cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [06/10] cxf git commit: Some fixes from the latest WSS4J changes
Date Fri, 13 Mar 2015 11:07:47 GMT
Some fixes from the latest WSS4J changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d68f140c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d68f140c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d68f140c

Branch: refs/heads/master
Commit: d68f140c76cf7e390dfce134ea5c5d97f129e65d
Parents: 9ae69b3
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Mar 6 13:22:52 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Mar 6 13:22:52 2015 +0000

----------------------------------------------------------------------
 .../SecureConversationInInterceptor.java        |  4 ++-
 .../SpnegoContextTokenInInterceptor.java        |  3 ++
 .../ws/security/tokenstore/SecurityToken.java   | 30 ++++++--------------
 .../policyhandlers/AbstractBindingBuilder.java  | 12 +++-----
 .../cxf/sts/operation/AbstractOperation.java    |  6 ++--
 .../apache/cxf/sts/request/RequestParser.java   |  6 ++--
 .../cxf/sts/token/provider/SCTProvider.java     |  3 ++
 7 files changed, 27 insertions(+), 37 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/d68f140c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
index 6cb52d1..0e17843 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
@@ -28,7 +28,6 @@ import java.util.Properties;
 import javax.xml.namespace.QName;
 
 import org.w3c.dom.Element;
-
 import org.apache.cxf.binding.soap.SoapBindingConstants;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor;
@@ -62,6 +61,7 @@ import org.apache.neethi.All;
 import org.apache.neethi.Assertion;
 import org.apache.neethi.ExactlyOne;
 import org.apache.neethi.Policy;
+import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
@@ -350,6 +350,8 @@ class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessa
             writer.writeStartElement(prefix, "RequestedSecurityToken", namespace);
             SecurityContextToken sct =
                 new SecurityContextToken(NegotiationUtils.getWSCVersion(tokenType), writer.getDocument());
+            WSSConfig wssConfig = WSSConfig.getNewInstance();
+            sct.setID(wssConfig.getIdAllocator().createId("sctId-", sct));
             
             Date created = new Date();
             Date expires = new Date();

http://git-wip-us.apache.org/repos/asf/cxf/blob/d68f140c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
index 6b76879..1e009b1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
@@ -54,6 +54,7 @@ import org.apache.neethi.ExactlyOne;
 import org.apache.neethi.Policy;
 import org.apache.wss4j.common.spnego.SpnegoTokenContext;
 import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.message.token.BinarySecurity;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -187,6 +188,8 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
                 new SecurityContextToken(
                     NegotiationUtils.getWSCVersion(tokenType), writer.getDocument()
                 );
+            WSSConfig wssConfig = WSSConfig.getNewInstance();
+            sct.setID(wssConfig.getIdAllocator().createId("sctId-", sct));
             
             // Lifetime
             Date created = new Date();

http://git-wip-us.apache.org/repos/asf/cxf/blob/d68f140c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
index 7a74b35..1b7cfb6 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
@@ -29,7 +29,6 @@ import java.util.Date;
 import java.util.Properties;
 
 import org.w3c.dom.Element;
-
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.staxutils.StaxUtils;
@@ -37,6 +36,7 @@ import org.apache.cxf.staxutils.W3CDOMStreamWriter;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.message.token.Reference;
+import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 
 
@@ -161,17 +161,12 @@ public class SecurityToken implements Serializable {
     }
     
     public SecurityToken(String id) {
-        this.id = id;
-        if (this.id != null && this.id.length() > 0 && this.id.charAt(0)
== '#') {
-            this.id = this.id.substring(1);
-        }
+        this.id = WSSecurityUtil.getIDFromReference(id);
     }
 
