cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1455634 - in /cxf/branches/wss4j2.0-port: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/p...
Date Tue, 12 Mar 2013 17:23:54 GMT
Author: coheigea
Date: Tue Mar 12 17:23:53 2013
New Revision: 1455634

URL: http://svn.apache.org/r1455634
Log:
More fixed tests

Modified:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
    cxf/branches/wss4j2.0-port/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java?rev=1455634&r1=1455633&r2=1455634&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
Tue Mar 12 17:23:53 2013
@@ -56,7 +56,7 @@ public class AlgorithmSuiteBuilder imple
         if (loader == null) {
             loader = new DefaultAlgorithmSuiteLoader();
         }
-        AlgorithmSuite algorithmSuite = loader.getAlgorithmSuite(spVersion, nestedPolicy);
+        AlgorithmSuite algorithmSuite = loader.getAlgorithmSuite(bus, spVersion, nestedPolicy);
         if (algorithmSuite == null) {
             String algorithmSuiteName = DOMUtils.getFirstElement(nestedPolicyElement).getLocalName();
             throw new IllegalArgumentException(

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java?rev=1455634&r1=1455633&r2=1455634&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteLoader.java
Tue Mar 12 17:23:53 2013
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.ws.security.policy.custom;
 
+import org.apache.cxf.Bus;
 import org.apache.neethi.Policy;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AlgorithmSuite;
@@ -28,6 +29,6 @@ import org.apache.wss4j.policy.model.Alg
  */
 public interface AlgorithmSuiteLoader {
 
-    AlgorithmSuite getAlgorithmSuite(SPConstants.SPVersion version, Policy nestedPolicy);
+    AlgorithmSuite getAlgorithmSuite(Bus bus, SPConstants.SPVersion version, Policy nestedPolicy);
 
 }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java?rev=1455634&r1=1455633&r2=1455634&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/DefaultAlgorithmSuiteLoader.java
Tue Mar 12 17:23:53 2013
@@ -18,8 +18,21 @@
  */
 package org.apache.cxf.ws.security.policy.custom;
 
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.ws.policy.AssertionBuilderRegistry;
+import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
+import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertionBuilder;
 import org.apache.neethi.Assertion;
+import org.apache.neethi.AssertionBuilderFactory;
 import org.apache.neethi.Policy;
+import org.apache.neethi.builders.xml.XMLPrimitiveAssertionBuilder;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
 import org.apache.wss4j.policy.model.AlgorithmSuite;
@@ -29,7 +42,29 @@ import org.apache.wss4j.policy.model.Alg
  */
 public class DefaultAlgorithmSuiteLoader implements AlgorithmSuiteLoader {
     
-    public AlgorithmSuite getAlgorithmSuite(SPConstants.SPVersion version, Policy nestedPolicy)
{
+    public AlgorithmSuite getAlgorithmSuite(Bus bus, SPConstants.SPVersion version, Policy
nestedPolicy) {
+        AssertionBuilderRegistry reg = bus.getExtension(AssertionBuilderRegistry.class);
+        if (reg != null) {
+            String ns = "http://cxf.apache.org/custom/security-policy";
+            final Map<QName, Assertion> assertions = new HashMap<QName, Assertion>();
+            QName qName = new QName(ns, "Basic128GCM");
+            assertions.put(qName, new PrimitiveAssertion(qName));
+            qName = new QName(ns, "Basic192GCM");
+            assertions.put(qName, new PrimitiveAssertion(qName));
+            qName = new QName(ns, "Basic256GCM");
+            assertions.put(qName, new PrimitiveAssertion(qName));
+            
+            reg.registerBuilder(new PrimitiveAssertionBuilder(assertions.keySet()) {
+                public Assertion build(Element element, AssertionBuilderFactory fact) {
+                    if (XMLPrimitiveAssertionBuilder.isOptional(element)
+                        || XMLPrimitiveAssertionBuilder.isIgnorable(element)) {
+                        return super.build(element, fact);
+                    }
+                    QName q = new QName(element.getNamespaceURI(), element.getLocalName());
+                    return assertions.get(q);
+                }            
+            });
+        }
         return new GCMAlgorithmSuite(version, nestedPolicy);
     }
     
