ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1144242 - in /webservices/wss4j/trunk/src: main/java/org/apache/ws/security/saml/ext/bean/ main/java/org/apache/ws/security/saml/ext/builder/ test/java/org/apache/ws/security/common/ test/java/org/apache/ws/security/saml/
Date Fri, 08 Jul 2011 10:33:32 GMT
Author: coheigea
Date: Fri Jul  8 10:33:31 2011
New Revision: 1144242

URL: http://svn.apache.org/viewvc?rev=1144242&view=rev
Log:
[WSS-297] - Subject Bean is missing NameID Format variable
 - Applied patch after some modifications
 - Added some tests for this feature.

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML1CallbackHandler.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML2CallbackHandler.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java?rev=1144242&r1=1144241&r2=1144242&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java
Fri Jul  8 10:33:31 2011
@@ -19,6 +19,8 @@
 
 package org.apache.ws.security.saml.ext.bean;
 
+import org.apache.ws.security.saml.ext.builder.SAML1Constants;
+
 /**
  * Class SubjectBean represents a SAML subject (can be used to create
  * both SAML v1.1 and v2.0 statements)
@@ -27,6 +29,7 @@ package org.apache.ws.security.saml.ext.
  */
 public class SubjectBean {
     private String subjectName;
+    private String subjectNameIDFormat = SAML1Constants.NAMEID_FORMAT_UNSPECIFIED;
     private String subjectNameQualifier;
     private String subjectConfirmationMethod;
     private KeyInfoBean keyInfo;
@@ -53,6 +56,24 @@ public class SubjectBean {
         this.subjectNameQualifier = subjectNameQualifier;
         this.subjectConfirmationMethod = subjectConfirmationMethod;
     }
+    
+    /**
+     * Constructor SubjectBean creates a new SubjectBean instance.
+     *
+     * @param subjectName of type String
+     * @param subjectNameQualifier of type String
+     * @param subjectConfirmationMethod of type String
+     * @param subjectNameIDFormat of type String
+     */
+    public SubjectBean(
+        String subjectName, 
+        String subjectNameQualifier, 
+        String subjectConfirmationMethod,
+        String subjectNameIDFormat
+    ) {
+        this(subjectName, subjectNameQualifier, subjectConfirmationMethod);
+        this.subjectNameIDFormat = subjectNameIDFormat;
+    }
 
     /**
      * Method getSubjectName returns the subjectName of this SubjectBean object.
@@ -112,6 +133,26 @@ public class SubjectBean {
     }
     
     /**
+     * Method getSubjectNameIDFormat returns the subjectNameIDFormat of this SubjectBean

+     * object.
+     *
+     * @return the subjectNameIDFormat (type String) of this SubjectBean object.
+     */
+    public String getSubjectNameIDFormat() {
+        return subjectNameIDFormat;
+    }
+
+    /**
+     * Method setSubjectNameIDFormat sets the subjectNameIDFormat of this SubjectBean 
+     * object.
+     *
+     * @param subjectNameIDFormat the subjectNameIDFormat of this SubjectBean object.
+     */
+    public void setSubjectNameIDFormat(String subjectNameIDFormat) {
+        this.subjectNameIDFormat = subjectNameIDFormat;
+    }
+    
+    /**
      * Method getKeyInfo returns the keyInfo of this SubjectBean object.
      *
      * @return the keyInfo (type KeyInfoBean) of this SubjectBean object.
@@ -162,6 +203,13 @@ public class SubjectBean {
             return false;
         }
         
