Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7D1AB11735 for ; Wed, 23 Apr 2014 14:28:48 +0000 (UTC) Received: (qmail 22773 invoked by uid 500); 23 Apr 2014 14:28:45 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 22665 invoked by uid 500); 23 Apr 2014 14:28:45 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 22657 invoked by uid 99); 23 Apr 2014 14:28:45 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Apr 2014 14:28:45 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id EEC7B9487AA; Wed, 23 Apr 2014 14:28:44 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: coheigea@apache.org To: commits@cxf.apache.org Message-Id: <490356173b454b0aa7a2d173b882cae3@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: git commit: Fixing build following WSS4J changes Date: Wed, 23 Apr 2014 14:28:44 +0000 (UTC) Repository: cxf-fediz Updated Branches: refs/heads/master a7c8a5091 -> d39f7f0fb Fixing build following WSS4J changes Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d39f7f0f Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d39f7f0f Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d39f7f0f Branch: refs/heads/master Commit: d39f7f0fbe08b750c1c1e335f0813aa4110ff2c0 Parents: a7c8a50 Author: Colm O hEigeartaigh Authored: Wed Apr 23 15:28:28 2014 +0100 Committer: Colm O hEigeartaigh Committed: Wed Apr 23 15:28:28 2014 +0100 ---------------------------------------------------------------------- .../fediz/core/saml/SamlAssertionValidator.java | 2 +- .../cxf/fediz/core/FederationProcessorTest.java | 89 +++++++++++++++----- .../fediz/core/SAMLTokenValidatorOldTest.java | 18 +++- 3 files changed, 82 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d39f7f0f/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SamlAssertionValidator.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SamlAssertionValidator.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SamlAssertionValidator.java index 77012a9..24a6784 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SamlAssertionValidator.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SamlAssertionValidator.java @@ -252,7 +252,7 @@ public class SamlAssertionValidator implements Validator { // Use the validation method from the crypto to check whether the subjects' // certificate was really signed by the issuer stated in the certificate // - crypto.verifyTrust(certificates, enableRevocation); + crypto.verifyTrust(certificates, enableRevocation, null); if (LOG.isDebugEnabled()) { String subjectString = certificates[0].getSubjectX500Principal().getName(); LOG.debug( http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d39f7f0f/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java index dc9e44f..d4b7061 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java @@ -60,6 +60,7 @@ import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.SAMLUtil; import org.apache.wss4j.common.saml.SamlAssertionWrapper; +import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean; import org.apache.wss4j.common.saml.bean.ConditionsBean; import org.apache.wss4j.common.saml.builder.SAML1Constants; import org.apache.wss4j.common.saml.builder.SAML2Constants; @@ -214,7 +215,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -255,7 +258,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -293,7 +298,9 @@ public class FederationProcessorTest { callbackHandler.setSubjectName(TEST_USER); callbackHandler.setRoles(null); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -331,7 +338,9 @@ public class FederationProcessorTest { callbackHandler.setSubjectName(TEST_USER); callbackHandler.setRoleAttributeName("http://schemas.mycompany.com/claims/role"); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -369,7 +378,9 @@ public class FederationProcessorTest { callbackHandler.setSubjectName(TEST_USER); callbackHandler.setRoleAttributeName("http://schemas.mycompany.com/claims/role"); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -406,7 +417,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -444,7 +457,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -484,7 +499,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -522,7 +539,9 @@ public class FederationProcessorTest { callbackHandler.setSubjectName(TEST_USER); callbackHandler.setMultiValueType(MultiValue.MULTI_ATTR); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -561,7 +580,9 @@ public class FederationProcessorTest { callbackHandler.setSubjectName(TEST_USER); callbackHandler.setMultiValueType(MultiValue.ENC_VALUE); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -605,7 +626,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -646,7 +669,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -685,7 +710,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -732,7 +759,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -771,7 +800,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -814,7 +845,9 @@ public class FederationProcessorTest { currentTime = new DateTime(); currentTime = currentTime.minusSeconds(300); cp.setNotBefore(currentTime); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -859,7 +892,9 @@ public class FederationProcessorTest { currentTime = new DateTime(); currentTime = currentTime.plusSeconds(30); cp.setNotBefore(currentTime); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -898,7 +933,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -939,7 +976,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -978,7 +1017,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -1018,7 +1059,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); Crypto clientCrypto = CryptoFactory.getInstance("client-crypto.properties"); @@ -1118,7 +1161,9 @@ public class FederationProcessorTest { callbackHandler.setIssuer(TEST_RSTR_ISSUER); callbackHandler.setSubjectName(TEST_USER); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d39f7f0f/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java index 587cb19..9349057 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java @@ -22,6 +22,7 @@ package org.apache.cxf.fediz.core; import java.io.File; import java.io.IOException; import java.net.URL; +import java.util.Collections; import java.util.List; import javax.security.auth.callback.CallbackHandler; @@ -41,6 +42,7 @@ import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.SAMLUtil; import org.apache.wss4j.common.saml.SamlAssertionWrapper; +import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean; import org.apache.wss4j.common.saml.bean.ConditionsBean; import org.apache.wss4j.common.saml.builder.SAML1Constants; import org.apache.wss4j.common.saml.builder.SAML2Constants; @@ -115,7 +117,9 @@ public class SAMLTokenValidatorOldTest { callbackHandler.setRoleAttributeName("role"); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -160,7 +164,9 @@ public class SAMLTokenValidatorOldTest { callbackHandler.setRoleAttributeName("http://schemas.mycompany.com/claims/role"); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -201,7 +207,9 @@ public class SAMLTokenValidatorOldTest { callbackHandler.setAttributeNameFormat(ClaimTypes.URI_BASE.toString()); callbackHandler.setRoleAttributeName("http://schemas.mycompany.com/claims/role"); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback(); @@ -243,7 +251,9 @@ public class SAMLTokenValidatorOldTest { callbackHandler.setRoleAttributeName("role"); ConditionsBean cp = new ConditionsBean(); - cp.setAudienceURI(TEST_AUDIENCE); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE); + cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(cp); SAMLCallback samlCallback = new SAMLCallback();