cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/8] cxf git commit: Make it possible to use a PasswordEncryptor with the SamlTokenInterceptor
Date Mon, 02 Nov 2015 18:34:33 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 5d4a4bc21 -> 509341667


Make it possible to use a PasswordEncryptor with the SamlTokenInterceptor

Conflicts:
	rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
	rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4b4e6396
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4b4e6396
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4b4e6396

Branch: refs/heads/3.0.x-fixes
Commit: 4b4e63961a06b8b0bdbc03c042536b1890cb4eca
Parents: 5d4a4bc
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Nov 2 15:30:21 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Nov 2 17:51:32 2015 +0000

----------------------------------------------------------------------
 .../ws/security/trust/AbstractSTSClient.java    |  4 ++-
 .../ws/security/wss4j/SamlTokenInterceptor.java |  4 ++-
 .../cxf/ws/security/wss4j/WSS4JUtils.java       | 27 ++++++++++++++++++++
 .../policyhandlers/AbstractBindingBuilder.java  |  7 ++---
 4 files changed, 37 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4b4e6396/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 02695eb..a254c27 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -114,6 +114,7 @@ import org.apache.neethi.PolicyRegistry;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.CryptoType;
+import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.derivedKey.P_SHA1;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
@@ -1597,7 +1598,8 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         Properties properties = WSS4JUtils.getProps(o, propsURL);
         
         if (properties != null) {
-            return CryptoFactory.getInstance(properties);
+            PasswordEncryptor passwordEncryptor = WSS4JUtils.getPasswordEncryptor(message);
+            return CryptoFactory.getInstance(properties, this.getClass().getClassLoader(),
passwordEncryptor);
         }
         if (decrypt) {
             return createCrypto(false);

http://git-wip-us.apache.org/repos/asf/cxf/blob/4b4e6396/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index 0c39dbf..25f4881 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -46,6 +46,7 @@ import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SAMLCallback;
@@ -334,7 +335,8 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
         Properties properties = WSS4JUtils.getProps(o, propsURL);
 
         if (properties != null) {
-            crypto = CryptoFactory.getInstance(properties);
+            PasswordEncryptor passwordEncryptor = WSS4JUtils.getPasswordEncryptor(message);
+            crypto = CryptoFactory.getInstance(properties, this.getClass().getClassLoader(),
passwordEncryptor);
         }
         return crypto;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/4b4e6396/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
index 5ff2500..5f81cf0 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
@@ -28,6 +28,7 @@ import java.util.List;
 import java.util.Properties;
 
 import javax.crypto.SecretKey;
+import javax.security.auth.callback.CallbackHandler;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.binding.soap.SoapFault;
@@ -49,6 +50,7 @@ import org.apache.wss4j.common.cache.ReplayCache;
 import org.apache.wss4j.common.cache.ReplayCacheFactory;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.crypto.JasyptPasswordEncryptor;
 import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
@@ -298,6 +300,7 @@ public final class WSS4JUtils {
         return properties;
     }
     
+<<<<<<< HEAD
     public static URL getPropertiesFileURL(
         Object o, ResourceManager manager, Class<?> callingClass
     ) {
@@ -328,6 +331,30 @@ public final class WSS4JUtils {
         } else if (o instanceof URL) {
             return (URL)o;        
         }
+=======
+    public static PasswordEncryptor getPasswordEncryptor(Message message) {
+        if (message == null) {
+            return null;
+        }
+        PasswordEncryptor passwordEncryptor = 
+            (PasswordEncryptor)message.getContextualProperty(
+                SecurityConstants.PASSWORD_ENCRYPTOR_INSTANCE
+            );
+        if (passwordEncryptor != null) {
+            return passwordEncryptor;
+        }
+        
+        Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER,
message);
+        try {
+            CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(o);
+            if (callbackHandler != null) {
+                return new JasyptPasswordEncryptor(callbackHandler);
+            }
+        } catch (Exception ex) {
+            return null;
+        }
+        
+>>>>>>> fcd965e... Make it possible to use a PasswordEncryptor with
the SamlTokenInterceptor
         return null;
     }
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/4b4e6396/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index c46515e..5837174 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -79,8 +79,6 @@ import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.CryptoType;
-import org.apache.wss4j.common.crypto.JasyptPasswordEncryptor;
-import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.derivedKey.ConversationConstants;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
@@ -1522,12 +1520,13 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         if (properties != null) {
             crypto = CryptoFactory.getInstance(properties, 
                                                Loader.getClassLoader(CryptoFactory.class),
-                                               getPasswordEncryptor());
+                                               WSS4JUtils.getPasswordEncryptor(message));
             getCryptoCache().put(o, crypto);
         }
         return crypto;
     }
     
+<<<<<<< HEAD
     protected PasswordEncryptor getPasswordEncryptor() {
         PasswordEncryptor passwordEncryptor = 
             (PasswordEncryptor)message.getContextualProperty(
@@ -1545,6 +1544,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         return null;
     }
     
+=======
+>>>>>>> fcd965e... Make it possible to use a PasswordEncryptor with
the SamlTokenInterceptor
     public void setKeyIdentifierType(WSSecBase secBase, AbstractToken token) {
         boolean tokenTypeSet = false;
         


Mime
View raw message