cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1071255 - in /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security: policy/interceptors/IssuedTokenInterceptorProvider.java trust/STSClient.java wss4j/policyhandlers/SymmetricBindingHandler.java
Date Wed, 16 Feb 2011 13:58:06 GMT
Author: coheigea
Date: Wed Feb 16 13:58:05 2011
New Revision: 1071255

URL: http://svn.apache.org/viewvc?rev=1071255&view=rev
Log:
Setting the TokenType on the SecurityToken
 - The SymmetricBinding now sets the correct token type pointing to a SAML Assertion.

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Wed Feb 16 13:58:05 2011
@@ -53,6 +53,7 @@ import org.apache.ws.security.WSConstant
 import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.handler.WSHandlerConstants;
 import org.apache.ws.security.handler.WSHandlerResult;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
 
 /**
  * 
@@ -257,6 +258,14 @@ public class IssuedTokenInterceptorProvi
                                     (java.util.Date)null
                                 );
                             token.setSecret(secretKey);
+                            AssertionWrapper assertionWrapper = 
+                                (AssertionWrapper)customPrincipal.getTokenObject();
+                            if (assertionWrapper != null && assertionWrapper.getSaml1()
!= null) {
+                                token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+                            } else if (assertionWrapper != null 
+                                && assertionWrapper.getSaml2() != null) {
+                                token.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+                            }
                             return token;
                         }
                     }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Wed Feb 16 13:58:05 2011
@@ -423,6 +423,7 @@ public class STSClient implements Config
         boolean wroteKeySize = false;
         
         String keyType = null;
+        String tokenType = null;
         
         if (template != null) {
             if (this.useSecondaryParameters()) {
@@ -437,6 +438,8 @@ public class STSClient implements Config
                 } else if ("KeySize".equals(tl.getLocalName())) {
                     wroteKeySize = true;
                     keySize = Integer.parseInt(DOMUtils.getContent(tl));
+                } else if ("TokenType".equals(tl.getLocalName())) {
+                    tokenType = DOMUtils.getContent(tl);
                 }
                 tl = DOMUtils.getNextElement(tl);
             }
@@ -485,6 +488,9 @@ public class STSClient implements Config
         if (cert != null) {
             token.setX509Certificate(cert, crypto);
         }
+        if (tokenType != null) {
+            token.setTokenType(tokenType);
+        }
         return token;
     }
     

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Wed Feb 16 13:58:05 2011
@@ -517,13 +517,19 @@ public class SymmetricBindingHandler ext
                         }
                     } else {
                         if (encrToken instanceof IssuedToken) {
-                            encr.setCustomReferenceValue(WSConstants.WSS_SAML_KI_VALUE_TYPE);
                             encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+                            String tokenType = encrTok.getTokenType();
+                            if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
+                                encr.setCustomReferenceValue(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+                            } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType))
{
+                                encr.setCustomReferenceValue(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+                            } else {
+                                encr.setCustomReferenceValue(tokenType);
+                            }
                         }
                     }
 
-                    encr.prepare(saaj.getSOAPPart(),
-                                 crypto);
+                    encr.prepare(saaj.getSOAPPart(), crypto);
                    
                     if (encr.getBSTTokenId() != null) {
                         encr.prependBSTElementToHeader(secHeader);
@@ -668,13 +674,18 @@ public class SymmetricBindingHandler ext
                     sig.setEncrKeySha1value(tok.getSHA1());
                     sig.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
                 }
-            } else if (tok.getTokenType() != null) { 
-                sig.setCustomTokenValueType(tok.getTokenType());
-                sig.setKeyIdentifierType(type);
             } else {
-                // TODO Add support for SAML2 here
-                sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
-                sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+                String tokenType = tok.getTokenType();
+                if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
+                    sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+                    sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+                } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
+                    sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+                    sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+                } else {
+                    sig.setCustomTokenValueType(tokenType);
+                    sig.setKeyIdentifierType(type);
+                }
             }
             
             String sigTokId;



Mime
View raw message