cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dval...@apache.org
Subject svn commit: r966766 - in /cxf/branches/2.2.x-fixes: ./ rt/ws/security/src/main/java/org/apache/cxf/ws/security/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/
Date Thu, 22 Jul 2010 17:33:29 GMT
Author: dvaleri
Date: Thu Jul 22 17:33:28 2010
New Revision: 966766

URL: http://svn.apache.org/viewvc?rev=966766&view=rev
Log:
Merged revisions 966762 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r966762 | dvaleri | 2010-07-22 13:19:34 -0400 (Thu, 22 Jul 2010) | 1 line
  
  [CXF-2905] Added ability to send WS-T 1.4 ActAs element in RST.
........

Modified:
    cxf/branches/2.2.x-fixes/   (props changed)
    cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
    cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
    cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
    cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java

Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Jul 22 17:33:28 2010
@@ -1 +1 @@
-/cxf/trunk:965966,966026
+/cxf/trunk:965966,966026,966762

Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=966766&r1=966765&r2=966766&view=diff
==============================================================================
--- cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
(original)
+++ cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
Thu Jul 22 17:33:28 2010
@@ -68,6 +68,8 @@ public final class SecurityConstants {
     public static final String STS_TOKEN_USERNAME = "ws-security.sts.token.username";
     
     public static final String STS_TOKEN_DO_CANCEL = "ws-security.sts.token.do.cancel";
+    
+    public static final String STS_TOKEN_ACT_AS = "ws-security.sts.token.act-as";
 
     public static final Set<String> ALL_PROPERTIES;
     
@@ -77,7 +79,8 @@ public final class SecurityConstants {
             SIGNATURE_USERNAME, SIGNATURE_PROPERTIES, SIGNATURE_CRYPTO,
             ENCRYPT_USERNAME, ENCRYPT_PROPERTIES, ENCRYPT_CRYPTO,
             TOKEN, TOKEN_ID, STS_CLIENT, STS_TOKEN_PROPERTIES, STS_TOKEN_CRYPTO,
-            STS_TOKEN_DO_CANCEL, TIMESTAMP_TTL, ALWAYS_ENCRYPT_UT
+            STS_TOKEN_DO_CANCEL, TIMESTAMP_TTL, ALWAYS_ENCRYPT_UT,
+            STS_TOKEN_ACT_AS
         }));
         ALL_PROPERTIES = Collections.unmodifiableSet(s);
     }

Modified: cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=966766&r1=966765&r2=966766&view=diff
==============================================================================
--- cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
(original)
+++ cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Thu Jul 22 17:33:28 2010
@@ -80,6 +80,10 @@ public class IssuedTokenInterceptorProvi
             client.setEndpointName(ep.getEndpointInfo().getName().toString() + ".sts-client");
             client.setBeanName(ep.getEndpointInfo().getName().toString() + ".sts-client");
         }
+        
+        // Transpose ActAs info from original request to the STS client.
+        client.setActAs(message.getContextualProperty(SecurityConstants.STS_TOKEN_ACT_AS));
+        
         return client;
     }
     static class IssuedTokenOutInterceptor extends AbstractPhaseInterceptor<Message>
{

Modified: cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=966766&r1=966765&r2=966766&view=diff
==============================================================================
--- cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++ cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Thu Jul 22 17:33:28 2010
@@ -21,6 +21,7 @@ package org.apache.cxf.ws.security.trust
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.StringReader;
 import java.net.URL;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
@@ -139,6 +140,8 @@ public class STSClient implements Config
 
     boolean isSecureConv;
     int ttl = 300;
+    
+    Object actAs;
 
     Map<String, Object> ctx = new HashMap<String, Object>();
     
@@ -268,6 +271,11 @@ public class STSClient implements Config
     public void setEndpointQName(QName qn) {
         endpointName = qn;
     }
+    
+    public void setActAs(Object actAs) {
+        this.actAs = actAs;
+    }
+    
     public void setKeySize(int i) {
         keySize = i;
     }
@@ -451,6 +459,9 @@ public class STSClient implements Config
             StaxUtils.copy(el, writer);
             writer.writeEndElement();
         }
+        
+        addActAs(writer);
+        
         writer.writeEndElement();
 
         Object obj[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement()));
@@ -698,6 +709,35 @@ public class STSClient implements Config
             writer.writeEndElement();
         }
     }
+    
+    private void addActAs(W3CDOMStreamWriter writer) throws Exception {
+        if (this.actAs != null) {
+            final boolean isString = this.actAs instanceof String;
+            final boolean isElement = this.actAs instanceof Element; 
+            if (isString || isElement) {
+                final Element actAsEl;
+                
+                if (isString) {
+                    final Document acAsDoc =
+                        DOMUtils.readXml(new StringReader((String) this.actAs));
+                    actAsEl = acAsDoc.getDocumentElement();
+                } else {
+                    actAsEl = (Element) this.actAs;
+                }
+                
+                writer.writeStartElement(STSUtils.WST_NS_08_02, "ActAs");
+                
+                // Unlikely to ever be otherwise, but still prudent to check.
+                if (actAsEl.getOwnerDocument() != writer.getDocument()) {
+                    writer.getDocument().adoptNode(actAsEl);
+                }
+                
+                writer.getCurrentNode().appendChild(actAsEl);
+                
+                writer.writeEndElement();
+            }
+        }
+    }
 
     private SecurityToken createSecurityToken(Element el, byte[] requestorEntropy)
         throws WSSecurityException {

Modified: cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java?rev=966766&r1=966765&r2=966766&view=diff
==============================================================================
--- cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
(original)
+++ cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
Thu Jul 22 17:33:28 2010
@@ -49,8 +49,14 @@ import org.apache.neethi.Policy;
  */
 public final class STSUtils {
     public static final String WST_NS_05_02 = "http://schemas.xmlsoap.org/ws/2005/02/trust";
+    /**
+     * WS-T 1.3 Namespace
+     */
     public static final String WST_NS_05_12 = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
-
+    /**
+     * WS-T 1.4 Namespace.
+     */
+    public static final String WST_NS_08_02 = "http://docs.oasis-open.org/ws-sx/ws-trust/200802";
     public static final String SCT_NS_05_02 = "http://schemas.xmlsoap.org/ws/2005/02/sc";
     public static final String SCT_NS_05_12 
         = "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";



Mime
View raw message