cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1171141 - in /cxf/branches/2.4.x-fixes: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy...
Date Thu, 15 Sep 2011 15:36:41 GMT
Author: coheigea
Date: Thu Sep 15 15:36:40 2011
New Revision: 1171141

URL: http://svn.apache.org/viewvc?rev=1171141&view=rev
Log:
[CXF-3705][CXF-2924] - Add the ability to specify custom AlgorithmSuites
 - Re-enabled asymmetric key length checking for the restricted security policy test-cases

Added:
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
    cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuite.java
    cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java
Modified:
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
    cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/server/ServerRestricted.java
    cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/wssec11/client/client_restricted.xml

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java?rev=1171141&r1=1171140&r2=1171141&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
Thu Sep 15 15:36:40 2011
@@ -93,7 +93,7 @@ public final class WSSecurityPolicyLoade
             return;
         }
         PolicyBuilder pbuild = bus.getExtension(PolicyBuilder.class);
-        reg.registerBuilder(new AlgorithmSuiteBuilder());
+        reg.registerBuilder(new AlgorithmSuiteBuilder(bus));
         reg.registerBuilder(new AsymmetricBindingBuilder(pbuild));
         reg.registerBuilder(new ContentEncryptedElementsBuilder());
         reg.registerBuilder(new EncryptedElementsBuilder());
@@ -115,7 +115,7 @@ public final class WSSecurityPolicyLoade
         reg.registerBuilder(new SupportingTokens12Builder(pbuild));
         reg.registerBuilder(new SupportingTokensBuilder(pbuild));
         reg.registerBuilder(new SymmetricBindingBuilder(pbuild));
-        reg.registerBuilder(new TransportBindingBuilder(pbuild));
+        reg.registerBuilder(new TransportBindingBuilder(pbuild, bus));
         reg.registerBuilder(new TransportTokenBuilder(pbuild));
         reg.registerBuilder(new Trust10Builder());
         reg.registerBuilder(new Trust13Builder());

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java?rev=1171141&r1=1171140&r2=1171141&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
Thu Sep 15 15:36:40 2011
@@ -24,11 +24,14 @@ import javax.xml.namespace.QName;
 
 import org.w3c.dom.Element;
 
+import org.apache.cxf.Bus;
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.ws.security.policy.SP11Constants;
 import org.apache.cxf.ws.security.policy.SP12Constants;
 import org.apache.cxf.ws.security.policy.SPConstants;
 import org.apache.cxf.ws.security.policy.WSSPolicyException;
+import org.apache.cxf.ws.security.policy.custom.AlgorithmSuiteLoader;
+import org.apache.cxf.ws.security.policy.custom.DefaultAlgorithmSuiteLoader;
 import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
 import org.apache.neethi.Assertion;
 import org.apache.neethi.AssertionBuilderFactory;
@@ -37,20 +40,36 @@ import org.apache.neethi.builders.Assert
 
 public class AlgorithmSuiteBuilder implements AssertionBuilder<Element> {
     
+    private Bus bus;
+
+    public AlgorithmSuiteBuilder(Bus bus) {
+        this.bus = bus;
+    }
+    
     public Assertion build(Element element, AssertionBuilderFactory factory)
         throws IllegalArgumentException {
         
         SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
             ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
 
-        AlgorithmSuite algorithmSuite = new AlgorithmSuite(consts);
-
-        Element policyElem = DOMUtils.getFirstElement(element);
+        AlgorithmSuiteLoader loader = bus.getExtension(AlgorithmSuiteLoader.class);
+        if (loader == null) {
+            loader = new DefaultAlgorithmSuiteLoader();
+        } 
+        Element policyElement = DOMUtils.getFirstElement(element);
+        AlgorithmSuite algorithmSuite = null;
         try {
-            algorithmSuite.setAlgorithmSuite(DOMUtils.getFirstElement(policyElem).getLocalName());
+            algorithmSuite = loader.getAlgorithmSuite(policyElement, consts);
         } catch (WSSPolicyException e) {
             throw new IllegalArgumentException(e);
         }
+        
+        if (algorithmSuite == null) {
+            String algorithmSuiteName = DOMUtils.getFirstElement(policyElement).getLocalName();
+            throw new IllegalArgumentException(
+                "Algorithm suite \"" + algorithmSuiteName + "\" is not registered"
+            );
+        }
 
         return algorithmSuite;
     }

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java?rev=1171141&r1=1171140&r2=1171141&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
Thu Sep 15 15:36:40 2011
@@ -22,6 +22,7 @@ import javax.xml.namespace.QName;
 
 import org.w3c.dom.Element;
 
+import org.apache.cxf.Bus;
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.ws.policy.PolicyBuilder;
 import org.apache.cxf.ws.security.policy.SP11Constants;
@@ -40,8 +41,10 @@ import org.apache.neethi.builders.Assert
 public class TransportBindingBuilder implements AssertionBuilder<Element> {
     