+        if (subjectNameIDFormat == null && that.subjectNameIDFormat != null) {
+            return false;
+        } else if (subjectNameIDFormat != null 
+            && !subjectNameIDFormat.equals(that.subjectNameIDFormat)) {
+            return false;
+        }
+        
         if (keyInfo == null && that.keyInfo != null) {
             return false;
         } else if (keyInfo != null && !keyInfo.equals(that.keyInfo)) {
@@ -186,6 +234,9 @@ public class SubjectBean {
         if (subjectConfirmationMethod != null) {
             result = 31 * result + subjectConfirmationMethod.hashCode();
         }
+        if (subjectNameIDFormat != null) {
+            result = 31 * result + subjectNameIDFormat.hashCode();
+        }
         if (keyInfo != null) {
             result = 31 * result + keyInfo.hashCode();
         }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java?rev=1144242&r1=1144241&r2=1144242&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
Fri Jul  8 10:33:31 2011
@@ -169,7 +169,7 @@ public class SAML1ComponentBuilder {
         
         nameIdentifier.setNameQualifier(subjectBean.getSubjectNameQualifier());
         nameIdentifier.setNameIdentifier(subjectBean.getSubjectName());
-        nameIdentifier.setFormat(SAML1Constants.NAMEID_FORMAT_UNSPECIFIED);
+        nameIdentifier.setFormat(subjectBean.getSubjectNameIDFormat());
         String confirmationMethodStr = subjectBean.getSubjectConfirmationMethod();
         
         if (confirmationMethodStr == null) {

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java?rev=1144242&r1=1144241&r2=1144242&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java
Fri Jul  8 10:33:31 2011
@@ -472,7 +472,7 @@ public class SAML2ComponentBuilder {
         }
         NameID nameID = nameIdBuilder.buildObject();
         nameID.setNameQualifier(subject.getSubjectNameQualifier());
-        nameID.setFormat(NameID.UNSPECIFIED);
+        nameID.setFormat(subject.getSubjectNameIDFormat());
         nameID.setValue(subject.getSubjectName());
         return nameID;
     }

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java?rev=1144242&r1=1144241&r2=1144242&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java
(original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java
Fri Jul  8 10:33:31 2011
@@ -58,6 +58,7 @@ public abstract class AbstractSAMLCallba
     protected CERT_IDENTIFIER certIdentifier = CERT_IDENTIFIER.X509_CERT;
     protected byte[] ephemeralKey = null;
     protected String issuer = null;
+    protected String subjectNameIDFormat = null;
     
     public void setConfirmationMethod(String confMethod) {
         confirmationMethod = confMethod;
@@ -83,6 +84,10 @@ public abstract class AbstractSAMLCallba
         this.issuer = issuer;
     }
     
+    public void setSubjectNameIDFormat(String subjectNameIDFormat) {
+        this.subjectNameIDFormat = subjectNameIDFormat;
+    }
+    
     /**
      * Note that the SubjectBean parameter should be null for SAML2.0
      */

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML1CallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML1CallbackHandler.java?rev=1144242&r1=1144241&r2=1144242&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML1CallbackHandler.java
(original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML1CallbackHandler.java
Fri Jul  8 10:33:31 2011
@@ -63,6 +63,9 @@ public class SAML1CallbackHandler extend
                     new SubjectBean(
                         subjectName, subjectQualifier, confirmationMethod
                     );
+                if (subjectNameIDFormat != null) {
+                    subjectBean.setSubjectNameIDFormat(subjectNameIDFormat);
+                }
                 if (SAML1Constants.CONF_HOLDER_KEY.equals(confirmationMethod)) {
                     try {
                         KeyInfoBean keyInfo = createKeyInfo();

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML2CallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML2CallbackHandler.java?rev=1144242&r1=1144241&r2=1144242&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML2CallbackHandler.java
(original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML2CallbackHandler.java
Fri Jul  8 10:33:31 2011
@@ -62,6 +62,9 @@ public class SAML2CallbackHandler extend
                     new SubjectBean(
                         subjectName, subjectQualifier, confirmationMethod
                     );
+                if (subjectNameIDFormat != null) {
+                    subjectBean.setSubjectNameIDFormat(subjectNameIDFormat);
+                }
                 if (SAML2Constants.CONF_HOLDER_KEY.equals(confirmationMethod)) {
                     try {
                         KeyInfoBean keyInfo = createKeyInfo();

