cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1244479 - in /cxf/branches/2.4.x-fixes/rt/ws/security/src: main/java/org/apache/cxf/ws/security/policy/builders/ test/java/org/apache/cxf/ws/security/wss4j/ test/resources/org/apache/cxf/ws/security/wss4j/
Date Wed, 15 Feb 2012 13:31:24 GMT
Author: coheigea
Date: Wed Feb 15 13:31:23 2012
New Revision: 1244479

URL: http://svn.apache.org/viewvc?rev=1244479&view=rev
Log:
Reverting last commit

Modified:
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/EncryptedPartsBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/LayoutBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/RequiredPartsBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SignedPartsBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
    cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/signed_elements_with_sst_issued_token_policy.xml

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
Wed Feb 15 13:31:23 2012
@@ -57,11 +57,6 @@ public class AlgorithmSuiteBuilder imple
             loader = new DefaultAlgorithmSuiteLoader();
         } 
         Element policyElement = DOMUtils.getFirstElement(element);
-        if (policyElement == null) {
-            throw new IllegalArgumentException(
-                "sp:AlgorithmSuite/wsp:Policy must have a value"
-            );
-        }
         AlgorithmSuite algorithmSuite = null;
         try {
             algorithmSuite = loader.getAlgorithmSuite(policyElement, consts);
@@ -69,7 +64,7 @@ public class AlgorithmSuiteBuilder imple
             throw new IllegalArgumentException(e);
         }
         
-        if (algorithmSuite == null && consts != SP11Constants.INSTANCE) {
+        if (algorithmSuite == null) {
             String algorithmSuiteName = DOMUtils.getFirstElement(policyElement).getLocalName();
             throw new IllegalArgumentException(
                 "Algorithm suite \"" + algorithmSuiteName + "\" is not registered"

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AsymmetricBindingBuilder.java
Wed Feb 15 13:31:23 2012
@@ -66,25 +66,27 @@ public class AsymmetricBindingBuilder im
         Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
         policy = (Policy)policy.normalize(builder.getPolicyRegistry(), false);
 
-        Iterator<List<Assertion>> iterator = policy.getAlternatives();
-        if (!iterator.hasNext()) {
-            throw new IllegalArgumentException(
-                "sp:AsymmetricBinding must specify at least one alternative"
-            );
+        for (Iterator iterator = policy.getAlternatives(); iterator.hasNext();) {
+            processAlternative((List)iterator.next(), asymmetricBinding, consts);
+
+            /*
+             * since there should be only one alternative
+             */
+            break;
         }
-        processAlternative(iterator.next(), asymmetricBinding, consts);
 
         return asymmetricBinding;
     }
 
-    private void processAlternative(List<Assertion> assertions, 
+    private void processAlternative(List assertions, 
                                     AsymmetricBinding asymmetricBinding,
                                     SPConstants consts) {
 
+        Assertion assertion;
         QName name;
 
-        boolean foundAlgorithmSuite = false;
-        for (Assertion assertion : assertions) {
+        for (Iterator iterator = assertions.iterator(); iterator.hasNext();) {
+            assertion = (Assertion)iterator.next();
             name = assertion.getName();
 
             if (!consts.getNamespace().equals(name.getNamespaceURI())
@@ -92,6 +94,7 @@ public class AsymmetricBindingBuilder im
                 continue;
             }
 
+            
             if (SPConstants.INITIATOR_TOKEN.equals(name.getLocalPart())) {
                 asymmetricBinding.setInitiatorToken((InitiatorToken)assertion);
                 
@@ -112,7 +115,6 @@ public class AsymmetricBindingBuilder im
                 asymmetricBinding.setRecipientEncryptionToken((RecipientEncryptionToken)assertion);
 
             } else if (SPConstants.ALGO_SUITE.equals(name.getLocalPart())) {
-                foundAlgorithmSuite = true;
                 asymmetricBinding.setAlgorithmSuite((AlgorithmSuite)assertion);
 
             } else if (SPConstants.LAYOUT.equals(name.getLocalPart())) {
@@ -137,12 +139,6 @@ public class AsymmetricBindingBuilder im
                 asymmetricBinding.setEntireHeadersAndBodySignatures(true);
             }
         }
-        
-        if (!foundAlgorithmSuite && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:AsymmetricBinding/wsp:Policy/sp:AlgorithmSuite must have a value"
-            );
-        }
     }
 
