cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From asold...@apache.org
Subject git commit: [CXF-5909] Propagate security Provider from Exchange to WSS4J ThreadLocalSecurityProvider
Date Mon, 28 Jul 2014 14:55:50 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 2e250f690 -> efc7e27a5


[CXF-5909] Propagate security Provider from Exchange to WSS4J ThreadLocalSecurityProvider


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/efc7e27a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/efc7e27a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/efc7e27a

Branch: refs/heads/3.0.x-fixes
Commit: efc7e27a5c4f368d7f54a8053504026d71d722a6
Parents: 2e250f6
Author: Alessio Soldano <asoldano@redhat.com>
Authored: Mon Jul 28 16:21:11 2014 +0200
Committer: Alessio Soldano <asoldano@redhat.com>
Committed: Mon Jul 28 16:55:03 2014 +0200

----------------------------------------------------------------------
 .../wss4j/PolicyBasedWSS4JOutInterceptor.java    | 17 +++++++++++++++++
 .../ws/security/wss4j/WSS4JInInterceptor.java    | 17 +++++++++++++++++
 .../ws/security/wss4j/WSS4JOutInterceptor.java   | 19 ++++++++++++++++++-
 .../security/wss4j/WSS4JStaxInInterceptor.java   | 17 +++++++++++++++++
 .../security/wss4j/WSS4JStaxOutInterceptor.java  | 19 ++++++++++++++++++-
 5 files changed, 87 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/efc7e27a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
index 7056876..8d0a438 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
+import java.security.Provider;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
@@ -48,6 +49,7 @@ import org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler;
 import org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler;
 import org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler;
 import org.apache.neethi.Policy;
+import org.apache.wss4j.common.crypto.ThreadLocalSecurityProvider;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
@@ -103,6 +105,21 @@ public class PolicyBasedWSS4JOutInterceptor extends AbstractPhaseInterceptor<Soa
         }
 
         public void handleMessage(SoapMessage message) throws Fault {
+            Object provider = message.getExchange().get(Provider.class);
+            final boolean useCustomProvider = provider != null && ThreadLocalSecurityProvider.isInstalled();
+            try {
+                if (useCustomProvider) {
+                    ThreadLocalSecurityProvider.setProvider((Provider)provider);
+                }
+                handleMessageInternal(message);
+            } finally {
+                if (useCustomProvider) {
+                    ThreadLocalSecurityProvider.unsetProvider();
+                }
+            }
+        }
+        
+        private void handleMessageInternal(SoapMessage message) throws Fault {
             Collection<AssertionInfo> ais;
             SOAPMessage saaj = message.getContent(SOAPMessage.class);
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/efc7e27a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 1d1b2ac..3410ba4 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -20,6 +20,7 @@ package org.apache.cxf.ws.security.wss4j;
 
 import java.io.IOException;
 import java.security.Principal;
+import java.security.Provider;
 import java.security.cert.Certificate;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -70,6 +71,7 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.wss4j.common.cache.ReplayCache;
 import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.ThreadLocalSecurityProvider;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
@@ -177,6 +179,21 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor {
             return;
         }
         
+        Object provider = msg.getExchange().get(Provider.class);
+        final boolean useCustomProvider = provider != null && ThreadLocalSecurityProvider.isInstalled();
+        try {
+            if (useCustomProvider) {
+                ThreadLocalSecurityProvider.setProvider((Provider)provider);
+            }
+            handleMessageInternal(msg);
+        } finally {
+            if (useCustomProvider) {
+                ThreadLocalSecurityProvider.unsetProvider();
+            }
+        }
+    }
+    
+    private void handleMessageInternal(SoapMessage msg) throws Fault {
         boolean utWithCallbacks = 
             MessageUtils.getContextualBoolean(msg, SecurityConstants.VALIDATE_TOKEN, true);
         translateProperties(msg);

http://git-wip-us.apache.org/repos/asf/cxf/blob/efc7e27a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
index 7ac08ab..ce1c877 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
+import java.security.Provider;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
@@ -40,6 +41,7 @@ import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.phase.PhaseInterceptor;
+import org.apache.wss4j.common.crypto.ThreadLocalSecurityProvider;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSSConfig;
@@ -142,7 +144,22 @@ public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor {
             super();
         }
         
