cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1344045 - in /cxf/branches/2.5.x-fixes: ./ distribution/src/main/release/samples/sts/src/demo/wssec/client/ distribution/src/main/release/samples/sts/src/demo/wssec/server/ distribution/src/main/release/samples/sts/src/demo/wssec/sts/
Date Tue, 29 May 2012 23:16:12 GMT
Author: dkulp
Date: Tue May 29 23:16:11 2012
New Revision: 1344045

URL: http://svn.apache.org/viewvc?rev=1344045&view=rev
Log:
Merged revisions 1344008 via  svn merge from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1344008 | gmazza | 2012-05-29 17:39:01 -0400 (Tue, 29 May 2012) | 1 line
  
  Better commenting, formatting, more robust password callback handlers added.
........

Modified:
    cxf/branches/2.5.x-fixes/   (props changed)
    cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/ClientCallbackHandler.java
    cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/wssec-client.xml
    cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/server/ServerCallbackHandler.java
    cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/STSCallbackHandler.java
    cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml

Propchange: cxf/branches/2.5.x-fixes/
            ('svn:mergeinfo' removed)

Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/ClientCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/ClientCallbackHandler.java?rev=1344045&r1=1344044&r2=1344045&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/ClientCallbackHandler.java
(original)
+++ cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/ClientCallbackHandler.java
Tue May 29 23:16:11 2012
@@ -31,18 +31,19 @@ public class ClientCallbackHandler imple
         for (int i = 0; i < callbacks.length; i++) {
             if (callbacks[i] instanceof WSPasswordCallback) {
                 WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
-                if ("myclientkey".equals(pc.getIdentifier())) {
-                    pc.setPassword("ckpass");
-                    break;
-                } else if ("alice".equals(pc.getIdentifier())) {
-                    pc.setPassword("clarinet");
-                    break;
-                } else if ("bob".equals(pc.getIdentifier())) {
-                    pc.setPassword("trombone");
-                    break;
-                } else if ("eve".equals(pc.getIdentifier())) {
-                    pc.setPassword("evekpass");
-                    break;
+                if (pc.getUsage() == WSPasswordCallback.DECRYPT || 
+                    pc.getUsage() == WSPasswordCallback.SIGNATURE) {
+                    if ("myclientkey".equals(pc.getIdentifier())) {
+                        pc.setPassword("ckpass");
+                    }
+                } else if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) {
+                    if ("alice".equals(pc.getIdentifier())) {
+                        pc.setPassword("clarinet");
+                        break;
+                    } else if ("bob".equals(pc.getIdentifier())) {
+                        pc.setPassword("trombone");
+                        break;
+                    }
                 }
             }
         }

Modified: cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/wssec-client.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/wssec-client.xml?rev=1344045&r1=1344044&r2=1344045&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/wssec-client.xml
(original)
+++ cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/client/wssec-client.xml
Tue May 29 23:16:11 2012
@@ -66,8 +66,14 @@
                                   value="demo.wssec.client.ClientCallbackHandler"/>
                            <entry key="ws-security.encryption.properties" value="keys/clientKeystore.properties"/>

                            <entry key="ws-security.encryption.username" value="mystskey"/>
+                           <!-- Because of the PublicKey requirement in the InitiatorToken
element
+                                in the WSP WSDL, the client needs to have the STS add its
public
+                                key to the SAML assertion, as configured in the three lines
below.  
+                           -->                        
                            <entry key="ws-security.sts.token.username" value="myclientkey"/>
                            <entry key="ws-security.sts.token.properties" value="keys/clientKeystore.properties"/>

+                           <!-- If usecert = true, sends entire certificate in an X509Certificate
element, else
+                                sends cert ID in a KeyValue element -->
                            <entry key="ws-security.sts.token.usecert" value="true"/>

                        </map>
                    </property>

Modified: cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/server/ServerCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/server/ServerCallbackHandler.java?rev=1344045&r1=1344044&r2=1344045&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/server/ServerCallbackHandler.java
(original)
+++ cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/server/ServerCallbackHandler.java
Tue May 29 23:16:11 2012
@@ -29,7 +29,7 @@ public class ServerCallbackHandler imple
     public void handle(Callback[] callbacks) throws IOException,
             UnsupportedCallbackException {
         for (int i = 0; i < callbacks.length; i++) {
-            if (callbacks[i] instanceof WSPasswordCallback) { // CXF
+            if (callbacks[i] instanceof WSPasswordCallback) {
                 WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
                 if ("myservicekey".equals(pc.getIdentifier())) {
                     pc.setPassword("skpass");

Modified: cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/STSCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/STSCallbackHandler.java?rev=1344045&r1=1344044&r2=1344045&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/STSCallbackHandler.java
(original)
+++ cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/STSCallbackHandler.java
Tue May 29 23:16:11 2012
@@ -31,14 +31,18 @@ public class STSCallbackHandler implemen
         for (int i = 0; i < callbacks.length; i++) {
             if (callbacks[i] instanceof WSPasswordCallback) {
                 WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
-                if ("mystskey".equals(pc.getIdentifier())) {
-                    pc.setPassword("stskpass");
-                    break;
-                } else if ("alice".equals(pc.getIdentifier())) {
-                    pc.setPassword("clarinet");
-                    break;
+                if (pc.getUsage() == WSPasswordCallback.DECRYPT || 
+                    pc.getUsage() == WSPasswordCallback.SIGNATURE) {
+                    if ("mystskey".equals(pc.getIdentifier())) {
+                        pc.setPassword("stskpass");
+                    }
+                } else if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) {
+                    if ("alice".equals(pc.getIdentifier())) {
+                        pc.setPassword("clarinet");
+                    }
                 }
             }
         }
     }
 }
+