 }

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/EncryptedPartsBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/EncryptedPartsBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/EncryptedPartsBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/EncryptedPartsBuilder.java
Wed Feb 15 13:31:23 2012
@@ -75,11 +75,6 @@ public class EncryptedPartsBuilder imple
                 nameAttribute = "";
             }
             String namespaceAttribute = element.getAttribute(SPConstants.NAMESPACE);
-            if ("".equals(namespaceAttribute)) {
-                throw new IllegalArgumentException(
-                    "sp:EncryptedParts/sp:Header@Namespace must have a value"
-                );
-            }
             parent.addHeader(new Header(nameAttribute, namespaceAttribute));
 
         } else if ("Body".equals(element.getLocalName())) {

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -67,28 +67,26 @@ public class HttpsTokenBuilder implement
         httpsToken.setIgnorable(PolicyConstants.isIgnorable(element));
 
         if (consts.getVersion() == SPConstants.Version.SP_V11) {
-            String attr = DOMUtils.getAttribute(element, SPConstants.REQUIRE_CLIENT_CERTIFICATE);
+            String attr = DOMUtils.getAttribute(element,
+                                                SPConstants.REQUIRE_CLIENT_CERTIFICATE);
             if (attr != null) {
                 httpsToken.setRequireClientCertificate("true".equals(attr));
             }
         } else {
             Element polEl = PolicyConstants.findPolicyElement(element);
-            if (polEl == null) {
-                throw new IllegalArgumentException(
-                    "sp:HttpsToken/wsp:Policy must have a value"
-                );
-            }
-            
-            Element child = DOMUtils.getFirstElement(polEl);
-            if (child != null) {
-                if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child)))
{
-                    httpsToken.setHttpBasicAuthentication(true);
-                } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
-                        .equals(DOMUtils.getElementQName(child))) {
-                    httpsToken.setHttpDigestAuthentication(true);
-                } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
-                        .equals(DOMUtils.getElementQName(child))) {
-                    httpsToken.setRequireClientCertificate(true);
+             
+            if (polEl != null) {
+                Element child = DOMUtils.getFirstElement(polEl);
+                if (child != null) {
+                    if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child)))
{
+                        httpsToken.setHttpBasicAuthentication(true);
+                    } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
+                            .equals(DOMUtils.getElementQName(child))) {
+                        httpsToken.setHttpDigestAuthentication(true);
+                    } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
+                            .equals(DOMUtils.getElementQName(child))) {
+                        httpsToken.setRequireClientCertificate(true);
+                    }
                 }
             }
         }

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -67,8 +67,6 @@ public class IssuedTokenBuilder implemen
         }
         
         Element child = DOMUtils.getFirstElement(element);
-        boolean foundPolicy = false;
-        boolean foundRST = false;
         while (child != null) {
             String ln = child.getLocalName();
             if (SP11Constants.ISSUER.getLocalPart().equals(ln)) {
@@ -99,10 +97,8 @@ public class IssuedTokenBuilder implemen
     
                 issuedToken.setIssuerMex(issuerMex);
             } else if (SPConstants.REQUEST_SECURITY_TOKEN_TEMPLATE.equals(ln)) {
-                foundRST = true;
                 issuedToken.setRstTemplate(child);
             } else if (org.apache.neethi.Constants.ELEM_POLICY.equals(ln)) {
-                foundPolicy = true;
                 Policy policy = builder.getPolicy(child);
                 policy = (Policy)policy.normalize(builder.getPolicyRegistry(), false);
 
@@ -114,18 +110,6 @@ public class IssuedTokenBuilder implemen
             
             child = DOMUtils.getNextElement(child);
         }
-        
-        if (!foundPolicy && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:IssuedToken/wsp:Policy must have a value"
-            );
-        }
-        if (!foundRST) {
-            throw new IllegalArgumentException(
-                "sp:IssuedToken/sp:RequestSecurityTokenTemplate must have a value"
-            );
-        }
-        
         return issuedToken;
     }
 

