+                XPathFactory factory = XPathFactory.newInstance();
+                for (String expression : rp.getXPathExpressions()) {
+                    XPath xpath = factory.newXPath();
+                    if (namespaces != null) {
+                        xpath.setNamespaceContext(new MapNamespaceContext(namespaces));
+                    }
+                    NodeList list;
+                    try {
+                        list = (NodeList)xpath.evaluate(expression, 
+                                                                 header,
+                                                                 XPathConstants.NODESET);
+                        if (list.getLength() == 0) {
+                            ai.setNotAsserted("No header element matching XPath " + expression
+ " found.");
+                        }
+                    } catch (XPathExpressionException e) {
+                        ai.setNotAsserted("Invalid XPath expression " + expression + " "
+ e.getMessage());
+                    }
+                }
+            }
+        }
+        
+    }
+
     private boolean assertSymetricBinding(AssertionInfoMap aim, 
                                            SoapMessage message,
                                            SOAPMessage doc,
@@ -586,7 +637,7 @@
                                            Protections prots,
                                            boolean derived) {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
-        if (ais == null) {
+        if (ais == null) {                       
             return true;
         }
         for (AssertionInfo ai : ais) {

Modified: cxf/trunk/systests/src/test/resources/wsdl_systest/DoubleIt.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/src/test/resources/wsdl_systest/DoubleIt.wsdl?rev=792265&r1=792264&r2=792265&view=diff
==============================================================================
--- cxf/trunk/systests/src/test/resources/wsdl_systest/DoubleIt.wsdl (original)
+++ cxf/trunk/systests/src/test/resources/wsdl_systest/DoubleIt.wsdl Wed Jul  8 19:02:30 2009
@@ -392,6 +392,14 @@
 					xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
 					<sp:XPath xmlns:example1="http://cxf.apache.org/policytest/DoubleIt">//example1:DoubleIt/numberToDouble</sp:XPath>
 				</sp:EncryptedElements>
+				<sp:RequiredElements
+					xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+					<sp:XPath xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:Security</sp:XPath>
+			    </sp:RequiredElements>
+				<sp:RequiredParts
+					xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+					<sp:Header Name="Security" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
+			    </sp:RequiredParts>
 			</wsp:All>
 		</wsp:ExactlyOne>
 	</wsp:Policy>



Mime
View raw message