Modified: cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml?rev=1344045&r1=1344044&r2=1344045&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml
(original)
+++ cxf/branches/2.5.x-fixes/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml
Tue May 29 23:16:11 2012
@@ -16,13 +16,9 @@
   specific language governing permissions and limitations
   under the License.
 -->
-<beans 
-    xmlns="http://www.springframework.org/schema/beans"
-    xmlns:cxf="http://cxf.apache.org/core"
-    xmlns:jaxws="http://cxf.apache.org/jaxws"
-    xmlns:test="http://apache.org/hello_world_soap_http"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns:util="http://www.springframework.org/schema/util"
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core"
+    xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:test="http://apache.org/hello_world_soap_http"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
     xsi:schemaLocation="
         http://cxf.apache.org/core
         http://cxf.apache.org/schemas/core.xsd
@@ -35,68 +31,58 @@
 
     <cxf:bus>
         <cxf:features>
-            <cxf:logging/>
+            <cxf:logging />
         </cxf:features>
     </cxf:bus>
 
     <bean id="utSTSProviderBean"
-		class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
-		<property name="issueOperation" ref="utIssueDelegate"/>
-		<property name="validateOperation" ref="utValidateDelegate"/>
-	</bean>	
-
-	<bean id="utIssueDelegate"
-		class="org.apache.cxf.sts.operation.TokenIssueOperation">
-		<property name="tokenProviders" ref="utSamlTokenProvider"/>
-		<property name="services" ref="utService"/>
-		<property name="stsProperties" ref="utSTSProperties"/>
-	</bean>
-	
-	<bean id="utValidateDelegate"
-	    class="org.apache.cxf.sts.operation.TokenValidateOperation">
-	    <property name="tokenValidators" ref="utSamlTokenValidator"/>
-		<property name="stsProperties" ref="utSTSProperties"/>
-	</bean>
-	
-	<bean id="utSamlTokenProvider"
-		class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
-    </bean>
-    
-    <bean id="utSamlTokenValidator"
-		class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
-    </bean>
-    
-    <bean id="utService"
-        class="org.apache.cxf.sts.service.StaticService">
-        <property name="endpoints" ref="utEndpoints"/>
+        class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+        <property name="issueOperation" ref="utIssueDelegate" />
+        <property name="validateOperation" ref="utValidateDelegate" />
     </bean>
-    
+
+    <bean id="utIssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
+        <property name="tokenProviders" ref="utSamlTokenProvider" />
+        <property name="services" ref="utService" />
+        <property name="stsProperties" ref="utSTSProperties" />
+    </bean>
+
+    <bean id="utValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
+        <property name="tokenValidators" ref="utSamlTokenValidator" />
+        <property name="stsProperties" ref="utSTSProperties" />
+    </bean>
+
+    <bean id="utSamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+    </bean>
+
+    <bean id="utSamlTokenValidator" class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
+    </bean>
+
+    <bean id="utService" class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="utEndpoints" />
+    </bean>
+
     <util:list id="utEndpoints">
-		<value>http://localhost:(\d)*/SoapContext/SoapPort</value>
-	</util:list>
-	
-	<bean id="utSTSProperties"
-	     class="org.apache.cxf.sts.StaticSTSProperties">
-	    <property name="signaturePropertiesFile" value="keys/stsKeystore.properties"/>
-		<property name="signatureUsername" value="mystskey"/>
-		<property name="callbackHandlerClass" value="demo.wssec.sts.STSCallbackHandler"/>
-		<property name="issuer" value="DoubleItSTSIssuer"/>
-    </bean>
-    
-	<jaxws:endpoint id="UTSTS"
-		implementor="#utSTSProviderBean"
-		address="http://localhost:8080/SecurityTokenService/UT" 
-        wsdlLocation="wsdl/ws-trust-1.4-service.wsdl"
+        <value>http://localhost:(\d)*/SoapContext/SoapPort</value>
+    </util:list>
+
+    <bean id="utSTSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+        <property name="signaturePropertiesFile" value="keys/stsKeystore.properties" />
+        <property name="signatureUsername" value="mystskey" />
+        <property name="callbackHandlerClass" value="demo.wssec.sts.STSCallbackHandler"
/>
+        <property name="issuer" value="DoubleItSTSIssuer" />
+    </bean>
+
+    <jaxws:endpoint id="UTSTS" implementor="#utSTSProviderBean"
+        address="http://localhost:8080/SecurityTokenService/UT" wsdlLocation="wsdl/ws-trust-1.4-service.wsdl"
         xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
-        serviceName="ns1:SecurityTokenService"
-        endpointName="ns1:UT_Port">
+        serviceName="ns1:SecurityTokenService" endpointName="ns1:UT_Port">
         <jaxws:properties>
-            <entry key="ws-security.callback-handler" value="demo.wssec.sts.STSCallbackHandler"/>
-            <entry key="ws-security.signature.properties" value="keys/stsKeystore.properties"/>
-            <entry key="ws-security.signature.username" value="mystskey"/>
-        </jaxws:properties> 
-	</jaxws:endpoint>
-	
+            <entry key="ws-security.callback-handler" value="demo.wssec.sts.STSCallbackHandler"
/>
+            <entry key="ws-security.signature.properties" value="keys/stsKeystore.properties"
/>
+            <entry key="ws-security.signature.username" value="mystskey" />
+        </jaxws:properties>
+    </jaxws:endpoint>
 
 </beans>
 



Mime
View raw message