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -55,15 +55,13 @@ public class KerberosTokenBuilder implem
 
         String attribute = element.getAttributeNS(element.getNamespaceURI(), SPConstants.ATTR_INCLUDE_TOKEN);
         if (attribute != null) {
-            kerberosToken.setInclusion(consts.getInclusionFromAttributeValue(attribute.trim()));
+            kerberosToken.setInclusion(consts.getInclusionFromAttributeValue(attribute));
         }
         
         Element child = DOMUtils.getFirstElement(element);
-        boolean foundPolicy = false;
         while (child != null) {
             String ln = child.getLocalName();
             if (org.apache.neethi.Constants.ELEM_POLICY.equals(ln)) {
-                foundPolicy = true;
                 NodeList policyChildren = child.getChildNodes();
                 if (policyChildren != null) {
                     for (int i = 0; i < policyChildren.getLength(); i++) {
@@ -85,12 +83,6 @@ public class KerberosTokenBuilder implem
             }
             child = DOMUtils.getNextElement(child);
         }
-        
-        if (!foundPolicy && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:KerberosToken/wsp:Policy must have a value"
-            );
-        }
         return kerberosToken;
     }
 

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -61,16 +61,13 @@ public class KeyValueTokenBuilder implem
         }
 
         Element polEl = PolicyConstants.findPolicyElement(element);
-        if (polEl == null) {
-            throw new IllegalArgumentException(
-                "sp:KeyValueToken/wsp:Policy must have a value"
-            );
-        }
-        Element child = DOMUtils.getFirstElement(polEl);
-        if (child != null) {
-            QName qname = new QName(child.getNamespaceURI(), child.getLocalName());
-            if ("RsaKeyValue".equals(qname.getLocalPart())) {
-                token.setForceRsaKeyValue(true);
+        if (polEl != null) {
+            Element child = DOMUtils.getFirstElement(polEl);
+            if (child != null) {
+                QName qname = new QName(child.getNamespaceURI(), child.getLocalName());
+                if ("RsaKeyValue".equals(qname.getLocalPart())) {
+                    token.setForceRsaKeyValue(true);
+                }
             }
         }
         return token;

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/LayoutBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/LayoutBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/LayoutBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/LayoutBuilder.java
Wed Feb 15 13:31:23 2012
@@ -55,11 +55,6 @@ public class LayoutBuilder implements As
 
     public void processAlternative(Element element, Layout parent, SPConstants consts) {
         Element polEl = PolicyConstants.findPolicyElement(element);
-        if (polEl == null && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:Layout/wsp:Policy must have a value"
-            );
-        }
         if (polEl != null) {
             Element child = DOMUtils.getFirstElement(polEl);
             if (child != null) {

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/RequiredPartsBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/RequiredPartsBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/RequiredPartsBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/RequiredPartsBuilder.java
Wed Feb 15 13:31:23 2012
@@ -61,11 +61,6 @@ public class RequiredPartsBuilder implem
             }
 
             String namespaceAttribute = element.getAttribute(SPConstants.NAMESPACE);
-            if ("".equals(namespaceAttribute)) {
-                throw new IllegalArgumentException(
-                    "sp:RequiredParts/sp:Header@Namespace must have a value"
-                );
-            }
             parent.addHeader(new Header(nameAttribute, namespaceAttribute));
         }
     }

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -59,11 +59,9 @@ public class SamlTokenBuilder implements
         }
         
         Element child = DOMUtils.getFirstElement(element);
-        boolean foundPolicy = false;
         while (child != null) {
             String ln = child.getLocalName();
             if (org.apache.neethi.Constants.ELEM_POLICY.equals(ln)) {
-                foundPolicy = true;
                 NodeList policyChildren = child.getChildNodes();
                 if (policyChildren != null) {
                     for (int i = 0; i < policyChildren.getLength(); i++) {
@@ -93,13 +91,6 @@ public class SamlTokenBuilder implements
             }
             child = DOMUtils.getNextElement(child);
         }
-        
-        if (!foundPolicy && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:SpnegoContextToken/wsp:Policy must have a value"
-            );
-        }
-        
         return samlToken;
     }
 

