cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Removing WSS4J dependency from a CallbackHandler call in rt-security
Date Mon, 13 Apr 2015 10:16:27 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 7a17ee621 -> 71e9ada9b


Removing WSS4J dependency from a CallbackHandler call in rt-security


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/71e9ada9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/71e9ada9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/71e9ada9

Branch: refs/heads/master
Commit: 71e9ada9b119ad8d960b9be15bc5689d718273ef
Parents: 7a17ee6
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Apr 13 11:15:48 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Apr 13 11:15:48 2015 +0100

----------------------------------------------------------------------
 .../security/saml/sso/AbstractSSOSpHandler.java |  2 +-
 .../cxf/rs/security/common/SecurityUtils.java   |  6 +++++-
 .../cxf/rt/security/utils/SecurityUtils.java    | 12 ++++-------
 .../cxf/ws/security/kerberos/KerberosUtils.java | 14 ++++++++-----
 .../SpnegoContextTokenOutInterceptor.java       |  3 +--
 .../wss4j/AbstractTokenInterceptor.java         |  3 +--
 .../wss4j/AbstractWSS4JStaxInterceptor.java     |  7 ++++++-
 .../wss4j/BinarySecurityTokenInterceptor.java   |  6 +++++-
 .../ws/security/wss4j/SamlTokenInterceptor.java |  6 +++++-
 .../wss4j/UsernameTokenInterceptor.java         |  6 +++++-
 .../ws/security/wss4j/WSS4JInInterceptor.java   |  7 ++++++-
 .../policyhandlers/AbstractBindingBuilder.java  | 21 +++++++++++---------
 .../AbstractStaxBindingHandler.java             | 14 ++++++++-----
 .../org/apache/cxf/sts/StaticSTSProperties.java |  2 +-
 .../apache/cxf/sts/token/realm/SAMLRealm.java   |  2 +-
 .../crypto/provider/CryptoProviderUtils.java    |  3 +--
 16 files changed, 72 insertions(+), 42 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
index d9d4572..6c02ed3 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
@@ -177,7 +177,7 @@ public class AbstractSSOSpHandler {
                     LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
                     return null;
                 }
-            } catch (WSSecurityException ex) {
+            } catch (Exception ex) {
                 LOG.log(Level.FINE, "Error in loading callback handler", ex);
                 return null;
             }

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
index bc9849f..06b3462 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
@@ -153,7 +153,11 @@ public final class SecurityUtils {
         //Then try to get the password from the given callback handler
         Object o = message.getContextualProperty(callbackProperty);
     
-        return org.apache.cxf.rt.security.utils.SecurityUtils.getCallbackHandler(o);
+        try {
+            return org.apache.cxf.rt.security.utils.SecurityUtils.getCallbackHandler(o);
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+        }
     }
  
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
b/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
index 1f918f7..d86f115 100644
--- a/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
+++ b/rt/security/src/main/java/org/apache/cxf/rt/security/utils/SecurityUtils.java
@@ -35,7 +35,6 @@ import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.resource.ResourceManager;
-import org.apache.wss4j.common.ext.WSSecurityException;
 
 /**
  * Some common functionality
@@ -48,17 +47,14 @@ public final class SecurityUtils {
         // complete
     }
 
-    public static CallbackHandler getCallbackHandler(Object o) throws WSSecurityException
{
+    public static CallbackHandler getCallbackHandler(Object o) throws InstantiationException,

