cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1073837 - in /cxf/trunk/rt/ws/security/src: main/java/org/apache/cxf/ws/security/trust/ main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/ test/java/org/apache/cxf/ws/security/wss4j/
Date Wed, 23 Feb 2011 17:21:03 GMT
Author: coheigea
Date: Wed Feb 23 17:21:02 2011
New Revision: 1073837

URL: http://svn.apache.org/viewvc?rev=1073837&view=rev
Log:
Update following (very) recent changes to WSS4J crypto interface
 - Note that you will need the latest WSS4J snapshot in your repo for this to compile.

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
    cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1073837&r1=1073836&r2=1073837&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Wed Feb 23 17:21:02 2011
@@ -26,7 +26,6 @@ import java.net.URL;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.Date;
-import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
@@ -105,6 +104,7 @@ import org.apache.ws.security.WSSecurity
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.components.crypto.Crypto;
 import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.components.crypto.CryptoType;
 import org.apache.ws.security.conversation.ConversationException;
 import org.apache.ws.security.conversation.dkalgo.P_SHA1;
 import org.apache.ws.security.message.token.Reference;
@@ -776,18 +776,14 @@ public class STSClient implements Config
     private X509Certificate getCert(Crypto crypto) throws Exception {
         String alias = (String)getProperty(SecurityConstants.STS_TOKEN_USERNAME);
         if (alias == null) {
-            alias = crypto.getDefaultX509Alias();
+            alias = crypto.getDefaultX509Identifier();
         }
         if (alias == null) {
-            Enumeration<String> as = crypto.getKeyStore().aliases();
-            if (as.hasMoreElements()) {
-                alias = as.nextElement();
-            }
-            if (as.hasMoreElements()) {
-                throw new Fault("No alias specified for retrieving PublicKey", LOG);
-            }
+            throw new Fault("No alias specified for retrieving PublicKey", LOG);
         }
-        return crypto.getCertificates(alias)[0];
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias(alias);
+        return crypto.getX509Certificates(cryptoType)[0];
     }
 
     private void addLifetime(XMLStreamWriter writer) throws XMLStreamException {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1073837&r1=1073836&r2=1073837&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
Wed Feb 23 17:21:02 2011
@@ -22,11 +22,9 @@ package org.apache.cxf.ws.security.wss4j
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
-import java.security.KeyStoreException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collection;
-import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -502,8 +500,8 @@ public abstract class AbstractBindingBui
                     Crypto crypto = secToken.getCrypto();
                     String uname = null;
                     try {
-                        uname = crypto.getKeyStore().getCertificateAlias(secToken.getX509Certificate());
-                    } catch (KeyStoreException e1) {
+                        uname = crypto.getX509Identifier(secToken.getX509Certificate());
+                    } catch (WSSecurityException e1) {
                         throw new Fault(e1);
                     }
 
@@ -1166,7 +1164,11 @@ public abstract class AbstractBindingBui
                                                                 ? SecurityConstants.SIGNATURE_USERNAME
                                                                 : SecurityConstants.ENCRYPT_USERNAME);
         if (crypto != null && encrUser == null) {
-            encrUser = getDefaultCryptoAlias(crypto);
+            try {
+                encrUser = crypto.getDefaultX509Identifier();
+            } catch (WSSecurityException e1) {
+                throw new Fault(e1);
+            }
         } else if (encrUser == null || "".equals(encrUser)) {
             policyNotAsserted(token, "No " + (sign ? "signature" : "encryption") + " crypto
object found.");
         }
@@ -1192,26 +1194,6 @@ public abstract class AbstractBindingBui
         }
     }
     
-    protected String getDefaultCryptoAlias(Crypto crypto) {
-        String user = crypto.getDefaultX509Alias();
-        if (user == null) {
-            try {
-                Enumeration<String> en = crypto.getKeyStore().aliases();
-                if (en.hasMoreElements()) {
-                    user = en.nextElement();
-                }
-                if (en.hasMoreElements()) {
-                    //more than one alias in the keystore, user WILL need
-                    //to specify
-                    user = null;
-                }            
-            } catch (KeyStoreException e) {
-                //ignore
-            }
-        }
-        return user;
-    }
-    
     private static X509Certificate getReqSigCert(List<WSHandlerResult> results) {
         /*
         * Scan the results for a matching actor. Use results only if the
@@ -1317,7 +1299,11 @@ public abstract class AbstractBindingBui
         }
         String user = (String)message.getContextualProperty(userNameKey);
         if (crypto != null && StringUtils.isEmpty(user)) {
-            user = getDefaultCryptoAlias(crypto);
+            try {
+                user = crypto.getDefaultX509Identifier();
+            } catch (WSSecurityException e1) {
+                throw new Fault(e1);
+            }
         }
         if (StringUtils.isEmpty(user)) {
             policyNotAsserted(token, "No " + type + " username found.");

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=1073837&r1=1073836&r2=1073837&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
Wed Feb 23 17:21:02 2011
@@ -417,7 +417,7 @@ public class TransportBindingHandler ext
                 sig.setX509Certificate(secTok.getX509Certificate());
                 
                 crypto = secTok.getCrypto();
-                String uname = crypto.getKeyStore().getCertificateAlias(secTok.getX509Certificate());
+                String uname = crypto.getX509Identifier(secTok.getX509Certificate());
                 String password = getPassword(uname, token, WSPasswordCallback.SIGNATURE);
                 if (password == null) {
                     password = "";

Modified: cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java?rev=1073837&r1=1073836&r2=1073837&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
(original)
+++ cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
Wed Feb 23 17:21:02 2011
@@ -73,6 +73,7 @@ import org.apache.ws.security.WSDataRef;
 import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.components.crypto.Crypto;
 import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.components.crypto.CryptoType;
 import org.apache.ws.security.handler.WSHandlerConstants;
 import org.apache.ws.security.handler.WSHandlerResult;
 import org.apache.ws.security.util.WSSecurityUtil;
@@ -856,7 +857,9 @@ public class PolicyBasedWss4JInOutTest e
         cryptoProps.load(url.openStream());
         Crypto crypto = CryptoFactory.getInstance(cryptoProps);
         String alias = cryptoProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias");
-        issuedToken.setX509Certificate(crypto.getCertificates(alias)[0], crypto);
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias(alias);
+        issuedToken.setX509Certificate(crypto.getX509Certificates(cryptoType)[0], crypto);
         
         msg.getExchange().get(Endpoint.class).put(SecurityConstants.TOKEN_ID, 
                 issuedToken.getId());



Mime
View raw message