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -58,16 +58,20 @@ public class SecureConversationTokenBuil
         conversationToken.setIgnorable(PolicyConstants.isIgnorable(element));
 
         String attribute = DOMUtils.getAttribute(element, consts.getIncludeToken());
-        if (attribute != null) {
-            conversationToken.setInclusion(consts.getInclusionFromAttributeValue(attribute.trim()));
+        if (attribute == null) {
+            throw new IllegalArgumentException("SecureConversationToken doesn't contain "
+                                               + "any sp:IncludeToken attribute");
         }
+
+        String inclusionValue = attribute.trim();
+
+        conversationToken.setInclusion(consts.getInclusionFromAttributeValue(inclusionValue));
+
         
         Element elem = DOMUtils.getFirstElement(element);
-        boolean foundPolicy = false;
         while (elem != null) {
             QName qn = DOMUtils.getElementQName(elem);
             if (Constants.isPolicyElement(qn)) {
-                foundPolicy = true;
                 if (DOMUtils.getFirstChildWithName(elem, 
                                                    consts.getNamespace(),
                                                    SPConstants.REQUIRE_DERIVED_KEYS) != null)
{
@@ -118,12 +122,6 @@ public class SecureConversationTokenBuil
             elem = DOMUtils.getNextElement(elem);
         }
         
-        if (!foundPolicy && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:SecureConversationToken/wsp:Policy must have a value"
-            );
-        }
-        
         return conversationToken;
     }
 

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -54,31 +54,27 @@ public class SecurityContextTokenBuilder
         }
 
         element = PolicyConstants.findPolicyElement(element);
-        if (element == null && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:SecurityContextToken/wsp:Policy must have a value"
-            );
-        }
 
         if (element != null) {
+
             if (DOMUtils.getFirstChildWithName(element, 
-                    consts.getNamespace(),
-                    SPConstants.REQUIRE_DERIVED_KEYS) != null) {
+                                               consts.getNamespace(),
+                                               SPConstants.REQUIRE_DERIVED_KEYS) != null)
{
                 contextToken.setDerivedKeys(true);
             }
-    
+
             if (DOMUtils.getFirstChildWithName(element, 
-                    consts.getNamespace(),
-                    SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE) != null) {
+                                               consts.getNamespace(),
+                                               SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE)
!= null) {
                 contextToken.setRequireExternalUriRef(true);
             }
-    
+
             if (DOMUtils.getFirstChildWithName(element,
-                    consts.getNamespace(),
-                    SPConstants.SC10_SECURITY_CONTEXT_TOKEN) != null) {
+                                               consts.getNamespace(),
+                                               SPConstants.SC10_SECURITY_CONTEXT_TOKEN) !=
null) {
                 contextToken.setSc10SecurityContextToken(true);
             }
-    
+            
             if (DOMUtils.getFirstChildWithName(element,
                     consts.getNamespace(),
                     SPConstants.SC13_SECURITY_CONTEXT_TOKEN) != null) {

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SignedPartsBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SignedPartsBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SignedPartsBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SignedPartsBuilder.java
Wed Feb 15 13:31:23 2012
@@ -77,11 +77,6 @@ public class SignedPartsBuilder implemen
                 nameAttribute = "";
             }
             String namespaceAttribute = element.getAttribute(SPConstants.NAMESPACE);
-            if ("".equals(namespaceAttribute)) {
-                throw new IllegalArgumentException(
-                    "sp:SignedParts/sp:Header@Namespace must have a value"
-                );
-            }
 
             parent.addHeader(new Header(nameAttribute, namespaceAttribute));
 

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -58,16 +58,19 @@ public class SpnegoContextTokenBuilder i
         spnegoContextToken.setIgnorable(PolicyConstants.isIgnorable(element));
         
         String attribute = DOMUtils.getAttribute(element, consts.getIncludeToken());
-        if (attribute != null) {
-            spnegoContextToken.setInclusion(consts.getInclusionFromAttributeValue(attribute.trim()));
+        if (attribute == null) {
+            throw new IllegalArgumentException("SpnegoContextToken doesn't contain "
+                                               + "any sp:IncludeToken attribute");
         }
 
