cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/3] cxf git commit: Splitting STSProperties into a separate file
Date Thu, 04 Aug 2016 17:03:59 GMT
Repository: cxf
Updated Branches:
  refs/heads/master fdea67f0b -> 4d76ebba4


Splitting STSProperties into a separate file


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4d76ebba
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4d76ebba
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4d76ebba

Branch: refs/heads/master
Commit: 4d76ebba427b0c7e1b3a014fd7c1cf7ff92c8138
Parents: a392864
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Aug 4 16:11:39 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Aug 4 18:03:54 2016 +0100

----------------------------------------------------------------------
 .../sts/token/validator/SAMLTokenValidator.java |  8 +++-
 .../cxf/systest/sts/deployment/cxf-x509.xml     |  2 +-
 .../systest/sts/deployment/stax-cxf-x509.xml    |  2 +-
 .../cxf/systest/sts/deployment/sts/cxf-sts.xml  | 46 +++-----------------
 .../cxf/systest/sts/deployment/sts/realms.xml   | 17 ++++++++
 .../sts/deployment/sts/sts-properties.xml       | 45 +++++++++++++++++++
 6 files changed, 75 insertions(+), 45 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4d76ebba/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
index 7ac6650..59edca2 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
@@ -231,8 +231,12 @@ public class SAMLTokenValidator implements TokenValidator {
            
             // Get the realm of the SAML token
             String tokenRealm = null;
-            if (samlRealmCodec != null) {
-                tokenRealm = samlRealmCodec.getRealmFromToken(assertion);
+            SAMLRealmCodec codec = samlRealmCodec;
+            if (codec == null) {
+                codec = stsProperties.getSamlRealmCodec();
+            }
+            if (codec != null) {
+                tokenRealm = codec.getRealmFromToken(assertion);
                 // verify the realm against the cached token
                 if (secToken != null) {
                     Map<String, Object> props = secToken.getProperties();

http://git-wip-us.apache.org/repos/asf/cxf/blob/4d76ebba/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-x509.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-x509.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-x509.xml
index bf00fdb..2790c80 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-x509.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-x509.xml
@@ -29,7 +29,7 @@
     
     <!-- Override UsernameTokenValidator -->
     <util:list id="tokenValidators">
-        <ref bean="samlTokenValidator"/>
+        <bean class="org.apache.cxf.sts.token.validator.SAMLTokenValidator" />
         <bean class="org.apache.cxf.systest.sts.username_onbehalfof.UsernameTokenValidator"/>
     </util:list>
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/4d76ebba/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml
index b38e515..26fe7a8 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml
@@ -29,7 +29,7 @@
     
     <!-- Override UsernameTokenValidator -->
     <util:list id="tokenValidators">
-        <ref bean="samlTokenValidator"/>
+        <bean class="org.apache.cxf.sts.token.validator.SAMLTokenValidator" />
         <bean class="org.apache.cxf.systest.sts.username_onbehalfof.UsernameTokenValidator"/>
     </util:list>
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/4d76ebba/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/cxf-sts.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/cxf-sts.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/cxf-sts.xml
index 7c54d26..cb737f9 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/cxf-sts.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/cxf-sts.xml
@@ -26,13 +26,11 @@
     </cxf:bus>
     
     <import resource="realms.xml" />
-    
-    <bean id="hokDelegationHandler" class="org.apache.cxf.sts.token.delegation.HOKDelegationHandler"/>
-    <bean id="utDelegationHandler" class="org.apache.cxf.sts.token.delegation.UsernameTokenDelegationHandler"/>
+    <import resource="sts-properties.xml" />
     
     <util:list id="delegationHandlers">
-        <ref bean="hokDelegationHandler"/>
-        <ref bean="utDelegationHandler"/>
+        <bean class="org.apache.cxf.sts.token.delegation.HOKDelegationHandler" />
+        <bean class="org.apache.cxf.sts.token.delegation.UsernameTokenDelegationHandler"
/>
     </util:list>
     
