cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1478817 - in /cxf/branches/wss4j2.0-port: rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/ services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/ services/sts/systests/basic/src/test/resources/org/ap...
Date Fri, 03 May 2013 14:39:59 GMT
Author: coheigea
Date: Fri May  3 14:39:58 2013
New Revision: 1478817

URL: http://svn.apache.org/r1478817
Log:
Add the ability to set a UseKey certificate directly on the STSClient

Modified:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
    cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
    cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/asymmetric/cxf-client.xml

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java?rev=1478817&r1=1478816&r2=1478817&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
Fri May  3 14:39:58 2013
@@ -181,6 +181,7 @@ public abstract class AbstractSTSClient 
     protected boolean sendKeyType = true;
     protected Message message;
     protected String context;
+    protected X509Certificate useKeyCertificate;
 
     protected Map<String, Object> ctx = new HashMap<String, Object>();
     
@@ -721,8 +722,13 @@ public abstract class AbstractSTSClient 
         if (keyTypeTemplate != null && keyTypeTemplate.endsWith("SymmetricKey"))
{
             requestorEntropy = writeElementsForRSTSymmetricKey(writer, wroteKeySize);
         } else if (keyTypeTemplate != null && keyTypeTemplate.endsWith("PublicKey"))
{
-            crypto = createCrypto(false);
-            cert = getCert(crypto);
+            // Use the given cert, or else get it from a Crypto instance
+            if (useKeyCertificate != null) {
+                cert = useKeyCertificate;
+            } else {
+                crypto = createCrypto(false);
+                cert = getCert(crypto);
+            }
             writeElementsForRSTPublicKey(writer, cert);
         } else if (isSpnego) {
             addKeySize(keySize, writer);
@@ -1613,4 +1619,12 @@ public abstract class AbstractSTSClient 
     public void setWspNamespace(String wspNamespace) {
         this.wspNamespace = wspNamespace;
     }
+
+    public X509Certificate getUseKeyCertificate() {
+        return useKeyCertificate;
+    }
+
+    public void setUseKeyCertificate(X509Certificate useKeyCertificate) {
+        this.useKeyCertificate = useKeyCertificate;
+    }
 }

Modified: cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java?rev=1478817&r1=1478816&r2=1478817&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
(original)
+++ cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
Fri May  3 14:39:58 2013
@@ -19,6 +19,7 @@
 package org.apache.cxf.systest.sts.asymmetric;
 
 import java.net.URL;
+import java.security.cert.X509Certificate;
 
 import javax.xml.namespace.QName;
 import javax.xml.ws.BindingProvider;
@@ -31,6 +32,11 @@ import org.apache.cxf.systest.sts.common
 import org.apache.cxf.systest.sts.common.TokenTestUtils;
 import org.apache.cxf.systest.sts.deployment.STSServer;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.trust.STSClient;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.components.crypto.CryptoType;
 
 import org.example.contract.doubleit.DoubleItPortType;
 import org.junit.BeforeClass;
@@ -152,6 +158,16 @@ public class AsymmetricBindingTest exten
             TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml1EncryptedPort, STSPORT2);
         }
         
+        // Set the X509Certificate manually on the STSClient (just to test that we can)
+        BindingProvider bindingProvider = (BindingProvider)asymmetricSaml1EncryptedPort;
+        STSClient stsClient = 
+            (STSClient)bindingProvider.getRequestContext().get(SecurityConstants.STS_CLIENT);
+        Crypto crypto = CryptoFactory.getInstance("clientKeystore.properties");
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias("myclientkey");
+        X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
+        stsClient.setUseKeyCertificate(certs[0]);
+        
         doubleIt(asymmetricSaml1EncryptedPort, 40);
         
         ((java.io.Closeable)asymmetricSaml1EncryptedPort).close();

Modified: cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/asymmetric/cxf-client.xml
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/asymmetric/cxf-client.xml?rev=1478817&r1=1478816&r2=1478817&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/asymmetric/cxf-client.xml
(original)
+++ cxf/branches/wss4j2.0-port/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/asymmetric/cxf-client.xml
Fri May  3 14:39:58 2013
@@ -109,8 +109,6 @@ http://cxf.apache.org/configuration/secu
                                   value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
                            <entry key="ws-security.encryption.properties" value="clientKeystore.properties"/>

                            <entry key="ws-security.encryption.username" value="mystskey"/>
-                           <entry key="ws-security.sts.token.username" value="myclientkey"/>
-                           <entry key="ws-security.sts.token.properties" value="clientKeystore.properties"/>

                            <entry key="ws-security.sts.token.usecert" value="true"/>

                            <entry key="ws-security.is-bsp-compliant" value="false"/>
                        </map>



Mime
View raw message