cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1477656 - in /cxf/branches/2.7.x-fixes: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/ services/sts/systests/basic/src/test/java/org/apache/c...
Date Tue, 30 Apr 2013 14:24:45 GMT
Author: dkulp
Date: Tue Apr 30 14:24:45 2013
New Revision: 1477656

URL: http://svn.apache.org/r1477656
Log:
Merged revisions 1477356 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1477356 | dkulp | 2013-04-29 17:32:10 -0400 (Mon, 29 Apr 2013) | 2 lines

  [CXF-4977] Record the security context with the SCT token to be able to restore it during
the real invokations

........

Modified:
    cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
    cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
    cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
    cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java

Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
Tue Apr 30 14:24:45 2013
@@ -33,6 +33,7 @@ import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.Interceptor;
 import org.apache.cxf.message.Exchange;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.service.Service;
 import org.apache.cxf.service.invoker.Invoker;
 import org.apache.cxf.service.model.BindingOperationInfo;
@@ -264,13 +265,20 @@ final class NegotiationUtils {
                         (SecurityContextToken)wser.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
                     message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getIdentifier());
                     
-                    byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
-                    if (secret != null) {
-                        SecurityToken token = new SecurityToken(tok.getIdentifier());
-                        token.setToken(tok.getElement());
-                        token.setSecret(secret);
-                        token.setTokenType(tok.getTokenType());
-                        getTokenStore(message).add(token);
+                    SecurityToken token = getTokenStore(message).getToken(tok.getIdentifier());
+                    if (token == null) {
+                        byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
+                        if (secret != null) {
+                            token = new SecurityToken(tok.getIdentifier());
+                            token.setToken(tok.getElement());
+                            token.setSecret(secret);
+                            token.setTokenType(tok.getTokenType());
+                            getTokenStore(message).add(token);
+                        }
+                    }
+                    final SecurityContext sc = token.getSecurityContext();
+                    if (sc != null) {
+                        message.put(SecurityContext.class, sc);
                     }
                     return true;
                 }

Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
Tue Apr 30 14:24:45 2013
@@ -35,6 +35,7 @@ import org.apache.cxf.message.Exchange;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.AbstractPhaseInterceptor;
 import org.apache.cxf.phase.Phase;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.staxutils.W3CDOMStreamWriter;
 import org.apache.cxf.ws.addressing.AddressingProperties;
 import org.apache.cxf.ws.addressing.JAXWSAConstants;
@@ -274,9 +275,16 @@ class SecureConversationInInterceptor ex
             byte[] secret = writeProofToken(prefix, namespace, writer, clientEntropy, keySize);
             
             token.setSecret(secret);
+            
+            SecurityContext sc = exchange.getInMessage().get(SecurityContext.class);
+            if (sc != null) {
+                token.setSecurityContext(sc);
+            }
+            
             ((TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
                     .getProperty(TokenStore.class.getName())).add(token);
             
+            
             writer.writeEndElement();
             if (STSUtils.WST_NS_05_12.equals(namespace)) {
                 writer.writeEndElement();

Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
Tue Apr 30 14:24:45 2013
@@ -30,6 +30,7 @@ import java.util.Properties;
 import org.w3c.dom.Element;
 
 import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.cxf.staxutils.W3CDOMStreamWriter;
 import org.apache.ws.security.WSConstants;
@@ -134,6 +135,10 @@ public class SecurityToken implements Se
      * The principal of this SecurityToken
      */
     private transient Principal principal;
+    /**
+     * The SecurityContext originally associated with this token
+     */
+    private transient SecurityContext securityContext;
     
     public SecurityToken() {
         
@@ -489,4 +494,20 @@ public class SecurityToken implements Se
         return principal;
     }
     
+    /**
+     * Set the SecurityContext associated with this SecurityToken
+     * @param securityContext the SecurityContext associated with this SecurityToken
+     */
+    public void setSecurityContext(SecurityContext securityContext) {
+        this.securityContext = securityContext;
+    }
+    
+    /**
+     * Get the SecurityContext associated with this SecurityToken
+     * @return the SecurityContext associated with this SecurityToken
+     */
+    public SecurityContext getSecurityContext() {
+        return securityContext;
+    }
+    
 } 

Modified: cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java?rev=1477656&r1=1477655&r2=1477656&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
(original)
+++ cxf/branches/2.7.x-fixes/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
Tue Apr 30 14:24:45 2013
@@ -159,7 +159,6 @@ public class SymmetricBindingTest extend
     }
     
     @org.junit.Test
-    @org.junit.Ignore
     public void testUsernameTokenSAML2SecureConversation() throws Exception {
 
         SpringBusFactory bf = new SpringBusFactory();



Mime
View raw message