cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1448193 - in /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security: policy/builders/ policy/interceptors/ policy/model/ trust/
Date Wed, 20 Feb 2013 14:42:21 GMT
Author: coheigea
Date: Wed Feb 20 14:42:21 2013
New Revision: 1448193

URL: http://svn.apache.org/r1448193
Log:
[CXF-4843] - STSClient always uses "old" WS-Policy namespace for AppliesTo

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Token.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/HttpsTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -81,6 +81,7 @@ public class HttpsTokenBuilder implement
             if (polEl == null) {
                 LOG.warning("sp:HttpsToken/wsp:Policy should have a value!");
             } else {
+                httpsToken.setPolicy(polEl);
                 Element child = DOMUtils.getFirstElement(polEl);
                 if (child != null) {
                     if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child)))
{

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/IssuedTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -86,6 +86,7 @@ public class IssuedTokenBuilder implemen
                 foundPolicy = true;
                 Policy policy = builder.getPolicy(child);
                 policy = policy.normalize(builder.getPolicyRegistry(), false);
+                issuedToken.setPolicy(child);
 
                 for (Iterator<List<Assertion>> iterator = policy.getAlternatives();
iterator.hasNext();) {
                     processAlternative(iterator.next(), issuedToken);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KerberosTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -64,6 +64,7 @@ public class KerberosTokenBuilder implem
             String ln = child.getLocalName();
             if (org.apache.neethi.Constants.ELEM_POLICY.equals(ln)) {
                 foundPolicy = true;
+                kerberosToken.setPolicy(child);
                 NodeList policyChildren = child.getChildNodes();
                 if (policyChildren != null) {
                     for (int i = 0; i < policyChildren.getLength(); i++) {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/KeyValueTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -66,6 +66,8 @@ public class KeyValueTokenBuilder implem
                 "sp:KeyValueToken/wsp:Policy must have a value"
             );
         }
+        
+        token.setPolicy(polEl);
         Element child = DOMUtils.getFirstElement(polEl);
         if (child != null) {
             QName qname = new QName(child.getNamespaceURI(), child.getLocalName());

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SamlTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -64,6 +64,7 @@ public class SamlTokenBuilder implements
             String ln = child.getLocalName();
             if (org.apache.neethi.Constants.ELEM_POLICY.equals(ln)) {
                 foundPolicy = true;
+                samlToken.setPolicy(child);
                 NodeList policyChildren = child.getChildNodes();
                 if (policyChildren != null) {
                     for (int i = 0; i < policyChildren.getLength(); i++) {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecureConversationTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -68,6 +68,7 @@ public class SecureConversationTokenBuil
             QName qn = DOMUtils.getElementQName(elem);
             if (Constants.isPolicyElement(qn)) {
                 foundPolicy = true;
+                conversationToken.setPolicy(elem);
                 if (DOMUtils.getFirstChildWithName(elem, 
                                                    consts.getNamespace(),
                                                    SPConstants.REQUIRE_DERIVED_KEYS) != null)
{

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SecurityContextTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -53,33 +53,34 @@ public class SecurityContextTokenBuilder
             contextToken.setInclusion(consts.getInclusionFromAttributeValue(includeAttr));
         }
 
-        element = PolicyConstants.findPolicyElement(element);
-        if (element == null && consts != SP11Constants.INSTANCE) {
+        Element policyElement = PolicyConstants.findPolicyElement(element);
+        if (policyElement == null && consts != SP11Constants.INSTANCE) {
             throw new IllegalArgumentException(
                 "sp:SecurityContextToken/wsp:Policy must have a value"
             );
         }
 
-        if (element != null) {
-            if (DOMUtils.getFirstChildWithName(element, 
+        if (policyElement != null) {
+            contextToken.setPolicy(policyElement);
+            if (DOMUtils.getFirstChildWithName(policyElement, 
                     consts.getNamespace(),
                     SPConstants.REQUIRE_DERIVED_KEYS) != null) {
                 contextToken.setDerivedKeys(true);
             }
     
-            if (DOMUtils.getFirstChildWithName(element, 
+            if (DOMUtils.getFirstChildWithName(policyElement, 
                     consts.getNamespace(),
                     SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE) != null) {
                 contextToken.setRequireExternalUriRef(true);
             }
     
-            if (DOMUtils.getFirstChildWithName(element,
+            if (DOMUtils.getFirstChildWithName(policyElement,
                     consts.getNamespace(),
                     SPConstants.SC10_SECURITY_CONTEXT_TOKEN) != null) {
                 contextToken.setSc10SecurityContextToken(true);
             }
     
-            if (DOMUtils.getFirstChildWithName(element,
+            if (DOMUtils.getFirstChildWithName(policyElement,
                     consts.getNamespace(),
                     SPConstants.SC13_SECURITY_CONTEXT_TOKEN) != null) {
                 contextToken.setSc13SecurityContextToken(true);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SpnegoContextTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -68,6 +68,7 @@ public class SpnegoContextTokenBuilder i
             QName qn = DOMUtils.getElementQName(elem);
             if (Constants.isPolicyElement(qn)) {
                 foundPolicy = true;
+                spnegoContextToken.setPolicy(elem);
                 if (DOMUtils.getFirstChildWithName(elem, consts.getNamespace(),
                         SPConstants.REQUIRE_DERIVED_KEYS) != null) {
                     spnegoContextToken.setDerivedKeys(true);