+        String inclusionValue = attribute.trim();
+
+        spnegoContextToken.setInclusion(consts.getInclusionFromAttributeValue(inclusionValue));
+
         Element elem = DOMUtils.getFirstElement(element);
-        boolean foundPolicy = false;
         while (elem != null) {
             QName qn = DOMUtils.getElementQName(elem);
             if (Constants.isPolicyElement(qn)) {
-                foundPolicy = true;
                 if (DOMUtils.getFirstChildWithName(elem, consts.getNamespace(),
                         SPConstants.REQUIRE_DERIVED_KEYS) != null) {
                     spnegoContextToken.setDerivedKeys(true);
@@ -84,12 +87,6 @@ public class SpnegoContextTokenBuilder i
             }
             elem = DOMUtils.getNextElement(elem);
         }
-        
-        if (!foundPolicy && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:SpnegoContextToken/wsp:Policy must have a value"
-            );
-        }
         return spnegoContextToken;
     }
 

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SymmetricBindingBuilder.java
Wed Feb 15 13:31:23 2012
@@ -61,26 +61,24 @@ public class SymmetricBindingBuilder imp
         Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
         policy = (Policy)policy.normalize(builder.getPolicyRegistry(), false);
 
-        Iterator<List<Assertion>> iterator = policy.getAlternatives();
-        if (!iterator.hasNext()) {
-            throw new IllegalArgumentException(
-                "sp:SymmetricBinding must specify at least one alternative"
-            );
-        }
-        processAlternatives(iterator.next(), symmetricBinding, consts);
+        for (Iterator iterator = policy.getAlternatives(); iterator.hasNext();) {
+            processAlternatives((List)iterator.next(), symmetricBinding, consts);
 
+            /*
+             * since there should be only one alternative ..
+             */
+            break;
+        }
         return symmetricBinding;
     }
 
 
-    private void processAlternatives(
-        List<Assertion> assertions,
-        SymmetricBinding symmetricBinding,
-        SPConstants consts
-    ) {
+    private void processAlternatives(List assertions, SymmetricBinding symmetricBinding,
SPConstants consts) {
+        Assertion assertion;
         QName name;
-        boolean foundAlgorithmSuite = false;
-        for (Assertion assertion : assertions) {
+
+        for (Iterator iterator = assertions.iterator(); iterator.hasNext();) {
+            assertion = (Assertion)iterator.next();
             name = assertion.getName();
 
             if (!consts.getNamespace().equals(name.getNamespaceURI())
@@ -89,7 +87,6 @@ public class SymmetricBindingBuilder imp
             }
 
             if (SPConstants.ALGO_SUITE.equals(name.getLocalPart())) {
-                foundAlgorithmSuite = true;
                 symmetricBinding.setAlgorithmSuite((AlgorithmSuite)assertion);
 
             } else if (SPConstants.LAYOUT.equals(name.getLocalPart())) {
@@ -115,11 +112,5 @@ public class SymmetricBindingBuilder imp
                 symmetricBinding.setTokenProtection(true);
             } 
         }
-        
-        if (!foundAlgorithmSuite && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:SymmetricBinding/wsp:Policy/sp:AlgorithmSuite must have a value"
-            );
-        }
     }
 }

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
Wed Feb 15 13:31:23 2012
@@ -68,8 +68,6 @@ public class TransportBindingBuilder imp
                                     SPConstants consts,
                                     AssertionBuilderFactory factory) {
         Element polEl = DOMUtils.getFirstElement(element);
-        boolean foundTransportToken = false;
-        boolean foundAlgorithmSuite = false;
         while (polEl != null) {
             if (Constants.isPolicyElement(new QName(polEl.getNamespaceURI(),
                                                        polEl.getLocalName()))) {
@@ -77,11 +75,9 @@ public class TransportBindingBuilder imp
                 while (child != null) {
                     String name = child.getLocalName();
                     if (name.equals(SPConstants.ALGO_SUITE)) {
-                        foundAlgorithmSuite = true;
                         parent.setAlgorithmSuite((AlgorithmSuite)new AlgorithmSuiteBuilder(bus)
                             .build(child, factory));
                     } else if (name.equals(SPConstants.TRANSPORT_TOKEN)) {
-                        foundTransportToken = true;
                         parent.setTransportToken((TransportToken)new TransportTokenBuilder(builder)
                                                         .build(child, factory));
                     } else if (name.equals(SPConstants.INCLUDE_TIMESTAMP)) {
@@ -107,17 +103,6 @@ public class TransportBindingBuilder imp
             polEl = DOMUtils.getNextElement(polEl);
         }
         
