cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1167214 - in /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security: kerberos/KerberosClient.java wss4j/WSS4JInInterceptor.java wss4j/policyhandlers/SymmetricBindingHandler.java
Date Fri, 09 Sep 2011 14:33:13 GMT
Author: coheigea
Date: Fri Sep  9 14:33:13 2011
New Revision: 1167214

URL: http://svn.apache.org/viewvc?rev=1167214&view=rev
Log:
[CXF-3767] - Store the KeyIdentifier SHA1 value of the Kerberos token

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java?rev=1167214&r1=1167213&r2=1167214&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
Fri Sep  9 14:33:13 2011
@@ -32,6 +32,8 @@ import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.ws.security.WSSConfig;
 import org.apache.ws.security.message.token.KerberosSecurity;
+import org.apache.ws.security.util.Base64;
+import org.apache.ws.security.util.WSSecurityUtil;
 
 /**
  * A class that obtains a ticket from a KDC and wraps it in a SecurityToken object.
@@ -120,6 +122,8 @@ public class KerberosClient implements C
         if (secretKey != null) {
             token.setSecret(secretKey.getEncoded());
         }
+        String sha1 = Base64.encode(WSSecurityUtil.generateDigest(bst.getToken()));
+        token.setSHA1(sha1);
         token.setTokenType(bst.getValueType());
 
         return token;

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1167214&r1=1167213&r2=1167214&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Fri Sep  9 14:33:13 2011
@@ -483,7 +483,8 @@ public class WSS4JInInterceptor extends 
                 
                 String id = pc.getIdentifier();
                 
-                if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType())) {
+                if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType())
+                    || WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(pc.getType())) {
                     for (SecurityToken token : store.getValidTokens()) {
                         if (id.equals(token.getSHA1())) {
                             pc.setKey(token.getSecret());

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1167214&r1=1167213&r2=1167214&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Fri Sep  9 14:33:13 2011
@@ -402,7 +402,11 @@ public class SymmetricBindingHandler ext
                 // 7.7 Encrypted Key reference
                 SecurityTokenReference tokenRef = new SecurityTokenReference(saaj.getSOAPPart());
                 tokenRef.setKeyIdentifierEncKeySHA1(encrTok.getSHA1());
-                tokenRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+                String tokenType = encrTok.getTokenType();
+                if (tokenType == null) {
+                    tokenType = WSConstants.WSS_ENC_KEY_VALUE_TYPE;
+                }
+                tokenRef.addTokenType(tokenType);
                 dkEncr.setExternalKey(encrTok.getSecret(), tokenRef.getElement());
             } else {
                 if (attached) {
@@ -424,8 +428,11 @@ public class SymmetricBindingHandler ext
             }
             
             if (encrTok.getSHA1() != null) {
-                dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
-                        + WSConstants.ENC_KEY_VALUE_TYPE);
+                String tokenType = encrTok.getTokenType();
+                if (tokenType == null) {
+                    tokenType = WSConstants.WSS_ENC_KEY_VALUE_TYPE;
+                }
+                dkEncr.setCustomValueType(tokenType);
             } else {
                 String tokenType = encrTok.getTokenType();
                 if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
@@ -599,7 +606,11 @@ public class SymmetricBindingHandler ext
             SecurityTokenReference tokenRef = new SecurityTokenReference(doc);
             if (tok.getSHA1() != null) {
                 tokenRef.setKeyIdentifierEncKeySHA1(tok.getSHA1());
-                tokenRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+                String tokenType = tok.getTokenType();
+                if (tokenType == null) {
+                    tokenType = WSConstants.WSS_ENC_KEY_VALUE_TYPE;
+                }
+                tokenRef.addTokenType(tokenType);
             }
             dkSign.setExternalKey(tok.getSecret(), tokenRef.getElement());
         } else {
@@ -614,7 +625,11 @@ public class SymmetricBindingHandler ext
         dkSign.setDerivedKeyLength(sbinding.getAlgorithmSuite().getSignatureDerivedKeyLength()
/ 8);
         if (tok.getSHA1() != null) {
             //Set the value type of the reference
-            dkSign.setCustomValueType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+            String tokenType = tok.getTokenType();
+            if (tokenType == null) {
+                tokenType = WSConstants.WSS_ENC_KEY_VALUE_TYPE;
+            }
+            dkSign.setCustomValueType(tokenType);
         } else {
             String tokenType = tok.getTokenType();
             if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)



Mime
View raw message