@@ -63,6 +98,7 @@ public class DefaultAlgorithmSuiteLoader
                         SPConstants.P_SHA1_L128,
                         128, 128, 128, 256, 1024, 4096
                 ));
+                getAlgorithmSuiteType().setNamespace(assertionNamespace);
             } else if ("Basic192GCM".equals(assertionName)) {
                 setAlgorithmSuiteType(new AlgorithmSuiteType(
                         "Basic192GCM",
@@ -73,6 +109,7 @@ public class DefaultAlgorithmSuiteLoader
                         SPConstants.P_SHA1_L192,
                         SPConstants.P_SHA1_L192,
                         192, 192, 192, 256, 1024, 4096));
+                getAlgorithmSuiteType().setNamespace(assertionNamespace);
             } else if ("Basic256GCM".equals(assertionName)) {
                 setAlgorithmSuiteType(new AlgorithmSuiteType(
                         "Basic256GCM",
@@ -83,6 +120,7 @@ public class DefaultAlgorithmSuiteLoader
                         SPConstants.P_SHA1_L256,
                         SPConstants.P_SHA1_L192,
                         256, 192, 256, 256, 1024, 4096));
+                getAlgorithmSuiteType().setNamespace(assertionNamespace);
             }
         }
     }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1455634&r1=1455633&r2=1455634&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Tue Mar 12 17:23:53 2013
@@ -555,8 +555,6 @@ public class PolicyBasedWSS4JInIntercept
             assertPolicy(aim, SPConstants.REQUIRE_THUMBPRINT_REFERENCE);
             assertPolicy(aim, SPConstants.REQUIRE_KEY_IDENTIFIER_REFERENCE);
             assertPolicy(aim, SPConstants.REQUIRE_EMBEDDED_TOKEN_REFERENCE);
-            assertPolicy(aim, SPConstants.TRUST_10);
-            assertPolicy(aim, SPConstants.WSS10);
             
             // WSS10
             assertPolicy(aim, SPConstants.WSS10);
@@ -565,13 +563,16 @@ public class PolicyBasedWSS4JInIntercept
             assertPolicy(aim, SPConstants.MUST_SUPPORT_REF_EXTERNAL_URI);
             assertPolicy(aim, SPConstants.MUST_SUPPORT_REF_EMBEDDED_TOKEN);
             
+            // Trust 1.0
+            assertPolicy(aim, SPConstants.TRUST_10);
+            assertPolicy(aim, SPConstants.MUST_SUPPORT_CLIENT_CHALLENGE);
+            assertPolicy(aim, SPConstants.MUST_SUPPORT_SERVER_CHALLENGE);
+            assertPolicy(aim, SPConstants.REQUIRE_CLIENT_ENTROPY);
+            assertPolicy(aim, SPConstants.REQUIRE_SERVER_ENTROPY);
+            assertPolicy(aim, SPConstants.MUST_SUPPORT_ISSUED_TOKENS);
+            
             // Trust 1.3
             assertPolicy(aim, SPConstants.TRUST_13);
-            assertPolicy(aim, SP12Constants.MUST_SUPPORT_CLIENT_CHALLENGE);
-            assertPolicy(aim, SP12Constants.MUST_SUPPORT_SERVER_CHALLENGE);
-            assertPolicy(aim, SP12Constants.REQUIRE_CLIENT_ENTROPY);
-            assertPolicy(aim, SP12Constants.REQUIRE_SERVER_ENTROPY);
-            assertPolicy(aim, SP12Constants.MUST_SUPPORT_ISSUED_TOKENS);
             assertPolicy(aim, SP12Constants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION);
             assertPolicy(aim, SP12Constants.REQUIRE_APPLIES_TO);
             assertPolicy(aim, SP13Constants.SCOPE_POLICY_15);

