cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [3/3] git commit: [CXF-5585] - Streaming code
Date Fri, 28 Feb 2014 14:56:46 GMT
[CXF-5585] - Streaming code


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/07108f9a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/07108f9a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/07108f9a

Branch: refs/heads/master
Commit: 07108f9a1f81eee219bfab33fc90391e8b9edc44
Parents: 6940c5f
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Feb 28 14:56:13 2014 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Feb 28 14:56:33 2014 +0000

----------------------------------------------------------------------
 .../policyhandlers/AbstractStaxBindingHandler.java | 17 +++++++++++++++++
 .../StaxAsymmetricBindingHandler.java              |  7 ++++---
 .../StaxSymmetricBindingHandler.java               |  7 ++++---
 .../apache/cxf/systest/ws/bindings/stax-server.xml | 15 +++++++++++++++
 4 files changed, 40 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/07108f9a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
index a23c7f0..7411ef3 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
@@ -1016,6 +1016,23 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
         }
     }
     
+    // Put the Signature action before the SignatureConfirmation action
+    protected void prependSignatureToSC() {
+        if (properties.getActions() != null) {
+            List<WSSConstants.Action> actionList = properties.getActions();
+            boolean sigConf = actionList.contains(WSSConstants.SIGNATURE_CONFIRMATION);
+            if (sigConf && actionList.contains(WSSConstants.SIGNATURE)) {
+                actionList.remove(WSSConstants.SIGNATURE_CONFIRMATION);
+                actionList.add(actionList.indexOf(WSSConstants.SIGNATURE) + 1, 
+                               WSSConstants.SIGNATURE_CONFIRMATION);
+            } else if (sigConf && actionList.contains(WSSConstants.SIGNATURE_WITH_DERIVED_KEY))
{
+                actionList.remove(WSSConstants.SIGNATURE_CONFIRMATION);
+                actionList.add(actionList.indexOf(WSSConstants.SIGNATURE_WITH_DERIVED_KEY)
+ 1, 
+                               WSSConstants.SIGNATURE_CONFIRMATION);
+            }
+        }
+    }
+    
     // If we have EncryptBeforeSigning, then we want to have the Signature component after
     // the Encrypt action, which is not the case if we have a Signed SAML Supporting Token
     protected void enforceEncryptBeforeSigningWithSignedSAML() {

http://git-wip-us.apache.org/repos/asf/cxf/blob/07108f9a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
index a34f068..7f19892 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
@@ -179,6 +179,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler
{
             
             addSupportingTokens();
             removeSignatureIfSignedSAML();
+            prependSignatureToSC();
 
             List<SecurePart> enc = getEncryptedParts();
             
@@ -345,6 +346,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler
{
             
             removeSignatureIfSignedSAML();
             enforceEncryptBeforeSigningWithSignedSAML();
+            prependSignatureToSC();
             
             // Reshuffle so that a IssuedToken is above a Signature that references it
             if (customTokenAdded) {
@@ -429,12 +431,11 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler
{
             actionToPerform = WSSConstants.SIGNATURE_WITH_DERIVED_KEY;
         }
         List<WSSConstants.Action> actionList = properties.getActions();
-        // Add a Signature directly before a Kerberos or SCT, otherwise just append it
+        // Add a Signature directly before Kerberos, otherwise just append it
         boolean actionAdded = false;
         for (int i = 0; i < actionList.size(); i++) {
             WSSConstants.Action action = actionList.get(i);
-            if (action.equals(WSSConstants.KERBEROS_TOKEN)
-                || action.equals(WSSConstants.SIGNATURE_CONFIRMATION)) {
+            if (action.equals(WSSConstants.KERBEROS_TOKEN)) {
                 actionList.add(i, actionToPerform);
                 actionAdded = true;
                 break;

http://git-wip-us.apache.org/repos/asf/cxf/blob/07108f9a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
index 63d5041..eba0b9d 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
@@ -272,6 +272,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler
{
             
             removeSignatureIfSignedSAML();
             enforceEncryptBeforeSigningWithSignedSAML();
+            prependSignatureToSC();
             
             // Reshuffle so that a IssuedToken is above a Signature that references it
             if (customTokenAdded) {
@@ -377,6 +378,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler
{
             
             addSupportingTokens();
             removeSignatureIfSignedSAML();
+            prependSignatureToSC();
 
             //Encryption
             List<SecurePart> enc = getEncryptedParts();
@@ -539,12 +541,11 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler
{
         }
         
         List<WSSConstants.Action> actionList = properties.getActions();
-        // Add a Signature directly before a Kerberos or SCT, otherwise just append it
+        // Add a Signature directly before Kerberos, otherwise just append it
         boolean actionAdded = false;
         for (int i = 0; i < actionList.size(); i++) {
             WSSConstants.Action action = actionList.get(i);
-            if (action.equals(WSSConstants.KERBEROS_TOKEN)
-                || action.equals(WSSConstants.SIGNATURE_CONFIRMATION)) {
+            if (action.equals(WSSConstants.KERBEROS_TOKEN)) {
                 actionList.add(i, actionToPerform);
                 actionAdded = true;
                 break;

http://git-wip-us.apache.org/repos/asf/cxf/blob/07108f9a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/bindings/stax-server.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/bindings/stax-server.xml
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/bindings/stax-server.xml
index 3490a6c..72f12ee 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/bindings/stax-server.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/bindings/stax-server.xml
@@ -305,4 +305,19 @@
             </p:policies>
         </jaxws:features>
     </jaxws:endpoint>
+    
+    <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignatureConfirmationEncBeforeSigningEndpoint"
address="http://localhost:${testutil.ports.StaxServer}/DoubleItSignatureConfirmationEncBeforeSigning"
serviceName="s:DoubleItService" endpointName="s:DoubleItSignatureConfirmationEncBeforeSigningPort"
implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/bindings/DoubleItBindings.wsdl">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+            <entry key="ws-security.signature.properties" value="bob.properties"/>
+            <entry key="ws-security.encryption.username" value="useReqSigCert"/>
+            <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+            <entry key="ws-security.enable.streaming" value="true"/>
+        </jaxws:properties>
+        <jaxws:features>
+            <p:policies>
+                <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/bindings/sig-conf-enc-before-signing-policy.xml"/>
+            </p:policies>
+        </jaxws:features>
+    </jaxws:endpoint>
 </beans>


Mime
View raw message