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java?rev=1144242&r1=1144241&r2=1144242&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java Fri
Jul  8 10:33:31 2011
@@ -35,6 +35,7 @@ import org.apache.ws.security.message.WS
 import org.apache.ws.security.message.WSSecSAMLToken;
 import org.apache.ws.security.saml.ext.AssertionWrapper;
 import org.apache.ws.security.saml.ext.SAMLParms;
+import org.apache.ws.security.saml.ext.builder.SAML1Constants;
 import org.apache.ws.security.util.WSSecurityUtil;
 
 import org.w3c.dom.Document;
@@ -432,6 +433,86 @@ public class SamlTokenTest extends org.j
     }
     
     /**
+     * Test that creates, sends and processes an unsigned SAML 1.1 authentication assertion
with
+     * a user-specified SubjectNameIDFormat.
+     */
+    @org.junit.Test
+    public void testSAML1SubjectNameIDFormat() throws Exception {
+        SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
+        callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
+        callbackHandler.setIssuer("www.example.com");
+        callbackHandler.setSubjectNameIDFormat(SAML1Constants.NAMEID_FORMAT_EMAIL_ADDRESS);
+        
+        SAMLParms samlParms = new SAMLParms();
+        samlParms.setCallbackHandler(callbackHandler);
+        AssertionWrapper assertion = new AssertionWrapper(samlParms);
+
+        WSSecSAMLToken wsSign = new WSSecSAMLToken();
+
+        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        
+        Document unsignedDoc = wsSign.build(doc, assertion, secHeader);
+
+        String outputString = 
+            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(unsignedDoc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("SAML 1.1 Authn Assertion (sender vouches):");
+            LOG.debug(outputString);
+        }
+        assertTrue(outputString.contains(SAML1Constants.NAMEID_FORMAT_EMAIL_ADDRESS));
+        
+        List<WSSecurityEngineResult> results = verify(unsignedDoc);
+        WSSecurityEngineResult actionResult =
+            WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
+        AssertionWrapper receivedAssertion = 
+            (AssertionWrapper) actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+        assertTrue(receivedAssertion != null);
+        assertTrue(!receivedAssertion.isSigned());
+    }
+    
+    /**
+     * Test that creates, sends and processes an unsigned SAML 2 authentication assertion
with
+     * a user-specified SubjectNameIDFormat.
+     */
+    @org.junit.Test
+    public void testSAML2SubjectNameIDFormat() throws Exception {
+        SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
+        callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
+        callbackHandler.setIssuer("www.example.com");
+        callbackHandler.setSubjectNameIDFormat(SAML1Constants.NAMEID_FORMAT_EMAIL_ADDRESS);
+        
+        SAMLParms samlParms = new SAMLParms();
+        samlParms.setCallbackHandler(callbackHandler);
+        AssertionWrapper assertion = new AssertionWrapper(samlParms);
+
+        WSSecSAMLToken wsSign = new WSSecSAMLToken();
+
+        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        
+        Document unsignedDoc = wsSign.build(doc, assertion, secHeader);
+
+        String outputString = 
+            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(unsignedDoc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("SAML 2 Authn Assertion (sender vouches):");
+            LOG.debug(outputString);
+        }
+        assertTrue(outputString.contains(SAML1Constants.NAMEID_FORMAT_EMAIL_ADDRESS));
+        
+        List<WSSecurityEngineResult> results = verify(unsignedDoc);
+        WSSecurityEngineResult actionResult =
+            WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
+        AssertionWrapper receivedAssertion = 
+            (AssertionWrapper) actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+        assertTrue(receivedAssertion != null);
+        assertTrue(!receivedAssertion.isSigned());
+    }
+    
+    /**
      * Verifies the soap envelope
      * <p/>
      * 



Mime
View raw message