-        public void handleMessage(SoapMessage mc) throws Fault {
+        public void handleMessage(SoapMessage message) throws Fault {
+            Object provider = message.getExchange().get(Provider.class);
+            final boolean useCustomProvider = provider != null && ThreadLocalSecurityProvider.isInstalled();
+            try {
+                if (useCustomProvider) {
+                    ThreadLocalSecurityProvider.setProvider((Provider)provider);
+                }
+                handleMessageInternal(message);
+            } finally {
+                if (useCustomProvider) {
+                    ThreadLocalSecurityProvider.unsetProvider();
+                }
+            }
+        }
+        
+        private void handleMessageInternal(SoapMessage mc) throws Fault {
             
             boolean doDebug = LOG.isLoggable(Level.FINE);
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/efc7e27a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
index d0f0c12..19e4240 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.IOException;
+import java.security.Provider;
 import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
@@ -30,6 +31,7 @@ import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.util.StreamReaderDelegate;
 
 import org.apache.cxf.binding.soap.SoapFault;
 import org.apache.cxf.binding.soap.SoapMessage;
@@ -48,6 +50,7 @@ import org.apache.wss4j.common.ConfigurationConstants;
 import org.apache.wss4j.common.WSSPolicyException;
 import org.apache.wss4j.common.cache.ReplayCache;
 import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.ThreadLocalSecurityProvider;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.stax.ConfigurationConverter;
@@ -139,6 +142,20 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor
{
             
             newXmlStreamReader = 
                 inboundWSSec.processInMessage(originalXmlStreamReader, requestSecurityEvents,
securityEventListeners);
+            final Object provider = soapMessage.getExchange().get(Provider.class);
+            if (provider != null && ThreadLocalSecurityProvider.isInstalled()) {
+                newXmlStreamReader = new StreamReaderDelegate(newXmlStreamReader) {
+                    @Override
+                    public int next() throws XMLStreamException {
+                        try {
+                            ThreadLocalSecurityProvider.setProvider((Provider)provider);
+                            return super.next();
+                        } finally {
+                            ThreadLocalSecurityProvider.unsetProvider();
+                        }
+                    }
+                };
+            }
             soapMessage.setContent(XMLStreamReader.class, newXmlStreamReader);
 
             // Warning: The exceptions which can occur here are not security relevant exceptions

http://git-wip-us.apache.org/repos/asf/cxf/blob/efc7e27a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java
index 4c98498..6193e2e 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.OutputStream;
+import java.security.Provider;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
@@ -41,6 +42,7 @@ import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.wss4j.common.ConfigurationConstants;
 import org.apache.wss4j.common.WSSPolicyException;
 import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.ThreadLocalSecurityProvider;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.stax.ConfigurationConverter;
 import org.apache.wss4j.stax.WSSec;
@@ -304,7 +306,22 @@ public class WSS4JStaxOutInterceptor extends AbstractWSS4JStaxInterceptor
{
             getBefore().add(AttachmentOutInterceptor.AttachmentOutEndingInterceptor.class.getName());
         }
         
-        public void handleMessage(Message mc) throws Fault {
+        public void handleMessage(Message message) throws Fault {
+            Object provider = message.getExchange().get(Provider.class);
+            final boolean useCustomProvider = provider != null && ThreadLocalSecurityProvider.isInstalled();
+            try {
+                if (useCustomProvider) {
+                    ThreadLocalSecurityProvider.setProvider((Provider)provider);
+                }
+                handleMessageInternal(message);
+            } finally {
+                if (useCustomProvider) {
+                    ThreadLocalSecurityProvider.unsetProvider();
+                }
+            }
+        }
+        
+        private void handleMessageInternal(Message mc) throws Fault {
             try {
                 XMLStreamWriter xtw = mc.getContent(XMLStreamWriter.class);
                 if (xtw != null) {


Mime
View raw message