cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r797646 - in /cxf/branches/2.1.x-fixes: ./ rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Date Fri, 24 Jul 2009 20:51:27 GMT
Author: dkulp
Date: Fri Jul 24 20:51:26 2009
New Revision: 797646

URL: http://svn.apache.org/viewvc?rev=797646&view=rev
Log:
Merged revisions 797645 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/branches/2.2.x-fixes

................
  r797645 | dkulp | 2009-07-24 16:48:10 -0400 (Fri, 24 Jul 2009) | 10 lines
  
  Merged revisions 797640 via svnmerge from 
  https://svn.apache.org/repos/asf/cxf/trunk
  
  ........
    r797640 | dkulp | 2009-07-24 16:40:45 -0400 (Fri, 24 Jul 2009) | 2 lines
    
    [CXF-2359] Fixes to properly check all the signatures and timestamps.
    Part of it is a patch from Colm O hEigeartaigh
  ........
................

Modified:
    cxf/branches/2.1.x-fixes/   (props changed)
    cxf/branches/2.1.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java

Propchange: cxf/branches/2.1.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Jul 24 20:51:26 2009
@@ -1,2 +1,2 @@
-/cxf/branches/2.2.x-fixes:743446,753380,753397,753421,754585,755365,757499,757859,757899,757935,757951,758195,758303,758308,758378,758690,758910,759890,759961,759963-759964,759966,760029,760073,760150,760171,760178,760198,760212,760456,760468,760582,760938,761094,761113,761120,761317,761759,761789,762393,762518,762567,763200,763272,763495,763854,763931,763942,763953,764033-764034,764581,764599-764606,764887,765357,766013,766058,766100-766101,766763,766770,766860,766962-766963,767159,767191,767927,771416,772143,772402,772658,772714,773009-773010,773027,773049,773146,773581,773691,773693,774446-774496,774558,774760,774851,774979,775423,776024-776025,776218,776429,776459,777189,777224,777243,777481,777505,777572,777580,780033,780184,780213,780421,780664,780800,780902,780911,781497,781841,782733,782735-782736,783099,783407,784064,784197,785293,785296,785298-785299,785301,785656,786158,786587,786589,786591-786592,786640,787272,787276,787282-787283,787285,787295,787307,787324,7873
 67,788824-788825,788827-788828,788830,789423,789429,789707,789709-789710,789712,789721,789905,789908,789910,789912,790295,790646-790647,790651,790654-790655,790659,791948,791950,791952,791955,792276,792288,792291,792992,792995,792998,794402,794404,794735,794797,794799,794803,795161-795162,796300-796301,796598,797449,797452-797453,797460,797463-797464,797521-797522,797584-797585
-/cxf/trunk:782181,782728-782730,783097,783396,784059,784181,784895,785279-785282,785468,786142,786271,786395,786582-786583,786638,786647,787269,787277-787279,787290,787305,787323,787366,788060,788187,788703,788774,788820,789371,789420,789527-789529,789704-789705,789896,789898-789900,790294,790637-790644,791354,791538,791753,791947,792261-792263,792684,792975,792985,794297,794396,794728,794778-794780,794892,795160,796022-796023,796593,796780,797194,797231-797233,797442,797505,797517,797581-797582
+/cxf/branches/2.2.x-fixes:743446,753380,753397,753421,754585,755365,757499,757859,757899,757935,757951,758195,758303,758308,758378,758690,758910,759890,759961,759963-759964,759966,760029,760073,760150,760171,760178,760198,760212,760456,760468,760582,760938,761094,761113,761120,761317,761759,761789,762393,762518,762567,763200,763272,763495,763854,763931,763942,763953,764033-764034,764581,764599-764606,764887,765357,766013,766058,766100-766101,766763,766770,766860,766962-766963,767159,767191,767927,771416,772143,772402,772658,772714,773009-773010,773027,773049,773146,773581,773691,773693,774446-774496,774558,774760,774851,774979,775423,776024-776025,776218,776429,776459,777189,777224,777243,777481,777505,777572,777580,780033,780184,780213,780421,780664,780800,780902,780911,781497,781841,782733,782735-782736,783099,783407,784064,784197,785293,785296,785298-785299,785301,785656,786158,786587,786589,786591-786592,786640,787272,787276,787282-787283,787285,787295,787307,787324,7873
 67,788824-788825,788827-788828,788830,789423,789429,789707,789709-789710,789712,789721,789905,789908,789910,789912,790295,790646-790647,790651,790654-790655,790659,791948,791950,791952,791955,792276,792288,792291,792992,792995,792998,794402,794404,794735,794797,794799,794803,795161-795162,796300-796301,796598,797449,797452-797453,797460,797463-797464,797521-797522,797584-797585,797645
+/cxf/trunk:782181,782728-782730,783097,783396,784059,784181,784895,785279-785282,785468,786142,786271,786395,786582-786583,786638,786647,787269,787277-787279,787290,787305,787323,787366,788060,788187,788703,788774,788820,789371,789420,789527-789529,789704-789705,789896,789898-789900,790294,790637-790644,791354,791538,791753,791947,792261-792263,792684,792975,792985,794297,794396,794728,794778-794780,794892,795160,796022-796023,796593,796780,797194,797231-797233,797442,797505,797517,797581-797582,797640

