cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gma...@apache.org
Subject svn commit: r980623 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Date Fri, 30 Jul 2010 00:59:45 GMT
Author: gmazza
Date: Fri Jul 30 00:59:44 2010
New Revision: 980623

URL: http://svn.apache.org/viewvc?rev=980623&view=rev
Log:
Switch to use KeyIdentifier instead of Reference for SAML tokens within the SOAP request body
EncryptedData element (see CXF-2894).  This change will have no effect until WSS4J's WSSecEncrypt
is similarly updated (patch forthcoming).

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=980623&r1=980622&r2=980623&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Fri Jul 30 00:59:44 2010
@@ -430,7 +430,6 @@ public class SymmetricBindingHandler ext
                             if (id.startsWith("#")) {
                                 id = id.substring(1);
                             }
-
                             dkEncr.setExternalKey(encrTok.getSecret(), id);
                         } else {
                             dkEncr.setExternalKey(encrTok.getSecret(), encrTok.getId());
@@ -498,9 +497,14 @@ public class SymmetricBindingHandler ext
                             encr.setUseKeyIdentifier(true);
                             encr.setKeyIdentifierType(WSConstants.EMBED_SECURITY_TOKEN_REF);
                         }
+                    } else {
+                        if (encrToken instanceof IssuedToken) {
+                            encr.setUseKeyIdentifier(true);
+                            encr.setCustomReferenceValue(SecurityTokenReference.SAML_ID_URI);
+                            encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+                        }
                     }
 
-                    
                     encr.prepare(saaj.getSOAPPart(),
                                  crypto);
                    



Mime
View raw message