cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1477984 - in /cxf/branches/wss4j2.0-port: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/ services/sts/systests/basic/src/test/java/org/apache...
Date Wed, 01 May 2013 13:20:59 GMT
Author: coheigea
Date: Wed May  1 13:20:59 2013
New Revision: 1477984

URL: http://svn.apache.org/r1477984
Log:
[CXF-4977] Record the security context with the SCT token to be able to restore it during
the real invokations

Modified:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
    cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java?rev=1477984&r1=1477983&r2=1477984&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
Wed May  1 13:20:59 2013
@@ -36,6 +36,7 @@ import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.Interceptor;
 import org.apache.cxf.message.Exchange;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.service.Service;
 import org.apache.cxf.service.invoker.Invoker;
 import org.apache.cxf.service.model.BindingOperationInfo;
@@ -266,13 +267,20 @@ final class NegotiationUtils {
                         (SecurityContextToken)wser.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
                     message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getIdentifier());
                     
-                    byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
-                    if (secret != null) {
-                        SecurityToken token = new SecurityToken(tok.getIdentifier());
-                        token.setToken(tok.getElement());
-                        token.setSecret(secret);
-                        token.setTokenType(tok.getTokenType());
-                        getTokenStore(message).add(token);
+                    SecurityToken token = getTokenStore(message).getToken(tok.getIdentifier());
+                    if (token == null) {
+                        byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
+                        if (secret != null) {
+                            token = new SecurityToken(tok.getIdentifier());
+                            token.setToken(tok.getElement());
+                            token.setSecret(secret);
+                            token.setTokenType(tok.getTokenType());
+                            getTokenStore(message).add(token);
+                        }
+                    }
+                    final SecurityContext sc = token.getSecurityContext();
+                    if (sc != null) {
+                        message.put(SecurityContext.class, sc);
                     }
                     return true;
                 }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1477984&r1=1477983&r2=1477984&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
Wed May  1 13:20:59 2013
@@ -39,6 +39,7 @@ import org.apache.cxf.message.Exchange;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.AbstractPhaseInterceptor;
 import org.apache.cxf.phase.Phase;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.staxutils.W3CDOMStreamWriter;
 import org.apache.cxf.ws.addressing.AddressingProperties;
 import org.apache.cxf.ws.addressing.JAXWSAConstants;
@@ -318,9 +319,16 @@ class SecureConversationInInterceptor ex
             byte[] secret = writeProofToken(prefix, namespace, writer, clientEntropy, keySize);
             
             token.setSecret(secret);
+            
+            SecurityContext sc = exchange.getInMessage().get(SecurityContext.class);
+            if (sc != null) {
+                token.setSecurityContext(sc);
+            }
+            
             ((TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
                     .getProperty(TokenStore.class.getName())).add(token);
             
+            
             writer.writeEndElement();
             if (STSUtils.WST_NS_05_12.equals(namespace)) {
                 writer.writeEndElement();

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java?rev=1477984&r1=1477983&r2=1477984&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
Wed May  1 13:20:59 2013
@@ -30,6 +30,7 @@ import java.util.Properties;
 import org.w3c.dom.Element;
 
 import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.cxf.staxutils.W3CDOMStreamWriter;
 import org.apache.wss4j.common.crypto.Crypto;
@@ -134,6 +135,10 @@ public class SecurityToken implements Se
      * The principal of this SecurityToken
      */
     private transient Principal principal;
+    /**
+     * The SecurityContext originally associated with this token
+     */
+    private transient SecurityContext securityContext;
     
     public SecurityToken() {
         
@@ -489,4 +494,20 @@ public class SecurityToken implements Se
         return principal;
     }
     
+    /**
+     * Set the SecurityContext associated with this SecurityToken
+     * @param securityContext the SecurityContext associated with this SecurityToken
+     */
+    public void setSecurityContext(SecurityContext securityContext) {
+        this.securityContext = securityContext;
+    }
+    
+    /**
+     * Get the SecurityContext associated with this SecurityToken
+     * @return the SecurityContext associated with this SecurityToken
+     */
+    public SecurityContext getSecurityContext() {
+        return securityContext;
+    }
+    
 } 

Modified: cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java?rev=1477984&r1=1477983&r2=1477984&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
(original)
+++ cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
Wed May  1 13:20:59 2013
@@ -159,7 +159,6 @@ public class SymmetricBindingTest extend
     }
     
     @org.junit.Test
-    @org.junit.Ignore
     public void testUsernameTokenSAML2SecureConversation() throws Exception {
 
         SpringBusFactory bf = new SpringBusFactory();



Mime
View raw message