     PolicyBuilder builder;
-    public TransportBindingBuilder(PolicyBuilder b) {
+    Bus bus;
+    public TransportBindingBuilder(PolicyBuilder b, Bus bus) {
         builder = b;
+        this.bus = bus;
     }
     
     public Assertion build(Element element, AssertionBuilderFactory factory)
@@ -72,7 +75,7 @@ public class TransportBindingBuilder imp
                 while (child != null) {
                     String name = child.getLocalName();
                     if (name.equals(SPConstants.ALGO_SUITE)) {
-                        parent.setAlgorithmSuite((AlgorithmSuite)new AlgorithmSuiteBuilder()
+                        parent.setAlgorithmSuite((AlgorithmSuite)new AlgorithmSuiteBuilder(bus)
                             .build(child, factory));
                     } else if (name.equals(SPConstants.TRANSPORT_TOKEN)) {
                         parent.setTransportToken((TransportToken)new TransportTokenBuilder(builder)

Added: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java?rev=1171141&view=auto
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
(added)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
Thu Sep 15 15:36:40 2011
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.policy.custom;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
+
+/**
+ * This interface defines a way of retrieving an AlgorithmSuite object from the policy element
+ * of an AlgorithmSuite assertion.
+ */
+public interface AlgorithmSuiteLoader {
+
+    AlgorithmSuite getAlgorithmSuite(Element policyElement, SPConstants consts);
+
+}

Added: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java?rev=1171141&view=auto
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
(added)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
Thu Sep 15 15:36:40 2011
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.policy.custom;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
+
+/**
+ * This class retrieves the default AlgorithmSuites.
+ */
+public class DefaultAlgorithmSuiteLoader implements AlgorithmSuiteLoader {
+
+    public AlgorithmSuite getAlgorithmSuite(Element policyElement, SPConstants consts) {
+        if (policyElement != null) {
+            AlgorithmSuite algorithmSuite = new AlgorithmSuite(consts);
+            String algorithmSuiteName = DOMUtils.getFirstElement(policyElement).getLocalName();
+            algorithmSuite.setAlgorithmSuite(algorithmSuiteName);
+            return algorithmSuite;
+        }
+        return null;
+    }
+
+}

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java?rev=1171141&r1=1171140&r2=1171141&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java
Thu Sep 15 15:36:40 2011
@@ -33,45 +33,45 @@ import org.apache.cxf.ws.security.policy
 public class AlgorithmSuite extends AbstractSecurityAssertion {
     private static final Logger LOG = LogUtils.getL7dLogger(AlgorithmSuite.class);
     
-    private String algoSuiteString;
+    protected String algoSuiteString;
 
-    private String symmetricSignature = SPConstants.HMAC_SHA1;
+    protected String symmetricSignature = SPConstants.HMAC_SHA1;
 
-    private String asymmetricSignature = SPConstants.RSA_SHA1;
+    protected String asymmetricSignature = SPConstants.RSA_SHA1;
 
-    private String computedKey = SPConstants.P_SHA1;
+    protected String computedKey = SPConstants.P_SHA1;
 
-    private int maximumSymmetricKeyLength = 256;
+    protected int maximumSymmetricKeyLength = 256;
 
-    private int minimumAsymmetricKeyLength = 1024;
+    protected int minimumAsymmetricKeyLength = 1024;
 
-    private int maximumAsymmetricKeyLength = 4096;
+    protected int maximumAsymmetricKeyLength = 4096;
 
-    private String digest;
+    protected String digest;
 
-    private String encryption;
+    protected String encryption;
 
-    private String symmetricKeyWrap;
+    protected String symmetricKeyWrap;
 
-    private String asymmetricKeyWrap;
+    protected String asymmetricKeyWrap;
 
-    private String encryptionKeyDerivation;
+    protected String encryptionKeyDerivation;
 
-    private int encryptionDerivedKeyLength;
+    protected int encryptionDerivedKeyLength;
 
-    private String signatureKeyDerivation;
+    protected String signatureKeyDerivation;
 
-    private int signatureDerivedKeyLength;
+    protected int signatureDerivedKeyLength;
 
-    private int minimumSymmetricKeyLength;
+    protected int minimumSymmetricKeyLength;
 
-    private String c14n = SPConstants.EX_C14N;
+    protected String c14n = SPConstants.EX_C14N;
 
-    private String soapNormalization;
+    protected String soapNormalization;
 
-    private String strTransform;
+    protected String strTransform;
 
-    private String xPath;
+    protected String xPath;
 
     public AlgorithmSuite(SPConstants version) {
         super(version);

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java?rev=1171141&r1=1171140&r2=1171141&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
Thu Sep 15 15:36:40 2011
@@ -21,7 +21,7 @@ package org.apache.cxf.ws.security.wss4j
 
 import java.security.Principal;
 import java.security.PublicKey;
-// import java.security.cert.X509Certificate;
+import java.security.cert.X509Certificate;
 import java.security.interfaces.DSAPublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.util.List;
@@ -163,13 +163,11 @@ public class AlgorithmSuitePolicyValidat
             return false;
         }
         