     <bean id="issueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
@@ -47,18 +45,13 @@
         <property name="tokenValidators" ref="tokenValidators"/>
         <property name="stsProperties" ref="stsProperties"/>
     </bean>
-    <bean id="utTokenValidator" class="org.apache.cxf.sts.token.validator.UsernameTokenValidator">
-    </bean>
     <util:list id="tokenValidators">
-        <ref bean="samlTokenValidator"/>
-        <ref bean="utTokenValidator"/>
+        <bean class="org.apache.cxf.sts.token.validator.SAMLTokenValidator" />
+        <bean class="org.apache.cxf.sts.token.validator.UsernameTokenValidator" />
     </util:list>
     <util:list id="tokenProviders">
         <ref bean="samlTokenProvider"/>
     </util:list>
-    <bean id="samlTokenValidator" class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
-        <property name="samlRealmCodec" ref="samlRealmCodec"/>
-    </bean>
     <bean id="samlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
         <property name="realmMap" ref="realms"/>
     </bean>
@@ -72,35 +65,6 @@
     <util:list id="endpoints">
         <value>http(s)?://localhost:(\d)*/doubleit/services/doubleit.*</value>
     </util:list>
-    <bean id="samlRealmCodec" class="org.apache.cxf.systest.sts.common.SAMLRealmCNCodec"/>
-    <bean id="customRealmParser" class="org.apache.cxf.systest.sts.common.UriRealmParser"/>
-    <bean id="identityMapper" class="org.apache.cxf.systest.sts.common.CustomIdentityMapper"/>
-    <util:list id="relationships">
-        <bean class="org.apache.cxf.sts.token.realm.Relationship">
-            <property name="sourceRealm" value="a-issuer"/>
-            <property name="targetRealm" value="b-issuer"/>
-            <property name="identityMapper" ref="identityMapper"/>
-            <property name="type" value="FederatedIdentity"/>
-        </bean>
-    </util:list>
-    
-    <bean id="encProperties" class="org.apache.cxf.sts.service.EncryptionProperties">
-        <property name="encryptionAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
-        <property name="keyWrapAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
-    </bean>
-    
-    <bean id="stsProperties" class="org.apache.cxf.sts.StaticSTSProperties">
-        <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
-        <property name="signatureUsername" value="mystskey"/>
-        <property name="callbackHandlerClass" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
-        <property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
-        <property name="issuer" value="DoubleItSTSIssuer"/>
-        <property name="encryptionUsername" value="myservicekey"/>
-        <property name="encryptionProperties" ref="encProperties"/>
-        <property name="realmParser" ref="customRealmParser"/>
-        <property name="relationships" ref="relationships"/>
-        <property name="samlRealmCodec" ref="samlRealmCodec"/>
-    </bean>
     
     <bean id="claimsManager" class="org.apache.cxf.sts.claims.ClaimsManager">
         <property name="claimHandlers" ref="customClaimsHandler"/>

http://git-wip-us.apache.org/repos/asf/cxf/blob/4d76ebba/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/realms.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/realms.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/realms.xml
index 4aee41d..9fb8462 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/realms.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/realms.xml
@@ -18,16 +18,33 @@
   under the License.
 -->
 <beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core"
xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:test="http://apache.org/hello_world_soap_http"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="         http://cxf.apache.org/core         http://cxf.apache.org/schemas/core.xsd
        http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://cxf.apache.org/jaxws                                              http://cxf.apache.org/schemas/jaxws.xsd
        http://cxf.apache.org/configuration/security         http://cxf.apache.org/schemas/configuration/security.xsd
        http://cxf.apache.org/transports/http-jetty/configuration         http://cxf.apache.org/sc
 hemas/configuration/http-jetty.xsd         http://www.springframework.org/schema/util   
     http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    
+    <!-- Realms -->
     <bean id="realmA" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="a-issuer"/>
         <property name="name" value="a-issuer"/>
     </bean>
+    
     <bean id="realmB" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="b-issuer"/>
         <property name="name" value="b-issuer"/>
     </bean>
+    
     <util:map id="realms">
         <entry key="#{realmA.getName()}" value-ref="realmA"/>
         <entry key="#{realmB.getName()}" value-ref="realmB"/>
     </util:map>
+    
+    <!-- Relationships between realms -->
+    <bean id="identityMapper" class="org.apache.cxf.systest.sts.common.CustomIdentityMapper"/>
+    
+    <util:list id="relationships">
+        <bean class="org.apache.cxf.sts.token.realm.Relationship">
+            <property name="sourceRealm" value="a-issuer"/>
+            <property name="targetRealm" value="b-issuer"/>
+            <property name="identityMapper" ref="identityMapper"/>
+            <property name="type" value="FederatedIdentity"/>
+        </bean>
+    </util:list>
+    
 </beans>

http://git-wip-us.apache.org/repos/asf/cxf/blob/4d76ebba/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/sts-properties.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/sts-properties.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/sts-properties.xml
new file mode 100644
index 0000000..648446f
--- /dev/null
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/sts/sts-properties.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core"
xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:test="http://apache.org/hello_world_soap_http"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="         http://cxf.apache.org/core         http://cxf.apache.org/schemas/core.xsd
        http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://cxf.apache.org/jaxws                                              http://cxf.apache.org/schemas/jaxws.xsd
        http://cxf.apache.org/configuration/security         http://cxf.apache.org/schemas/configuration/security.xsd
        http://cxf.apache.org/transports/http-jetty/configuration         http://cxf.apache.org/sc
 hemas/configuration/http-jetty.xsd         http://www.springframework.org/schema/util   
     http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    
+    <import resource="realms.xml" />
+    
+    <bean id="encProperties" class="org.apache.cxf.sts.service.EncryptionProperties">
+        <property name="encryptionAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+        <property name="keyWrapAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </bean>
+    
+    <bean id="samlRealmCodec" class="org.apache.cxf.systest.sts.common.SAMLRealmCNCodec"/>
+    <bean id="customRealmParser" class="org.apache.cxf.systest.sts.common.UriRealmParser"/>
+    
+    <bean id="stsProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+        <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+        <property name="signatureUsername" value="mystskey"/>
+        <property name="callbackHandlerClass" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+        <property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+        <property name="issuer" value="DoubleItSTSIssuer"/>
+        <property name="encryptionUsername" value="myservicekey"/>
+        <property name="encryptionProperties" ref="encProperties"/>
+        <property name="realmParser" ref="customRealmParser"/>
+        <property name="relationships" ref="relationships"/>
+        <property name="samlRealmCodec" ref="samlRealmCodec"/>
+    </bean>
+    
+</beans>


Mime
View raw message