cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: [CXF-6105] - CXF 3.x does not use the older WS-SecurityPolicy 1.1 namespace
Date Fri, 14 Nov 2014 17:17:08 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 2cd4f136a -> 2561af88d


[CXF-6105] - CXF 3.x does not use the older WS-SecurityPolicy 1.1 namespace


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2561af88
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2561af88
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2561af88

Branch: refs/heads/master
Commit: 2561af88db461b9c5480acb2a32cd0210fd79668
Parents: 2cd4f13
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Nov 14 17:15:46 2014 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Nov 14 17:16:36 2014 +0000

----------------------------------------------------------------------
 .../wss4j/policyhandlers/AbstractBindingBuilder.java         | 4 ++--
 .../wss4j/policyhandlers/AsymmetricBindingHandler.java       | 8 ++++++++
 .../wss4j/policyhandlers/SymmetricBindingHandler.java        | 8 ++++----
 .../wss4j/policyhandlers/TransportBindingHandler.java        | 7 +++++--
 4 files changed, 19 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2561af88/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index aeec3cb..87e6cb6 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -1902,8 +1902,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         WSSecDKSign dkSign = new WSSecDKSign(wssConfig);  
         
         //Check whether it is security policy 1.2 and use the secure conversation accordingly
-        if (policyToken.getVersion() == SPConstants.SPVersion.SP12) {
-            dkSign.setWscVersion(ConversationConstants.VERSION_05_12);
+        if (policyToken.getVersion() == SPConstants.SPVersion.SP11) {
+            dkSign.setWscVersion(ConversationConstants.VERSION_05_02);
         }
                       
         //Check for whether the token is attached in the message or not

http://git-wip-us.apache.org/repos/asf/cxf/blob/2561af88/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 9ea8487..36f7aba 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -44,6 +44,7 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler;
 import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.derivedKey.ConversationConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.dom.WSConstants;
@@ -451,6 +452,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
             if (encrToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
                 try {
                     WSSecDKEncrypt dkEncr = new WSSecDKEncrypt(wssConfig);
+                    if (recToken.getToken().getVersion() == SPConstants.SPVersion.SP11) {
+                        dkEncr.setWscVersion(ConversationConstants.VERSION_05_02);
+                    }
                     
                     if (encrKey == null) {
                         setupEncryptedKey(recToken, encrToken);
@@ -611,6 +615,10 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder
{
             setupEncryptedKey(wrapper, sigToken);
             
             WSSecDKSign dkSign = new WSSecDKSign(wssConfig);
+            if (wrapper.getToken().getVersion() == SPConstants.SPVersion.SP11) {
+                dkSign.setWscVersion(ConversationConstants.VERSION_05_02);
+            }
+            
             dkSign.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
 
             // Set the algo info

http://git-wip-us.apache.org/repos/asf/cxf/blob/2561af88/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 99314f7..ff072c0 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -398,8 +398,8 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
                                           boolean atEnd) {
         try {
             WSSecDKEncrypt dkEncr = new WSSecDKEncrypt(wssConfig);
-            if (recToken.getToken().getVersion() == SPConstants.SPVersion.SP12) {
-                dkEncr.setWscVersion(ConversationConstants.VERSION_05_12);
+            if (recToken.getToken().getVersion() == SPConstants.SPVersion.SP11) {
+                dkEncr.setWscVersion(ConversationConstants.VERSION_05_02);
             }
 
             if (attached && encrTok.getAttachedReference() != null) {
@@ -622,8 +622,8 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
                                boolean included) throws WSSecurityException {
         Document doc = saaj.getSOAPPart();
         WSSecDKSign dkSign = new WSSecDKSign(wssConfig);
-        if (policyAbstractTokenWrapper.getToken().getVersion() == SPConstants.SPVersion.SP12)
{
-            dkSign.setWscVersion(ConversationConstants.VERSION_05_12);
+        if (policyAbstractTokenWrapper.getToken().getVersion() == SPConstants.SPVersion.SP11)
{
+            dkSign.setWscVersion(ConversationConstants.VERSION_05_02);
         }
         
         //Check for whether the token is attached in the message or not

http://git-wip-us.apache.org/repos/asf/cxf/blob/2561af88/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
index 708699f..bc90e3c 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
@@ -365,6 +365,9 @@ public class TransportBindingHandler extends AbstractBindingBuilder {
             encrKey.appendToHeader(secHeader);
             
             WSSecDKSign dkSig = new WSSecDKSign(wssConfig);
+            if (wrapper.getToken().getVersion() == SPConstants.SPVersion.SP11) {
+                dkSig.setWscVersion(ConversationConstants.VERSION_05_02);
+            }
             
             dkSig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
             dkSig.setSignatureAlgorithm(binding.getAlgorithmSuite().getSymmetricSignature());
@@ -474,8 +477,8 @@ public class TransportBindingHandler extends AbstractBindingBuilder {
         dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
         AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
         dkSign.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
-        if (token.getVersion() == SPConstants.SPVersion.SP12) {
-            dkSign.setWscVersion(ConversationConstants.VERSION_05_12);
+        if (token.getVersion() == SPConstants.SPVersion.SP11) {
+            dkSign.setWscVersion(ConversationConstants.VERSION_05_02);
         }
         Document doc = saaj.getSOAPPart();
         dkSign.prepare(doc, secHeader);


Mime
View raw message