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java?rev=1455634&r1=1455633&r2=1455634&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
Tue Mar 12 17:23:53 2013
@@ -41,6 +41,7 @@ import org.apache.wss4j.dom.message.toke
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
+import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding;
 import org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding.ProtectionOrder;
 import org.apache.wss4j.policy.model.AbstractToken;
@@ -180,11 +181,13 @@ public abstract class AbstractBindingPol
             return false;
         }
         assertPolicy(aim, binding.getAlgorithmSuite());
-        String namespace = binding.getAlgorithmSuite().getVersion().getNamespace();
+        String namespace = binding.getAlgorithmSuite().getAlgorithmSuiteType().getNamespace();
         String name = binding.getAlgorithmSuite().getAlgorithmSuiteType().getName();
         Collection<AssertionInfo> algSuiteAis = aim.get(new QName(namespace, name));
-        for (AssertionInfo algSuiteAi : algSuiteAis) {
-            algSuiteAi.setAsserted(true);
+        if (algSuiteAis != null) {
+            for (AssertionInfo algSuiteAi : algSuiteAis) {
+                algSuiteAi.setAsserted(true);
+            }
         }
         
         // Check the IncludeTimestamp
@@ -193,8 +196,7 @@ public abstract class AbstractBindingPol
             ai.setNotAsserted(error);
             return false;
         }
-        assertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP);
-        assertPolicy(aim, SP11Constants.INCLUDE_TIMESTAMP);
+        assertPolicy(aim, SPConstants.INCLUDE_TIMESTAMP);
         
         // Check the Layout
         Layout layout = binding.getLayout();
@@ -220,16 +222,14 @@ public abstract class AbstractBindingPol
             ai.setNotAsserted(error);
             return false;
         }
-        assertPolicy(aim, SP12Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY);
-        assertPolicy(aim, SP11Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY);
+        assertPolicy(aim, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY);
         
         // Check whether the signatures were encrypted or not
         if (binding.isProtectTokens() && !isSignatureEncrypted(results)) {
             ai.setNotAsserted("The signature is not protected");
             return false;
         }
-        assertPolicy(aim, SP12Constants.PROTECT_TOKENS);
-        assertPolicy(aim, SP11Constants.PROTECT_TOKENS);
+        assertPolicy(aim, SPConstants.PROTECT_TOKENS);
         
         return true;
     }
@@ -249,13 +249,13 @@ public abstract class AbstractBindingPol
                 ai.setNotAsserted("Not encrypted before signed");
                 return false;
             }
-            assertPolicy(aim, SP12Constants.ENCRYPT_BEFORE_SIGNING);
+            assertPolicy(aim, SPConstants.ENCRYPT_BEFORE_SIGNING);
         } else if (protectionOrder == ProtectionOrder.SignBeforeEncrypting) { 
             if (isEncryptedBeforeSigned(results)) {
                 ai.setNotAsserted("Not signed before encrypted");
                 return false;
             }
-            assertPolicy(aim, SP12Constants.SIGN_BEFORE_ENCRYPTING);
+            assertPolicy(aim, SPConstants.SIGN_BEFORE_ENCRYPTING);
         }
         return true;
     }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java?rev=1455634&r1=1455633&r2=1455634&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
Tue Mar 12 17:23:53 2013
@@ -99,8 +99,10 @@ public class TransportBindingPolicyValid
             String namespace = binding.getAlgorithmSuite().getVersion().getNamespace();
             String name = binding.getAlgorithmSuite().getAlgorithmSuiteType().getName();
             Collection<AssertionInfo> algSuiteAis = aim.get(new QName(namespace, name));
-            for (AssertionInfo algSuiteAi : algSuiteAis) {
-                algSuiteAi.setAsserted(true);
+            if (algSuiteAis != null) {
+                for (AssertionInfo algSuiteAi : algSuiteAis) {
+                    algSuiteAi.setAsserted(true);
+                }
             }
             
             // Check the IncludeTimestamp

Modified: cxf/branches/wss4j2.0-port/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java?rev=1455634&r1=1455633&r2=1455634&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java
(original)
+++ cxf/branches/wss4j2.0-port/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/RestrictedAlgorithmSuiteLoader.java
Tue Mar 12 17:23:53 2013
@@ -35,7 +35,7 @@ public class RestrictedAlgorithmSuiteLoa
         bus.setExtension(this, AlgorithmSuiteLoader.class);
     }
 
-    public AlgorithmSuite getAlgorithmSuite(SPConstants.SPVersion version, Policy nestedPolicy)
{
+    public AlgorithmSuite getAlgorithmSuite(Bus bus, SPConstants.SPVersion version, Policy
nestedPolicy) {
         return new CustomAlgorithmSuite(version, nestedPolicy); 
     }
 



Mime
View raw message