cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1457547 - in /cxf/branches/wss4j2.0-port: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/ services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/ services/sts/systests/advanced/src/test/j...
Date Sun, 17 Mar 2013 19:59:32 GMT
Author: coheigea
Date: Sun Mar 17 19:59:32 2013
New Revision: 1457547

URL: http://svn.apache.org/r1457547
Log:
Fixed more WSS4J 2.0 tests

Modified:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
    cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
    cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/distributed_caching/SCTTokenValidator.java
    cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java?rev=1457547&r1=1457546&r2=1457547&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java
Sun Mar 17 19:59:32 2013
@@ -125,7 +125,7 @@ public class HttpsTokenInterceptorProvid
                             }
                         };
                         message.put(MessageTrustDecider.class, trust);
-                        NegotiationUtils.assertPolicy(aim, SP12Constants.REQUIRE_CLIENT_CERTIFICATE);
+                        NegotiationUtils.assertPolicy(aim, SPConstants.REQUIRE_CLIENT_CERTIFICATE);
                     }
                     if (token.getAuthenticationType() == HttpsToken.AuthenticationType.HttpBasicAuthentication)
{
                         List<String> auth = headers.get("Authorization");
@@ -133,7 +133,7 @@ public class HttpsTokenInterceptorProvid
                             || !auth.get(0).startsWith("Basic")) {
                             ai.setNotAsserted("HttpBasicAuthentication is set, but not being
used");
                         } else {
-                            NegotiationUtils.assertPolicy(aim, SP12Constants.HTTP_BASIC_AUTHENTICATION);
+                            NegotiationUtils.assertPolicy(aim, SPConstants.HTTP_BASIC_AUTHENTICATION);
                         }
                     }
                     if (token.getAuthenticationType() == HttpsToken.AuthenticationType.HttpDigestAuthentication)
{
@@ -142,7 +142,7 @@ public class HttpsTokenInterceptorProvid
                             || !auth.get(0).startsWith("Digest")) {
                             ai.setNotAsserted("HttpDigestAuthentication is set, but not being
used");
                         } else {
-                            NegotiationUtils.assertPolicy(aim, SP12Constants.HTTP_DIGEST_AUTHENTICATION);
+                            NegotiationUtils.assertPolicy(aim, SPConstants.HTTP_DIGEST_AUTHENTICATION);
                         }
                     }
                 } else {
@@ -191,7 +191,10 @@ public class HttpsTokenInterceptorProvid
                     //client side should be checked on the way out
                     for (AssertionInfo ai : ais) {
                         ai.setAsserted(true);
-                    }                    
+                    }
+                    NegotiationUtils.assertPolicy(aim, SPConstants.HTTP_DIGEST_AUTHENTICATION);
+                    NegotiationUtils.assertPolicy(aim, SPConstants.HTTP_BASIC_AUTHENTICATION);
+                    NegotiationUtils.assertPolicy(aim, SPConstants.REQUIRE_CLIENT_CERTIFICATE);
                 }
             }
         }
@@ -208,7 +211,7 @@ public class HttpsTokenInterceptorProvid
                         || !auth.get(0).startsWith("Basic")) {
                         asserted = false;
                     } else {
-                        NegotiationUtils.assertPolicy(aim, SP12Constants.HTTP_BASIC_AUTHENTICATION);
+                        NegotiationUtils.assertPolicy(aim, SPConstants.HTTP_BASIC_AUTHENTICATION);
                     }
                 }
                 if (token.getAuthenticationType() == HttpsToken.AuthenticationType.HttpDigestAuthentication)
{
@@ -217,7 +220,7 @@ public class HttpsTokenInterceptorProvid
                         || !auth.get(0).startsWith("Digest")) {
                         asserted = false;
                     } else {
-                        NegotiationUtils.assertPolicy(aim, SP12Constants.HTTP_DIGEST_AUTHENTICATION);
+                        NegotiationUtils.assertPolicy(aim, SPConstants.HTTP_DIGEST_AUTHENTICATION);
                     }
                 }
 
@@ -229,7 +232,7 @@ public class HttpsTokenInterceptorProvid
                             || tlsInfo.getPeerCertificates().length == 0)) {
                         asserted = false;
                     } else {
-                        NegotiationUtils.assertPolicy(aim, SP12Constants.REQUIRE_CLIENT_CERTIFICATE);
+                        NegotiationUtils.assertPolicy(aim, SPConstants.REQUIRE_CLIENT_CERTIFICATE);
                     }
                 } else {
                     asserted = false;

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1457547&r1=1457546&r2=1457547&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
Sun Mar 17 19:59:32 2013
@@ -211,6 +211,8 @@ class SecureConversationInInterceptor ex
             } else {
                 message.getInterceptorChain().add(SecureConversationTokenFinderInterceptor.INSTANCE);
             }
+            
+            NegotiationUtils.assertPolicy(aim, SPConstants.BOOTSTRAP_POLICY);
         }
     }
 