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -65,6 +65,7 @@ public class UsernameTokenBuilder implem
             );
         }
         if (polEl != null) {
+            usernameToken.setPolicy(polEl);
             NodeList children = polEl.getChildNodes();
             if (children != null) {
                 for (int i = 0; i < children.getLength(); i++) {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
Wed Feb 20 14:42:21 2013
@@ -70,6 +70,7 @@ public class X509TokenBuilder implements
         }
 
         if (policyElement != null) {
+            x509Token.setPolicy(policyElement);
             if (DOMUtils.getFirstChildWithName(policyElement, consts.getRequiredDerivedKeys())
!= null) {
                 x509Token.setDerivedKeys(true);
             } else if (DOMUtils.getFirstChildWithName(policyElement, 

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Wed Feb 20 14:42:21 2013
@@ -343,6 +343,10 @@ public class IssuedTokenInterceptorProvi
             client.setTrust(getTrust10(aim));
             client.setTrust(getTrust13(aim));
             client.setTemplate(itok.getRstTemplate());
+            Element policy = itok.getPolicy();
+            if (policy != null && policy.getNamespaceURI() != null) {
+                client.setWspNamespace(policy.getNamespaceURI());
+            }
             if (maps != null && maps.getNamespaceURI() != null) {
                 client.setAddressingNamespace(maps.getNamespaceURI());
             }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Token.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Token.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Token.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Token.java
Wed Feb 20 14:42:21 2013
@@ -18,6 +18,8 @@
  */
 package org.apache.cxf.ws.security.policy.model;
 
+import org.w3c.dom.Element;
+
 import org.apache.cxf.ws.security.policy.SPConstants;
 import org.apache.cxf.ws.security.policy.SPConstants.IncludeTokenType;
 
@@ -40,6 +42,11 @@ public abstract class Token extends Abst
     private String issuerName;
     
     /**
+     * A reference to the DOM wsp:Policy child Element
+     */
+    private Element policy;
+    
+    /**
      * A Reference to a parent SupportingToken assertion
      */
     private SupportingToken supportingToken;
@@ -116,4 +123,12 @@ public abstract class Token extends Abst
     public void setSupportingToken(SupportingToken supportingToken) {
         this.supportingToken = supportingToken;
     }
+
+    public Element getPolicy() {
+        return policy;
+    }
+
+    public void setPolicy(Element policy) {
+        this.policy = policy;
+    }
 }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java?rev=1448193&r1=1448192&r2=1448193&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
Wed Feb 20 14:42:21 2013
@@ -91,6 +91,7 @@ import org.apache.cxf.ws.policy.PolicyCo
 import org.apache.cxf.ws.policy.PolicyEngine;
 import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
 import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.policy.SPConstants;
 import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
 import org.apache.cxf.ws.security.policy.model.Binding;
 import org.apache.cxf.ws.security.policy.model.Header;
@@ -158,6 +159,7 @@ public abstract class AbstractSTSClient 
     protected AlgorithmSuite algorithmSuite;
     protected String namespace = STSUtils.WST_NS_05_12;
     protected String addressingNamespace = "http://www.w3.org/2005/08/addressing";
+    protected String wspNamespace = SPConstants.P_NS;
     protected Object onBehalfOf;
     protected boolean enableAppliesTo = true;
 
@@ -1177,8 +1179,12 @@ public abstract class AbstractSTSClient 
 
     protected void addAppliesTo(XMLStreamWriter writer, String appliesTo) throws XMLStreamException
{
         if (appliesTo != null && addressingNamespace != null) {
-            writer.writeStartElement("wsp", "AppliesTo", "http://schemas.xmlsoap.org/ws/2004/09/policy");
-            writer.writeNamespace("wsp", "http://schemas.xmlsoap.org/ws/2004/09/policy");
+            String policyNS = wspNamespace;
+            if (policyNS == null) {
+                policyNS = "http://schemas.xmlsoap.org/ws/2004/09/policy";
+            }
+            writer.writeStartElement("wsp", "AppliesTo", policyNS);
+            writer.writeNamespace("wsp", policyNS);
             writer.writeStartElement("wsa", "EndpointReference", addressingNamespace);
             writer.writeNamespace("wsa", addressingNamespace);
             writer.writeStartElement("wsa", "Address", addressingNamespace);
@@ -1581,4 +1587,12 @@ public abstract class AbstractSTSClient 
             return crypto;
         }
     }
+
+    public String getWspNamespace() {
+        return wspNamespace;
+    }
+
+    public void setWspNamespace(String wspNamespace) {
+        this.wspNamespace = wspNamespace;
+    }
 }



Mime
View raw message