cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1455121 - in /cxf/branches/wss4j2.0-port: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/poli...
Date Mon, 11 Mar 2013 13:00:52 GMT
Author: coheigea
Date: Mon Mar 11 13:00:51 2013
New Revision: 1455121

URL: http://svn.apache.org/r1455121
Log:
Switched to use AlgorithmSuiteBuilder in WSS4J for GCM AlgorithmSuites

Added:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
      - copied, changed from r1455117, cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
Removed:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/GCMAlgorithmSuite.java
Modified:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
    cxf/branches/wss4j2.0-port/systests/ws-security/src/test/resources/logging.properties

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java?rev=1455121&r1=1455120&r2=1455121&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
Mon Mar 11 13:00:51 2013
@@ -36,6 +36,7 @@ import org.apache.cxf.ws.policy.PolicyIn
 import org.apache.cxf.ws.policy.PolicyInterceptorProviderRegistry;
 import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
 import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertionBuilder;
+import org.apache.cxf.ws.security.policy.custom.AlgorithmSuiteBuilder;
 import org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInterceptorProvider;
 import org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider;
 import org.apache.cxf.ws.security.policy.interceptors.KerberosTokenInterceptorProvider;
@@ -51,7 +52,6 @@ import org.apache.neethi.builders.xml.XM
 import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SP13Constants;
-import org.apache.wss4j.policy.builders.AlgorithmSuiteBuilder;
 import org.apache.wss4j.policy.builders.AsymmetricBindingBuilder;
 import org.apache.wss4j.policy.builders.ContentEncryptedElementsBuilder;
 import org.apache.wss4j.policy.builders.EncryptedElementsBuilder;
@@ -110,7 +110,7 @@ public final class WSSecurityPolicyLoade
         if (reg == null) {
             return;
         }
-        reg.registerBuilder(new AlgorithmSuiteBuilder());
+        reg.registerBuilder(new AlgorithmSuiteBuilder(bus));
         reg.registerBuilder(new AsymmetricBindingBuilder());
         reg.registerBuilder(new ContentEncryptedElementsBuilder());
         reg.registerBuilder(new EncryptedElementsBuilder());

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java?rev=1455121&r1=1455120&r2=1455121&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/TransportBindingBuilder.java
Mon Mar 11 13:00:51 2013
@@ -28,7 +28,7 @@ import org.apache.cxf.ws.policy.PolicyBu
 import org.apache.cxf.ws.security.policy.SP11Constants;
 import org.apache.cxf.ws.security.policy.SP12Constants;
 import org.apache.cxf.ws.security.policy.SPConstants;
-import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
+// import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
 import org.apache.cxf.ws.security.policy.model.Layout;
 import org.apache.cxf.ws.security.policy.model.SupportingToken;
 import org.apache.cxf.ws.security.policy.model.TransportBinding;
@@ -78,8 +78,10 @@ public class TransportBindingBuilder imp
                     String name = child.getLocalName();
                     if (name.equals(SPConstants.ALGO_SUITE)) {
                         foundAlgorithmSuite = true;
+                        /*
                         parent.setAlgorithmSuite((AlgorithmSuite)new AlgorithmSuiteBuilder(bus)
                             .build(child, factory));
+                            */
                     } else if (name.equals(SPConstants.TRANSPORT_TOKEN)) {
                         foundTransportToken = true;
                         parent.setTransportToken((TransportToken)new TransportTokenBuilder(builder)

Copied: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
(from r1455117, cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java)
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java?p2=cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java&p1=cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java&r1=1455117&r2=1455121&rev=1455121&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/AlgorithmSuiteBuilder.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
Mon Mar 11 13:00:51 2013
@@ -16,9 +16,7 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.cxf.ws.security.policy.builders;
-
-
+package org.apache.cxf.ws.security.policy.custom;
 
 import javax.xml.namespace.QName;
 
@@ -26,17 +24,15 @@ import org.w3c.dom.Element;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.ws.security.policy.SP11Constants;
-import org.apache.cxf.ws.security.policy.SP12Constants;
-import org.apache.cxf.ws.security.policy.SPConstants;
-import org.apache.cxf.ws.security.policy.WSSPolicyException;
-import org.apache.cxf.ws.security.policy.custom.AlgorithmSuiteLoader;
-import org.apache.cxf.ws.security.policy.custom.DefaultAlgorithmSuiteLoader;
-import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
 import org.apache.neethi.Assertion;
 import org.apache.neethi.AssertionBuilderFactory;
+import org.apache.neethi.Policy;
 import org.apache.neethi.builders.AssertionBuilder;
-
+import org.apache.wss4j.policy.SP11Constants;
+import org.apache.wss4j.policy.SP13Constants;
+import org.apache.wss4j.policy.SPConstants;
+import org.apache.wss4j.policy.SPUtils;
+import org.apache.wss4j.policy.model.AlgorithmSuite;
 
 public class AlgorithmSuiteBuilder implements AssertionBuilder<Element> {
     
@@ -46,41 +42,36 @@ public class AlgorithmSuiteBuilder imple
         this.bus = bus;
     }
     