-        /*
         X509Certificate x509Cert = 
             (X509Certificate)result.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
         if (x509Cert != null && !checkPublicKeyLength(x509Cert.getPublicKey(), algorithmPolicy,
ai)) {
             return false;
         }
-        */
         
         byte[] secret = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
         if (signature) {

Added: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuite.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuite.java?rev=1171141&view=auto
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuite.java
(added)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuite.java
Thu Sep 15 15:36:40 2011
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.wssec11;
+
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.WSSPolicyException;
+import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
+
+/**
+ * This AlgorithmSuite supports restricted security policies - by setting the minimum asymmetric
+ * key length to be 512.
+ */
+public class RestrictedAlgorithmSuite extends AlgorithmSuite {
+    
+    public RestrictedAlgorithmSuite(SPConstants version) {
+        super(version);
+    }
+
+    public RestrictedAlgorithmSuite() {
+        super(SP12Constants.INSTANCE);
+    }
+    
+    /**
+     * Set the algorithm suite
+     * 
+     * @param algoSuite
+     * @throws WSSPolicyException
+     */
+    @Override
+    public void setAlgorithmSuite(String algoSuite) throws WSSPolicyException {
+        super.setAlgorithmSuite(algoSuite);
+        this.minimumAsymmetricKeyLength = 512;
+    }
+}

Added: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java?rev=1171141&view=auto
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java
(added)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java
Thu Sep 15 15:36:40 2011
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.wssec11;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.custom.AlgorithmSuiteLoader;
+import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
+
+/**
+ * This class retrieves a custom AlgorithmSuite for use with restricted security policies
+ */
+public class RestrictedAlgorithmSuiteLoader implements AlgorithmSuiteLoader {
+    
+    public RestrictedAlgorithmSuiteLoader(Bus bus) {
+        bus.setExtension(this, AlgorithmSuiteLoader.class);
+    }
+
+    public AlgorithmSuite getAlgorithmSuite(Element policyElement, SPConstants consts) {
+        if (policyElement != null) {
+            RestrictedAlgorithmSuite algorithmSuite = new RestrictedAlgorithmSuite(consts);
+            String algorithmSuiteName = DOMUtils.getFirstElement(policyElement).getLocalName();
+            algorithmSuite.setAlgorithmSuite(algorithmSuiteName);
+            return algorithmSuite;
+        }
+        return null;
+    }
+
+}

Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/server/ServerRestricted.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/server/ServerRestricted.java?rev=1171141&r1=1171140&r2=1171141&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/server/ServerRestricted.java
(original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/server/ServerRestricted.java
Thu Sep 15 15:36:40 2011
@@ -24,6 +24,7 @@ import javax.xml.ws.Endpoint;
 import org.apache.cxf.Bus;
 import org.apache.cxf.BusFactory;
 import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.systest.ws.wssec11.RestrictedAlgorithmSuiteLoader;
 import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
 import org.apache.cxf.ws.security.SecurityConstants;
 
@@ -36,6 +37,10 @@ public class ServerRestricted extends Ab
     
     protected ServerRestricted(String baseUrl) throws Exception {
         
+        Bus bus = new SpringBusFactory().createBus("org/apache/cxf/systest/ws/wssec11/server/server.xml");
+        new RestrictedAlgorithmSuiteLoader(bus);
+        BusFactory.setDefaultBus(bus);
+        setBus(bus);
         
         doPublish(baseUrl + "/APingService", new APingService());
         doPublish(baseUrl + "/A-NoTimestampPingService", new ANoTimestampPingService());
@@ -65,11 +70,6 @@ public class ServerRestricted extends Ab
     }
     
     protected void run()  {
-        Bus busLocal = new SpringBusFactory().createBus(
-            "org/apache/cxf/systest/ws/wssec11/server/server.xml");
-        BusFactory.setDefaultBus(busLocal);
-        setBus(busLocal);
-
         try {
             new ServerRestricted("http://localhost:" + PORT);
         } catch (Exception e) {
@@ -78,7 +78,6 @@ public class ServerRestricted extends Ab
     }
     
     public static void main(String args[]) throws Exception {
-        new SpringBusFactory().createBus("org/apache/cxf/systest/ws/wssec11/server/server.xml");
         new ServerRestricted("http://localhost:" + PORT);
         System.out.println("Server ready...");
 

Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/wssec11/client/client_restricted.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/wssec11/client/client_restricted.xml?rev=1171141&r1=1171140&r2=1171141&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/wssec11/client/client_restricted.xml
(original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/wssec11/client/client_restricted.xml
Thu Sep 15 15:36:40 2011
@@ -38,6 +38,12 @@
             <cxf:logging/>
         </cxf:features>
     </cxf:bus>
+    
+    <bean id="restrictedPolicyLoader"
+          class="org.apache.cxf.systest.ws.wssec11.RestrictedAlgorithmSuiteLoader" >
+          <constructor-arg ref="cxf"/>
+    </bean>
+   
     <!-- -->
     <!-- Scenario 4.1 -->
     <!-- -->



Mime
View raw message