+    IllegalAccessException, ClassNotFoundException {
         CallbackHandler handler = null;
         if (o instanceof CallbackHandler) {
             handler = (CallbackHandler)o;
         } else if (o instanceof String) {
-            try {
-                handler = (CallbackHandler)ClassLoaderUtils.loadClass((String)o, 
-                                                                      SecurityUtils.class).newInstance();
-            } catch (Exception e) {
-                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
-            }
+            handler = (CallbackHandler)ClassLoaderUtils.loadClass((String)o, 
+                                                                  SecurityUtils.class).newInstance();
         }
         return handler;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
index 62c4dd3..f5e9c28 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
@@ -46,10 +46,15 @@ public final class KerberosUtils {
                 (String)message.getContextualProperty(SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME);
             String kerberosSpn = 
                 (String)message.getContextualProperty(SecurityConstants.KERBEROS_SPN);
-            CallbackHandler callbackHandler = 
-                SecurityUtils.getCallbackHandler(
-                    message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER)
-                );
+            try {
+                CallbackHandler callbackHandler = 
+                    SecurityUtils.getCallbackHandler(
+                        message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER)
+                    );
+                client.setCallbackHandler(callbackHandler);
+            } catch (Exception ex) {
+                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+            }
             boolean useCredentialDelegation = 
                 MessageUtils.getContextualBoolean(message, 
                                               SecurityConstants.KERBEROS_USE_CREDENTIAL_DELEGATION,

@@ -67,7 +72,6 @@ public final class KerberosUtils {
             
             client.setContextName(jaasContext);
             client.setServiceName(kerberosSpn);
-            client.setCallbackHandler(callbackHandler);
             client.setUseDelegatedCredential(useCredentialDelegation);
             client.setUsernameServiceNameForm(isInServiceNameForm);
             client.setRequestCredentialDelegation(requestCredentialDelegation);

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
index 48cf22c..a2608b1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
@@ -38,7 +38,6 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
 import org.apache.cxf.ws.security.trust.STSClient;
 import org.apache.cxf.ws.security.trust.STSUtils;
-import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.spnego.SpnegoClientAction;
 import org.apache.wss4j.common.spnego.SpnegoTokenContext;
 import org.apache.wss4j.policy.SPConstants;
@@ -117,7 +116,7 @@ class SpnegoContextTokenOutInterceptor extends AbstractPhaseInterceptor<SoapMess
                 );
             
             spnegoToken.retrieveServiceTicket(jaasContext, callbackHandler, kerberosSpn);
-        } catch (WSSecurityException e) {
+        } catch (Exception e) {
             throw new Fault(e);
         }
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
index 258d043..5bd393a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
@@ -51,7 +51,6 @@ import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.PolicyUtils;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
-import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AbstractToken;
@@ -184,7 +183,7 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor
{
                 policyNotAsserted(info, "No callback handler and no password available",
message);
                 return null;
             }
-        } catch (WSSecurityException ex) {
+        } catch (Exception ex) {
             policyNotAsserted(info, "No callback handler and no password available", message);
             return null;
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
index 27737f8..bed078f 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
@@ -193,7 +193,12 @@ public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
         SoapMessage soapMessage, WSSSecurityProperties securityProperties
     ) throws WSSecurityException {
         Object o = soapMessage.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
-        CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(o);
+        CallbackHandler callbackHandler = null;
+        try {
+            callbackHandler = SecurityUtils.getCallbackHandler(o);
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+        }
             
         if (callbackHandler != null) {
             EndpointInfo info = soapMessage.getExchange().get(Endpoint.class).getEndpointInfo();

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
index b28cddc..e57780a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
@@ -105,7 +105,11 @@ public class BinarySecurityTokenInterceptor extends AbstractTokenInterceptor
{
         WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument());
         RequestData data = new CXFRequestData();
         Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
-        data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+        try {
+            data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+        }
         data.setMsgContext(message);
         data.setWssConfig(WSSConfig.getNewInstance());
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index d00288f..526e96d 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -173,7 +173,11 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
         
         RequestData data = new CXFRequestData();
         Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
-        data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+        try {
+            data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+        }
         data.setMsgContext(message);
         data.setWssConfig(WSSConfig.getNewInstance());
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
index d3a5f36..e7eb8e1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
@@ -199,7 +199,11 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor
{
         
         RequestData data = new CXFRequestData();
         Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
-        data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+        try {
+            data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+        }
         data.setMsgContext(message);
 
         // Configure replay caching

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 35a2ac8..af43f97 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -659,7 +659,12 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor {
     protected CallbackHandler getCallback(RequestData reqData) throws WSSecurityException
{
         Object o = ((SoapMessage)reqData.getMsgContext())
             .getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
-        CallbackHandler cbHandler = SecurityUtils.getCallbackHandler(o);
+        CallbackHandler cbHandler = null;
+        try {
+            cbHandler = SecurityUtils.getCallbackHandler(o);
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+        }
         
         if (cbHandler == null) {
             try {

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 9cb41fd..3a2e995 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -832,12 +832,6 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
             }
         }
         