-    public Assertion build(Element element, AssertionBuilderFactory factory)
-        throws IllegalArgumentException {
-        
-        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
-            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
+    @Override
+    public Assertion build(Element element, AssertionBuilderFactory factory) throws IllegalArgumentException
{
 
+        final SPConstants.SPVersion spVersion = SPConstants.SPVersion.getSPVersion(element.getNamespaceURI());
+        final Element nestedPolicyElement = SPUtils.getFirstPolicyChildElement(element);
+        if (nestedPolicyElement == null) {
+            throw new IllegalArgumentException("sp:AlgorithmSuite must have an inner wsp:Policy
element");
+        }
+        final Policy nestedPolicy = factory.getPolicyEngine().getPolicy(nestedPolicyElement);
+        
         AlgorithmSuiteLoader loader = bus.getExtension(AlgorithmSuiteLoader.class);
         if (loader == null) {
             loader = new DefaultAlgorithmSuiteLoader();
-        } 
-        Element policyElement = DOMUtils.getFirstElement(element);
-        if (policyElement == null) {
-            throw new IllegalArgumentException(
-                "sp:AlgorithmSuite/wsp:Policy must have a value"
-            );
         }
-        AlgorithmSuite algorithmSuite = null;
-        try {
-            algorithmSuite = loader.getAlgorithmSuite(policyElement, consts);
-        } catch (WSSPolicyException e) {
-            throw new IllegalArgumentException(e);
-        }
-        
-        if (algorithmSuite == null && consts != SP11Constants.INSTANCE) {
-            String algorithmSuiteName = DOMUtils.getFirstElement(policyElement).getLocalName();
+        AlgorithmSuite algorithmSuite = loader.getAlgorithmSuite(spVersion, nestedPolicy);
+        if (algorithmSuite == null) {
+            String algorithmSuiteName = DOMUtils.getFirstElement(nestedPolicyElement).getLocalName();
             throw new IllegalArgumentException(
                 "Algorithm suite \"" + algorithmSuiteName + "\" is not registered"
             );
         }
 
+        algorithmSuite.setOptional(SPUtils.isOptional(element));
+        algorithmSuite.setIgnorable(SPUtils.isIgnorable(element));
         return algorithmSuite;
     }
 
+    @Override
     public QName[] getKnownElements() {
-        return new QName[]{SP11Constants.ALGORITHM_SUITE, SP12Constants.ALGORITHM_SUITE};
+        return new QName[]{SP13Constants.ALGORITHM_SUITE, SP11Constants.ALGORITHM_SUITE};
     }
 
 }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java?rev=1455121&r1=1455120&r2=1455121&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
Mon Mar 11 13:00:51 2013
@@ -18,10 +18,9 @@
  */
 package org.apache.cxf.ws.security.policy.custom;
 
-import org.w3c.dom.Element;
-
-import org.apache.cxf.ws.security.policy.SPConstants;
-import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
+import org.apache.neethi.Policy;
+import org.apache.wss4j.policy.SPConstants;
+import org.apache.wss4j.policy.model.AlgorithmSuite;
 
 /**
  * This interface defines a way of retrieving an AlgorithmSuite object from the policy element
@@ -29,6 +28,6 @@ import org.apache.cxf.ws.security.policy
  */
 public interface AlgorithmSuiteLoader {
 
-    AlgorithmSuite getAlgorithmSuite(Element policyElement, SPConstants consts);
+    AlgorithmSuite getAlgorithmSuite(SPConstants.SPVersion version, Policy nestedPolicy);
 
 }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java?rev=1455121&r1=1455120&r2=1455121&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
Mon Mar 11 13:00:51 2013
@@ -18,35 +18,74 @@
  */
 package org.apache.cxf.ws.security.policy.custom;
 
-import org.w3c.dom.Element;
-
-import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.ws.security.policy.SPConstants;
-import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+import org.apache.wss4j.policy.SPConstants;
+import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
+import org.apache.wss4j.policy.model.AlgorithmSuite;
 