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java?rev=1457547&r1=1457546&r2=1457547&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
Sun Mar 17 19:59:32 2013
@@ -80,8 +80,8 @@ class SecureConversationOutInterceptor e
                     message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
                     message.getExchange().put(SecurityConstants.TOKEN, tok);
                     NegotiationUtils.getTokenStore(message).add(tok);
-                    
                 }
+                NegotiationUtils.assertPolicy(aim, SPConstants.BOOTSTRAP_POLICY);
             } else {
                 //server side should be checked on the way in
                 for (AssertionInfo ai : ais) {

Modified: cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java?rev=1457547&r1=1457546&r2=1457547&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
(original)
+++ cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
Sun Mar 17 19:59:32 2013
@@ -82,10 +82,6 @@ import org.apache.cxf.ws.policy.PolicyBu
 import org.apache.cxf.ws.policy.PolicyEngine;
 import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
 import org.apache.cxf.ws.security.SecurityConstants;
-import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
-import org.apache.cxf.ws.security.policy.model.Binding;
-import org.apache.cxf.ws.security.policy.model.Trust10;
-import org.apache.cxf.ws.security.policy.model.Trust13;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.trust.STSUtils;
 import org.apache.cxf.ws.security.trust.TrustException;
@@ -110,6 +106,11 @@ import org.apache.wss4j.dom.processor.En
 import org.apache.wss4j.dom.processor.X509Util;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
+import org.apache.wss4j.policy.model.AbstractBinding;
+import org.apache.wss4j.policy.model.AlgorithmSuite;
+import org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType;
+import org.apache.wss4j.policy.model.Trust10;
+import org.apache.wss4j.policy.model.Trust13;
 import org.apache.xml.security.exceptions.Base64DecodingException;
 import org.apache.xml.security.keys.content.X509Data;
 import org.apache.xml.security.keys.content.keyvalues.DSAKeyValue;
@@ -415,8 +416,8 @@ public class SimpleBatchSTSClient implem
             while (i.hasNext() && algorithmSuite == null) {
                 List<PolicyComponent> p = CastUtils.cast((List<?>)i.next());
                 for (PolicyComponent p2 : p) {
-                    if (p2 instanceof Binding) {
-                        algorithmSuite = ((Binding)p2).getAlgorithmSuite();
+                    if (p2 instanceof AbstractBinding) {
+                        algorithmSuite = ((AbstractBinding)p2).getAlgorithmSuite();
                     }
                 }
             }
@@ -661,8 +662,9 @@ public class SimpleBatchSTSClient implem
             if (algorithmSuite == null) {
                 requestorEntropy = WSSecurityUtil.generateNonce(keySize / 8);
             } else {
+                AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType();
                 requestorEntropy = WSSecurityUtil
-                    .generateNonce(algorithmSuite.getMaximumSymmetricKeyLength() / 8);
+                    .generateNonce(algType.getMaximumSymmetricKeyLength() / 8);
             }
             writer.writeCharacters(Base64.encode(requestorEntropy));
 
@@ -922,7 +924,8 @@ public class SimpleBatchSTSClient implem
 
                     int length = (keySize > 0) ? keySize : 256;
                     if (algorithmSuite != null) {
-                        length = (keySize > 0) ? keySize : algorithmSuite.getMaximumSymmetricKeyLength();
+                        AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType();
+                        length = (keySize > 0) ? keySize : algType.getMaximumSymmetricKeyLength();
                     }
                     try {
                         secret = psha1.createKey(requestorEntropy, serviceEntr, 0, length
/ 8);

Modified: cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/distributed_caching/SCTTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/distributed_caching/SCTTokenValidator.java?rev=1457547&r1=1457546&r2=1457547&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/distributed_caching/SCTTokenValidator.java
(original)
+++ cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/distributed_caching/SCTTokenValidator.java
Sun Mar 17 19:59:32 2013
@@ -23,11 +23,11 @@ import java.util.Collection;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
-import org.apache.cxf.ws.security.policy.SP12Constants;
 import org.apache.cxf.ws.security.trust.STSTokenValidator;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.policy.SP12Constants;
 
 /**
  * This class validates a SecurityContextToken by dispatching it to an STS. It pauses first
to make sure

Modified: cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml?rev=1457547&r1=1457546&r2=1457547&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml
(original)
+++ cxf/branches/wss4j2.0-port/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml
Sun Mar 17 19:59:32 2013
@@ -181,7 +181,7 @@
 	</jaxws:endpoint>
 
 	<bean id="kerberosValidator" class="org.apache.wss4j.dom.validate.KerberosTokenValidator">
-		<property name="jaasLoginModuleName" value="bob" />
+		<property name="contextName" value="bob" />
 		<property name="serviceName" value="bob@service.ws.apache.org" />
 	</bean>
 



Mime
View raw message