cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [3/3] cxf git commit: Make it possible to use a PasswordEncryptor with the SamlTokenInterceptor
Date Mon, 02 Nov 2015 17:50:09 GMT
Make it possible to use a PasswordEncryptor with the SamlTokenInterceptor


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fcd965ed
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fcd965ed
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fcd965ed

Branch: refs/heads/master
Commit: fcd965edc2f1bccf7017deef5e2a4f538a187a5c
Parents: 9bb3584
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Nov 2 15:30:21 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Nov 2 17:50:01 2015 +0000

----------------------------------------------------------------------
 .../ws/security/trust/AbstractSTSClient.java    |  4 ++-
 .../ws/security/wss4j/SamlTokenInterceptor.java |  4 ++-
 .../cxf/ws/security/wss4j/WSS4JUtils.java       | 27 ++++++++++++++++++++
 .../policyhandlers/AbstractBindingBuilder.java  | 26 +------------------
 4 files changed, 34 insertions(+), 27 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/fcd965ed/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 92fc862..0784b61 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -114,6 +114,7 @@ import org.apache.neethi.PolicyRegistry;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.CryptoType;
+import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.derivedKey.P_SHA1;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.token.Reference;
@@ -1611,7 +1612,8 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         Properties properties = WSS4JUtils.getProps(o, propsURL);
         
         if (properties != null) {
-            return CryptoFactory.getInstance(properties);
+            PasswordEncryptor passwordEncryptor = WSS4JUtils.getPasswordEncryptor(message);
+            return CryptoFactory.getInstance(properties, this.getClass().getClassLoader(),
passwordEncryptor);
         }
         if (decrypt) {
             return createCrypto(false);

http://git-wip-us.apache.org/repos/asf/cxf/blob/fcd965ed/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index 7efbbe1..f6ff3f5 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -48,6 +48,7 @@ import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.PolicyUtils;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SAMLCallback;
@@ -317,7 +318,8 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
         Properties properties = WSS4JUtils.getProps(o, propsURL);
 
         if (properties != null) {
-            crypto = CryptoFactory.getInstance(properties);
+            PasswordEncryptor passwordEncryptor = WSS4JUtils.getPasswordEncryptor(message);
+            crypto = CryptoFactory.getInstance(properties, this.getClass().getClassLoader(),
passwordEncryptor);
         }
         return crypto;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/fcd965ed/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
index 1eb1142..b3f3dd4 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
@@ -30,6 +30,7 @@ import java.util.Properties;
 import java.util.logging.Logger;
 
 import javax.crypto.SecretKey;
+import javax.security.auth.callback.CallbackHandler;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.binding.soap.SoapFault;
@@ -49,6 +50,7 @@ import org.apache.wss4j.common.cache.ReplayCache;
 import org.apache.wss4j.common.cache.ReplayCacheFactory;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.crypto.JasyptPasswordEncryptor;
 import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.Loader;
@@ -241,6 +243,31 @@ public final class WSS4JUtils {
         return properties;
     }
     
+    public static PasswordEncryptor getPasswordEncryptor(Message message) {
+        if (message == null) {
+            return null;
+        }
+        PasswordEncryptor passwordEncryptor = 
+            (PasswordEncryptor)message.getContextualProperty(
+                SecurityConstants.PASSWORD_ENCRYPTOR_INSTANCE
+            );
+        if (passwordEncryptor != null) {
+            return passwordEncryptor;
+        }
+        
+        Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER,
message);
+        try {
+            CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(o);
+            if (callbackHandler != null) {
+                return new JasyptPasswordEncryptor(callbackHandler);
+            }
+        } catch (Exception ex) {
+            return null;
+        }
+        
+        return null;
+    }
+    
     public static Crypto loadCryptoFromPropertiesFile(
         Message message,
         String propFilename, 

http://git-wip-us.apache.org/repos/asf/cxf/blob/fcd965ed/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index d6ff7f0..28d3e08 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -81,8 +81,6 @@ import org.apache.wss4j.common.bsp.BSPEnforcer;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.CryptoType;
-import org.apache.wss4j.common.crypto.JasyptPasswordEncryptor;
-import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.derivedKey.ConversationConstants;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
@@ -1523,34 +1521,12 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         if (properties != null) {
             crypto = CryptoFactory.getInstance(properties, 
                                                Loader.getClassLoader(CryptoFactory.class),
-                                               getPasswordEncryptor());
+                                               WSS4JUtils.getPasswordEncryptor(message));
             getCryptoCache().put(o, crypto);
         }
         return crypto;
     }
     
-    protected PasswordEncryptor getPasswordEncryptor() {
-        PasswordEncryptor passwordEncryptor = 
-            (PasswordEncryptor)message.getContextualProperty(
-                SecurityConstants.PASSWORD_ENCRYPTOR_INSTANCE
-            );
-        if (passwordEncryptor != null) {
-            return passwordEncryptor;
-        }
-        
-        Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER,
message);
-        try {
-            CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(o);
-            if (callbackHandler != null) {
-                return new JasyptPasswordEncryptor(callbackHandler);
-            }
-        } catch (Exception ex) {
-            return null;
-        }
-        
-        return null;
-    }
-    
     public void setKeyIdentifierType(WSSecBase secBase, AbstractToken token) {
         boolean tokenTypeSet = false;
         


Mime
View raw message