-        CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
-        if (handler == null) {
-            unassertPolicy(token, "No SAML CallbackHandler available");
-            return null;
-        }
-        
         SAMLCallback samlCallback = new SAMLCallback();
         SamlTokenType tokenType = token.getSamlTokenType();
         if (tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11)
{
@@ -845,7 +839,16 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         } else if (tokenType == SamlTokenType.WssSamlV20Token11) {
             samlCallback.setSamlVersion(Version.SAML_20);
         }
-        SAMLUtil.doSAMLCallback(handler, samlCallback);
+        try {
+            CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
+            if (handler == null) {
+                unassertPolicy(token, "No SAML CallbackHandler available");
+                return null;
+            }
+            SAMLUtil.doSAMLCallback(handler, samlCallback);
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+        }
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         
         if (samlCallback.isSignAssertion()) {
@@ -923,7 +926,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 unassertPolicy(info, "No callback handler and no password available");
                 return null;
             }
-        } catch (WSSecurityException ex) {
+        } catch (Exception ex) {
             unassertPolicy(info, "No callback handler and no password available");
             return null;
         }
@@ -1486,7 +1489,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
             if (callbackHandler != null) {
                 return new JasyptPasswordEncryptor(callbackHandler);
             }
-        } catch (WSSecurityException ex) {
+        } catch (Exception ex) {
             return null;
         }
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
index efdf187..1c4d3c2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
@@ -286,12 +286,16 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
         // Get the SAML CallbackHandler
         //
         Object o = message.getContextualProperty(SecurityConstants.SAML_CALLBACK_HANDLER);
-        CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
-        if (handler == null) {
-            unassertPolicy(token, "No SAML CallbackHandler available");
-            return null;
+        try {
+            CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
+            if (handler == null) {
+                unassertPolicy(token, "No SAML CallbackHandler available");
+                return null;
+            }
+            properties.setSamlCallbackHandler(handler);
+        } catch (Exception ex) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
         }
-        properties.setSamlCallbackHandler(handler);
         
         // Action
         WSSConstants.Action actionToPerform = WSSConstants.SAML_TOKEN_UNSIGNED;

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
index fa92bad..3dfbe54 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/StaticSTSProperties.java
@@ -109,7 +109,7 @@ public class StaticSTSProperties implements STSPropertiesMBean {
                     LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
                     throw new STSException("Configuration error: cannot load callback handler");
                 }
-            } catch (WSSecurityException ex) {
+            } catch (Exception ex) {
                 LOG.fine("Error in loading the callback handler: " + ex.getMessage());
                 throw new STSException(ex.getMessage());
             }

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
index 01aaf6f..881a19f 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
@@ -168,7 +168,7 @@ public class SAMLRealm {
                     LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
                     throw new STSException("Configuration error: cannot load callback handler");
                 }
-            } catch (WSSecurityException ex) {
+            } catch (Exception ex) {
                 LOG.fine("Error in loading the callback handler object: " + ex.getMessage());
                 throw new STSException(ex.getMessage());
             }

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e9ada9/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
----------------------------------------------------------------------
diff --git a/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
b/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
index 1d55a25..6d46d08 100644
--- a/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
+++ b/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/CryptoProviderUtils.java
@@ -28,7 +28,6 @@ import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.xkms.crypto.CryptoProviderException;
 import org.apache.wss4j.common.crypto.Merlin;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
-import org.apache.wss4j.common.ext.WSSecurityException;
 
 final class CryptoProviderUtils {
 
@@ -68,7 +67,7 @@ final class CryptoProviderUtils {
             }
     
             return getCallbackPwd(userName, usage, handler);
-        } catch (WSSecurityException ex) {
+        } catch (Exception ex) {
             throw new CryptoProviderException("No callback handler and no password available",
ex);
         }
     }


Mime
View raw message