Propchange: cxf/branches/2.1.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.1.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.1.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=797646&r1=797645&r2=797646&view=diff
==============================================================================
--- cxf/branches/2.1.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
(original)
+++ cxf/branches/2.1.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Fri Jul 24 20:51:26 2009
@@ -214,18 +214,24 @@
              */
 
             // Extract the signature action result from the action vector
-            WSSecurityEngineResult actionResult = WSSecurityUtil
-                .fetchActionResult(wsResult, WSConstants.SIGN);
-
-            if (actionResult != null) {
-                X509Certificate returnCert = (X509Certificate)actionResult
-                    .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
-
-                if (returnCert != null && !verifyTrust(returnCert, reqData)) {
-                    LOG.warning("The certificate used for the signature is not trusted");
-                    throw new WSSecurityException(WSSecurityException.FAILED_CHECK);
+            Vector signatureResults = new Vector();
+            signatureResults = 
+                WSSecurityUtil.fetchAllActionResults(wsResult, WSConstants.SIGN, signatureResults);
+
+            if (!signatureResults.isEmpty()) {
+                for (int i = 0; i < signatureResults.size(); i++) {
+                    WSSecurityEngineResult result = 
+                        (WSSecurityEngineResult) signatureResults.get(i);
+                    
+                    X509Certificate returnCert = (X509Certificate)result
+                        .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+    
+                    if (returnCert != null && !verifyTrust(returnCert, reqData))
{
+                        LOG.warning("The certificate used for the signature is not trusted");
+                        throw new WSSecurityException(WSSecurityException.FAILED_CHECK);
+                    }
+                    msg.put(SIGNATURE_RESULT, result);
                 }
-                msg.put(SIGNATURE_RESULT, actionResult);
             }
 
             /*
@@ -238,16 +244,22 @@
              */
 
             // Extract the timestamp action result from the action vector
-            actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);
-
-            if (actionResult != null) {
-                Timestamp timestamp = (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
-
-                if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData)))
{
-                    LOG.warning("The timestamp could not be validated");
-                    throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
+            Vector timestampResults = new Vector();
+            timestampResults = 
+                WSSecurityUtil.fetchAllActionResults(wsResult, WSConstants.TS, timestampResults);
+
+            if (!timestampResults.isEmpty()) {
+                for (int i = 0; i < timestampResults.size(); i++) {
+                    WSSecurityEngineResult result = 
+                        (WSSecurityEngineResult) timestampResults.get(i);
+                    Timestamp timestamp = (Timestamp)result.get(WSSecurityEngineResult.TAG_TIMESTAMP);
+    
+                    if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData)))
{
+                        LOG.warning("The timestamp could not be validated");
+                        throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
+                    }
+                    msg.put(TIMESTAMP_RESULT, result);
                 }
-                msg.put(TIMESTAMP_RESULT, actionResult);
             }
 
             /*



Mime
View raw message