-        if (!foundTransportToken && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:TransportBinding/wsp:Policy/sp:TransportToken must have a value"
-            );
-        }
-        if (!foundAlgorithmSuite) {
-            throw new IllegalArgumentException(
-                "sp:TransportBinding/wsp:Policy/sp:AlgorithmSuite must have a value"
-            );
-        }
-        
     }
 
 }

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -59,11 +59,6 @@ public class UsernameTokenBuilder implem
         }
 
         Element polEl = PolicyConstants.findPolicyElement(element);
-        if (polEl == null && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:UsernameToken/wsp:Policy must have a value"
-            );
-        }
         if (polEl != null) {
             NodeList children = polEl.getChildNodes();
             if (children != null) {

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
Wed Feb 15 13:31:23 2012
@@ -54,11 +54,6 @@ public class X509TokenBuilder implements
         x509Token.setIgnorable(PolicyConstants.isIgnorable(element));
 
         Element policyElement = DOMUtils.getFirstElement(element);
-        if (policyElement == null && consts != SP11Constants.INSTANCE) {
-            throw new IllegalArgumentException(
-                "sp:X509Token/wsp:Policy must have a value"
-            );
-        }
 
         // Process token inclusion
         String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
@@ -70,27 +65,29 @@ public class X509TokenBuilder implements
         }
 
         if (policyElement != null) {
+
             if (DOMUtils.getFirstChildWithName(policyElement, consts.getRequiredDerivedKeys())
!= null) {
                 x509Token.setDerivedKeys(true);
             } else if (DOMUtils.getFirstChildWithName(policyElement, 
-                    SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS) != null) {
+                                                      SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS)
!= null) {
                 x509Token.setImpliedDerivedKeys(true);
             } else if (DOMUtils.getFirstChildWithName(policyElement, 
-                    SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS) != null) {
+                                                      SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS)
!= null) {
                 x509Token.setExplicitDerivedKeys(true);
             }
-        }
 
-        Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
-        policy = policy.normalize(builder.getPolicyRegistry(), false);
 
-        for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();)
{
-            processAlternative(iterator.next(), x509Token, consts);
+            Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
+            policy = (Policy)policy.normalize(builder.getPolicyRegistry(), false);
 
-            /*
-             * since there should be only one alternative
-             */
-            break;
+            for (Iterator iterator = policy.getAlternatives(); iterator.hasNext();) {
+                processAlternative((List)iterator.next(), x509Token, consts);
+
+                /*
+                 * since there should be only one alternative
+                 */
+                break;
+            }
         }
         return x509Token;
     }

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
Wed Feb 15 13:31:23 2012
@@ -77,6 +77,9 @@ public class PolicyBasedWss4JInOutTest e
                 Arrays.asList(CoverageType.SIGNED));
     }
     
+    // TODO this test does not follow the traditional pattern as no server-side enforcement
+    // of algorithm suites yet exists.  This support is blocked on WSS4J patches.  In the
interim
+    // the outbound side is tested ONLY.
     @Test
     public void testSignedElementsWithIssuedSAMLToken() throws Exception {
         this.runOutInterceptorAndValidateSamlTokenAttached(

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/signed_elements_with_sst_issued_token_policy.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/signed_elements_with_sst_issued_token_policy.xml?rev=1244479&r1=1244478&r2=1244479&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/signed_elements_with_sst_issued_token_policy.xml
(original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/signed_elements_with_sst_issued_token_policy.xml
Wed Feb 15 13:31:23 2012
@@ -25,7 +25,6 @@
                 </wst:Participants>
                 <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</wst:KeyType>
               </sp:RequestSecurityTokenTemplate>
-              <wsp:Policy/>
            </sp:IssuedToken>
         </wsp:Policy>
       </sp:SignedSupportingTokens>



Mime
View raw message