 /**
- * This class retrieves the default AlgorithmSuites.
+ * This class retrieves the default AlgorithmSuites plus the CXF specific GCM AlgorithmSuites.
  */
 public class DefaultAlgorithmSuiteLoader implements AlgorithmSuiteLoader {
     
-    private static final String CXF_CUSTOM_POLICY_NS = 
-         "http://cxf.apache.org/custom/security-policy";
+    public AlgorithmSuite getAlgorithmSuite(SPConstants.SPVersion version, Policy nestedPolicy)
{
+        return new GCMAlgorithmSuite(version, nestedPolicy);
+    }
+    
+    private static class GCMAlgorithmSuite extends AlgorithmSuite {
+
+        GCMAlgorithmSuite(SPConstants.SPVersion version, Policy nestedPolicy) {
+            super(version, nestedPolicy);
+        }
 
-    public AlgorithmSuite getAlgorithmSuite(Element policyElement, SPConstants consts) {
-        if (policyElement != null) {
-            Element algorithm = DOMUtils.getFirstElement(policyElement);
-            if (algorithm != null) {
-                AlgorithmSuite algorithmSuite = null;
-                if (CXF_CUSTOM_POLICY_NS.equals(algorithm.getNamespaceURI())) {
-                    algorithmSuite = new GCMAlgorithmSuite(consts);
-                } else {
-                    algorithmSuite = new AlgorithmSuite(consts);
-                }
-                algorithmSuite.setAlgorithmSuite(algorithm.getLocalName());
-                return algorithmSuite;
+        @Override
+        protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+            return new GCMAlgorithmSuite(getVersion(), nestedPolicy);
+        }
+
+        @Override
+        protected void parseCustomAssertion(Assertion assertion) {
+            String assertionName = assertion.getName().getLocalPart();
+            String assertionNamespace = assertion.getName().getNamespaceURI();
+            if (!"http://cxf.apache.org/custom/security-policy".equals(assertionNamespace))
{
+                return;
+            }
+
+            if ("Basic128GCM".equals(assertionName)) {
+                setAlgorithmSuiteType(new AlgorithmSuiteType(
+                        "Basic128GCM",
+                        SPConstants.SHA1,
+                        "http://www.w3.org/2009/xmlenc11#aes128-gcm",
+                        SPConstants.KW_AES128,
+                        SPConstants.KW_RSA_OAEP,
+                        SPConstants.P_SHA1_L128,
+                        SPConstants.P_SHA1_L128,
+                        128, 128, 128, 256, 1024, 4096
+                ));
+            } else if ("Basic192GCM".equals(assertionName)) {
+                setAlgorithmSuiteType(new AlgorithmSuiteType(
+                        "Basic192GCM",
+                        SPConstants.SHA1,
+                        "http://www.w3.org/2009/xmlenc11#aes192-gcm",
+                        SPConstants.KW_AES192,
+                        SPConstants.KW_RSA_OAEP,
+                        SPConstants.P_SHA1_L192,
+                        SPConstants.P_SHA1_L192,
+                        192, 192, 192, 256, 1024, 4096));
+            } else if ("Basic256GCM".equals(assertionName)) {
+                setAlgorithmSuiteType(new AlgorithmSuiteType(
+                        "Basic256GCM",
+                        SPConstants.SHA1,
+                        "http://www.w3.org/2009/xmlenc11#aes256-gcm",
+                        SPConstants.KW_AES256,
+                        SPConstants.KW_RSA_OAEP,
+                        SPConstants.P_SHA1_L256,
+                        SPConstants.P_SHA1_L192,
+                        256, 192, 256, 256, 1024, 4096));
             }
         }
-        return null;
     }
 
+
 }

Modified: cxf/branches/wss4j2.0-port/systests/ws-security/src/test/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/systests/ws-security/src/test/resources/logging.properties?rev=1455121&r1=1455120&r2=1455121&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/systests/ws-security/src/test/resources/logging.properties
(original)
+++ cxf/branches/wss4j2.0-port/systests/ws-security/src/test/resources/logging.properties
Mon Mar 11 13:00:51 2013
@@ -46,7 +46,7 @@ handlers= java.util.logging.ConsoleHandl
 # can be overriden by a facility specific level
 # Note that the ConsoleHandler also has a separate level
 # setting to limit messages printed to the console.
-.level= WARNING
+.level= INFO
 
 ############################################################
 # Handler specific properties.
@@ -60,7 +60,7 @@ java.util.logging.FileHandler.count = 1
 java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
 
 # Limit the message that are printed on the console to INFO and above.
-java.util.logging.ConsoleHandler.level = SEVERE
+java.util.logging.ConsoleHandler.level = INFO
 java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
 
 



Mime
View raw message