     public SecurityToken(String id, Date created, Date expires) {
-        this.id = id;
-        if (this.id != null && this.id.length() > 0 && this.id.charAt(0)
== '#') {
-            this.id = this.id.substring(1);
-        }
+        this.id = WSSecurityUtil.getIDFromReference(id);
+        
         if (created != null) {
             this.created = new Date(created.getTime());
         }
@@ -184,10 +179,8 @@ public class SecurityToken implements Serializable {
                  Element tokenElem,
                  Date created,
                  Date expires) {
-        this.id = id;
-        if (this.id != null && this.id.length() > 0 && this.id.charAt(0)
== '#') {
-            this.id = this.id.substring(1);
-        }
+        this.id = WSSecurityUtil.getIDFromReference(id);
+        
         this.token = cloneElement(tokenElem);
         if (created != null) {
             this.created = new Date(created.getTime());
@@ -200,10 +193,8 @@ public class SecurityToken implements Serializable {
     public SecurityToken(String id,
                  Element tokenElem,
                  Element lifetimeElem) {
-        this.id = id;
-        if (this.id != null && this.id.length() > 0 && this.id.charAt(0)
== '#') {
-            this.id = this.id.substring(1);
-        }
+        this.id = WSSecurityUtil.getIDFromReference(id);
+        
         this.token = cloneElement(tokenElem);
         if (lifetimeElem != null) {
             processLifeTime(lifetimeElem);
@@ -293,10 +284,7 @@ public class SecurityToken implements Serializable {
      * Set the id
      */
     public void setId(String id) {
-        this.id = id;
-        if (this.id != null && this.id.length() > 0 && this.id.charAt(0)
== '#') {
-            this.id = this.id.substring(1);
-        }
+        this.id = WSSecurityUtil.getIDFromReference(id);
     }
     
     /**

http://git-wip-us.apache.org/repos/asf/cxf/blob/d68f140c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 6e62d0a..69a6e88 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -445,10 +445,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 secToken.setToken(clone);
                 addSupportingElement(clone);
                 
-                String id = secToken.getId();
-                if (id != null && id.charAt(0) == '#') {
-                    id = id.substring(1);
-                }
+                String id = WSSecurityUtil.getIDFromReference(secToken.getId());
+
                 if (suppTokens.isEncryptedToken()) {
                     WSEncryptionPart part = new WSEncryptionPart(id, "Element");
                     part.setElement(clone);
@@ -661,10 +659,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                     part.setId(secRef.getID());
                     part.setElement(clone);
                 } else {
-                    String id = token.getId();
-                    if (id != null && id.charAt(0) == '#') {
-                        id = id.substring(1);
-                    }
+                    String id = WSSecurityUtil.getIDFromReference(token.getId());
+
                     part = new WSEncryptionPart(id);
                     part.setElement(token.getToken());
                 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/d68f140c/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
index 37fb985..5e85234 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
@@ -84,6 +84,7 @@ import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.message.WSSecEncrypt;
 import org.apache.wss4j.dom.message.WSSecEncryptedKey;
+import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -213,10 +214,7 @@ public abstract class AbstractOperation {
         }
         
         if (tokenReference.isUseKeyIdentifier()) {
-            String identifier = tokenReference.getIdentifier();
-            if (identifier.charAt(0) == '#') {
-                identifier = identifier.substring(1);
-            }
+            String identifier = WSSecurityUtil.getIDFromReference(tokenReference.getIdentifier());
             
             KeyIdentifierType keyIdentifierType = 
                 QNameConstants.WSSE_FACTORY.createKeyIdentifierType();

http://git-wip-us.apache.org/repos/asf/cxf/blob/d68f140c/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
index 0e8d361..a1a2a26 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
@@ -85,6 +85,7 @@ import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 import org.apache.wss4j.dom.processor.EncryptedKeyProcessor;
+import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.xml.security.utils.Constants;
 
 /**
@@ -738,9 +739,8 @@ public class RequestParser {
         }
    
         // Find processed token corresponding to the URI
-        if (referenceURI.charAt(0) == '#') {
-            referenceURI = referenceURI.substring(1);
-        }
+        referenceURI = WSSecurityUtil.getIDFromReference(referenceURI);
+
         MessageContext messageContext = wsContext.getMessageContext();
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>) messageContext.get(WSHandlerConstants.RECV_RESULTS));

http://git-wip-us.apache.org/repos/asf/cxf/blob/d68f140c/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
index 7c5d1b4..a25e2e0 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
@@ -35,6 +35,7 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.trust.STSUtils;
 import org.apache.wss4j.common.derivedKey.ConversationConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 
 /**
@@ -118,6 +119,8 @@ public class SCTProvider implements TokenProvider {
             Document doc = DOMUtils.createDocument();
             SecurityContextToken sct =
                 new SecurityContextToken(getWSCVersion(tokenRequirements.getTokenType()),
doc);
+            WSSConfig wssConfig = WSSConfig.getNewInstance();
+            sct.setID(wssConfig.getIdAllocator().createId("sctId-", sct));
     
             TokenProviderResponse response = new TokenProviderResponse();
             response.setToken(sct.getElement());


Mime
View raw message