cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1549562 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/ systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/
Date Mon, 09 Dec 2013 12:32:53 GMT
Author: coheigea
Date: Mon Dec  9 12:32:52 2013
New Revision: 1549562

URL: http://svn.apache.org/r1549562
Log:
Fixed a bug in the WS-Security layer + re-enabled some tests

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
Mon Dec  9 12:32:52 2013
@@ -397,9 +397,18 @@ public class StaxAsymmetricBindingHandle
             actionToPerform = WSSConstants.SIGNATURE_WITH_DERIVED_KEY;
         }
         List<WSSConstants.Action> actionList = properties.getActions();
-        if (actionList.contains(WSSConstants.SIGNATURE_CONFIRMATION)) {
-            actionList.add(0, actionToPerform);
-        } else {
+        // Add a Signature directly before a Kerberos or SCT, otherwise just append it
+        boolean actionAdded = false;
+        for (int i = 0; i < actionList.size(); i++) {
+            WSSConstants.Action action = actionList.get(i);
+            if (action.equals(WSSConstants.KERBEROS_TOKEN)
+                || action.equals(WSSConstants.SIGNATURE_CONFIRMATION)) {
+                actionList.add(i, actionToPerform);
+                actionAdded = true;
+                break;
+            }
+        }
+        if (!actionAdded) {
             actionList.add(actionToPerform);
         }
         

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
Mon Dec  9 12:32:52 2013
@@ -500,10 +500,18 @@ public class StaxSymmetricBindingHandler
         }
         
         List<WSSConstants.Action> actionList = properties.getActions();
-        if (actionList.contains(WSSConstants.KERBEROS_TOKEN)
-            || actionList.contains(WSSConstants.SIGNATURE_CONFIRMATION)) {
-            actionList.add(0, actionToPerform);
-        } else {
+        // Add a Signature directly before a Kerberos or SCT, otherwise just append it
+        boolean actionAdded = false;
+        for (int i = 0; i < actionList.size(); i++) {
+            WSSConstants.Action action = actionList.get(i);
+            if (action.equals(WSSConstants.KERBEROS_TOKEN)
+                || action.equals(WSSConstants.SIGNATURE_CONFIRMATION)) {
+                actionList.add(i, actionToPerform);
+                actionAdded = true;
+                break;
+            }
+        }
+        if (!actionAdded) {
             actionList.add(actionToPerform);
         }
 

Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
(original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
Mon Dec  9 12:32:52 2013
@@ -146,8 +146,8 @@ public class WSSecurity111Test extends W
             {new TestParam("A", staxPort, false)},
             {new TestParam("A-NoTimestamp", staxPort, false)},
             {new TestParam("AD", staxPort, false)},
-            // TODO Investigate {new TestParam("A-ES", staxPort, false)},
-            // TODO Investigate {new TestParam("AD-ES", staxPort, false)},
+            {new TestParam("A-ES", staxPort, false)},
+            {new TestParam("AD-ES", staxPort, false)},
             {new TestParam("UX", staxPort, false)},
             {new TestParam("UX-NoTimestamp", staxPort, false)},
             {new TestParam("UXD", staxPort, false)},

Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java?rev=1549562&r1=1549561&r2=1549562&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
(original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
Mon Dec  9 12:32:52 2013
@@ -123,7 +123,7 @@ public class WSSecurity112Test extends W
                 {new TestParam("X-AES256", StaxServer12.PORT, false)},
                 {new TestParam("X-TripleDES", StaxServer12.PORT, false)},
                 {new TestParam("XD", StaxServer12.PORT, false)},
-                // TODO Investigate {new TestParam("XD-ES", StaxServer12.PORT, false)},
+                {new TestParam("XD-ES", StaxServer12.PORT, false)},
                 // TODO Endorsing derived streaming not working 
                 // {new TestParam("XD-SEES", StaxServer12.PORT, false)},
             });
@@ -138,7 +138,7 @@ public class WSSecurity112Test extends W
                 {new TestParam("X", StaxServer12Restricted.PORT, false)},
                 {new TestParam("X-NoTimestamp", StaxServer12Restricted.PORT, false)},
                 {new TestParam("XD", StaxServer12Restricted.PORT, false)},
-                // TODO Investigate {new TestParam("XD-ES", StaxServer12Restricted.PORT,
false)},
+                {new TestParam("XD-ES", StaxServer12Restricted.PORT, false)},
                 // TODO Endorsing derived streaming not working 
                 // {new TestParam("XD-SEES", StaxServer12Restricted.PORT, false)},
             });



Mime
View raw message