cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1400824 - in /cxf/branches/2.5.x-fixes: rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
Date Mon, 22 Oct 2012 10:08:09 GMT
Author: coheigea
Date: Mon Oct 22 10:08:09 2012
New Revision: 1400824

URL: http://svn.apache.org/viewvc?rev=1400824&view=rev
Log:
Merged revisions 1400819 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/branches/2.6.x-fixes

........
  r1400819 | coheigea | 2012-10-22 10:58:26 +0100 (Mon, 22 Oct 2012) | 10 lines

  Merged revisions 1400809 via  git cherry-pick from
  https://svn.apache.org/repos/asf/cxf/trunk

  ........
    r1400809 | coheigea | 2012-10-22 10:06:26 +0100 (Mon, 22 Oct 2012) | 2 lines

    [CXF-4587] - Signature Confirmation does not work with TransportBinding and EndorsingSupportingToken

  ........

........

Modified:
    cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
    cxf/branches/2.5.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl

Modified: cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=1400824&r1=1400823&r2=1400824&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
(original)
+++ cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
Mon Oct 22 10:08:09 2012
@@ -118,9 +118,9 @@ public class TransportBindingHandler ext
         
     }
     
-    private static void addSig(List<byte[]> signatureValues, byte[] val) {
-        if (val != null) {
-            signatureValues.add(val);
+    private void addSig(byte[] val) {
+        if (val != null && val.length > 0) {
+            signatures.add(val);
         }
     }
     
@@ -215,7 +215,6 @@ public class TransportBindingHandler ext
      */
     private void handleEndorsingSupportingTokens() throws Exception {
         Collection<AssertionInfo> ais;
-        List<byte[]> signatureValues = new ArrayList<byte[]>();
         
         ais = aim.get(SP12Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS);
         if (ais != null) {
@@ -226,7 +225,7 @@ public class TransportBindingHandler ext
             }
             if (sgndSuppTokens != null) {
                 for (Token token : sgndSuppTokens.getTokens()) {
-                    handleEndorsingToken(token, sgndSuppTokens, signatureValues);
+                    handleEndorsingToken(token, sgndSuppTokens);
                 }
             }
         }
@@ -241,7 +240,7 @@ public class TransportBindingHandler ext
             
             if (endSuppTokens != null) {
                 for (Token token : endSuppTokens.getTokens()) {
-                    handleEndorsingToken(token, endSuppTokens, signatureValues);
+                    handleEndorsingToken(token, endSuppTokens);
                 }
             }
         }
@@ -255,7 +254,7 @@ public class TransportBindingHandler ext
             
             if (endSuppTokens != null) {
                 for (Token token : endSuppTokens.getTokens()) {
-                    handleEndorsingToken(token, endSuppTokens, signatureValues);
+                    handleEndorsingToken(token, endSuppTokens);
                 }
             }
         }
@@ -269,37 +268,28 @@ public class TransportBindingHandler ext
             
             if (endSuppTokens != null) {
                 for (Token token : endSuppTokens.getTokens()) {
-                    handleEndorsingToken(token, endSuppTokens, signatureValues);
+                    handleEndorsingToken(token, endSuppTokens);
                 }
             }
         }
     }
     
     private void handleEndorsingToken(
-        Token token, SupportingToken wrapper, List<byte[]> signatureValues
+        Token token, SupportingToken wrapper
     ) throws Exception {
         if (token instanceof IssuedToken
             || token instanceof SecureConversationToken
             || token instanceof SecurityContextToken
             || token instanceof KerberosToken) {
-            addSig(
-                signatureValues, 
-                doIssuedTokenSignature(token, wrapper)
-            );
+            addSig(doIssuedTokenSignature(token, wrapper));
         } else if (token instanceof X509Token
             || token instanceof KeyValueToken) {
-            addSig(
-                signatureValues, 
-                doX509TokenSignature(token, wrapper)
-            );
+            addSig(doX509TokenSignature(token, wrapper));
         } else if (token instanceof SamlToken) {
             AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
             assertionWrapper.toDOM(saaj.getSOAPPart());
             storeAssertionAsSecurityToken(assertionWrapper);
-            addSig(
-                signatureValues, 
-                doIssuedTokenSignature(token, wrapper)
-            );
+            addSig(doIssuedTokenSignature(token, wrapper));
         } else if (token instanceof UsernameToken) {
             // Create a UsernameToken object for derived keys and store the security token
             WSSecUsernameToken usernameToken = addDKUsernameToken((UsernameToken)token, true);
@@ -315,10 +305,7 @@ public class TransportBindingHandler ext
             getTokenStore().add(tempTok);
             message.setContextualProperty(SecurityConstants.TOKEN, tempTok);
             
-            addSig(
-                signatureValues, 
-                doIssuedTokenSignature(token, wrapper)
-            );
+            addSig(doIssuedTokenSignature(token, wrapper));
         }
     }
     

Modified: cxf/branches/2.5.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl?rev=1400824&r1=1400823&r2=1400824&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
(original)
+++ cxf/branches/2.5.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
Mon Oct 22 10:08:09 2012
@@ -498,6 +498,11 @@
                         </sp:SamlToken>
                     </wsp:Policy>
                 </sp:EndorsingSupportingTokens>
+                <sp:Wss11>
+                    <wsp:Policy>
+                        <sp:RequireSignatureConfirmation/>
+                    </wsp:Policy>
+                </sp:Wss11>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>



Mime
View raw message